Using traceroute in MPLS networks

sewlist · June 17, 2009, 9:45am

Hi guys,

im trying to understand the Penultimate hop popping errror produced by traceroute

on my network when i traceroute to my peer where we co-locate i get the timeout which is right according to documentation , but is there anyway to avoid this and still see the lables?

ADDRESS STATUS
1 x.100.0.1 2ms 1ms 1ms
2 x.168.253.1 4ms 3ms 3ms
mpls-label=3873
3 0.0.0.0 timeout timeout timeout
4 x.168.249.254 3ms 3ms 2ms
5 x.10.45.254 6ms 5ms 2ms
6 x.221.1.208 3ms 5ms 2ms

How come when i traceroute for example to google, they also show mpls lables but there is no Penultimate hop popping happening timeouts from the ISPs? is this a way they configure their mpls domain ips?

example
2 196.44.0.172 246ms 246ms 246ms
mpls-label=270992 exp=1
3 196.44.31.203 248ms 253ms 248ms
mpls-label=112786 exp=1
4 209.212.127.129 268ms 314ms 318ms
5 198.32.160.130 246ms 246ms 246ms
6 209.85.255.68 247ms 292ms 246ms
7 209.85.251.9 267ms 268ms 268ms
8 72.14.232.213 268ms 269ms 268ms
9 209.85.253.145 270ms 270ms 270ms
10 74.125.45.99 268ms 269ms 268ms

Thanks

S

Mplsguy · June 17, 2009, 2:28pm

http://wiki.mikrotik.com/wiki/MPLSVPLS#Penultimate_hop_popping_and_traceroute_source_address is talking about missing traceroute reply from first hop. The reason discussed there should not cause any further hop replies to be lost (assuming that everything is set up properly and operational). So this must be something else. Please provide more information on your network setup.

sewlist · June 17, 2009, 3:53pm

okay let me try be more clear about network setup

i’ve enabled mpls ldp on the all the primary routers

ill use below tracroute as how mpls is enabled for that route, hope its ok?

tool traceroute x.221.1.208 src-address=10.10.11.105
ADDRESS STATUS
1 172.101.1.1 2ms 1ms 1ms
2 10.168.253.5 3ms 2ms 2ms
mpls-label=3115
3 10.168.253.1 5ms 2ms 2ms
mpls-label=3873
4 0.0.0.0 timeout timeout timeout
5 192.168.249.254 3ms 2ms 2ms
6 10.10.45.254 3ms 3ms 2ms
7 x.221.1.208 3ms 2ms 3ms

hop 1 mpls ldp enabled on loopback 10.255.255.3/32
hop 2 mpls ldp on loopback 10.255.255.2/32
hop 3 mpls ldp on loopback 10.255.255.1/32
hop 4 mpls ldp on loopback 10.255.255.23/32
hop 5 and 6 mpls was enabled but I need to masquerade to a certain ip at co-location so had to disable it
hop 7 is server

I can traceroute perfect between routers using the correct 10.255.255.x source ip address, and my above traceroutes works fine, however its looks “ugly” in the trace for clients who does checks on their stations

does this makes sense above? I presume hop 4 is the egress LER ?

Thanks

S

Mplsguy · June 17, 2009, 7:04pm

On which hop do you masquerade? And how is propagate-ttl configured on your LSRs?

sewlist · June 18, 2009, 7:45am

on hop 5 and 6 which is the same router I masquerade to just one ip which we can’t route to

If i enable mpls ldp on hop 5 and 6 , i get the timeout in the traceroute just after that

mpls propagate-ttl: yes on all the routers

S