Community discussions

MikroTik App
 
zerobase
just joined
Topic Author
Posts: 15
Joined: Sun May 21, 2017 1:55 pm

MPLS neighbour addresses 'leaking'?

Sat Nov 21, 2020 9:24 am

I am new to MPLS/VPLS, so bear with me regarding the following question:

I have MPLS running between two sites (testing a VPLS tunnel) and noticed that when checking the ldp neighbor status on router R2 it shows all local addresses that are configured on router R1 (and v.v.):

R2:
[admin@R2] /mpls ldp neighbor print
Flags: X - disabled, D - dynamic, O - operational, T - sending-targeted-hello, V - vpls
 0 DO   transport=10.255.255.1 send-targeted=no peer=10.255.255.1:0 local-transport=10.255.255.2
        addresses=10.0.0.1,10.0.0.5,10.235.x.x,10.255.255.1,86.x.x.x,192.168.10.1,192.168.60.1,192.168.80.1,192.168.88.1,192.168.130.1,
          192.168.140.1,192.168.150.1,192.168.254.2
The 10.235.x.x is the address configured on the IPTV interface on R1 and the 86.x.x.x address is the internet address on R1.

I have routing filters in place (OSPF) that only advertise certain routes and discard all others.

R1 routing filters:
[admin@R1] > /routing filter print where chain=r2-out
Flags: X - disabled
 0   chain=r2-out prefix=192.168.10.0 prefix-length=24-32 invert-match=no action=accept set-bgp-prepend-path=""

 1   chain=r2-out prefix=192.168.130.0 prefix-length=24-32 invert-match=no action=accept set-bgp-prepend-path=""

 2   chain=r2-out prefix=10.0.0.4 prefix-length=30-32 invert-match=no action=accept set-bgp-prepend-path=""

 3   chain=r2-out prefix=10.255.255.1 prefix-length=32 invert-match=no action=accept set-bgp-prepend-path=""

 4   chain=r2-out invert-match=no action=discard set-bgp-prepend-path=""
I therefore was expecting that only 192.168.10.1, 192.168.130.1, 10.0.0.5 and 10.255.255.1 would be visible in the neighbour address list.

Is it normal behaviour to always show all local addresses from an ldp neighbour, or can these be filtered out?
 
mducharme
Trainer
Trainer
Posts: 1034
Joined: Tue Jul 19, 2016 6:45 pm

Re: MPLS neighbour addresses 'leaking'?

Sun Nov 22, 2020 1:57 am

You probably only want your loopback addresses to be advertised in the MPLS forwarding table. Assuming your loopbacks are in a single range, ex. 10.255.255.0/24, you would do something like this:
/mpls ldp advertise-filter
add prefix=10.255.255.0/24
add advertise=no
That tells the MikroTik to advertise any IPs within that 10.255.255.0/24 range but nothing outside of that.
 
zerobase
just joined
Topic Author
Posts: 15
Joined: Sun May 21, 2017 1:55 pm

Re: MPLS neighbour addresses 'leaking'?

Thu Nov 26, 2020 7:55 am

@mducharme: advertise-filters have been set, but still all addresses show up in the neigbor status page. Not a big issue, but I was just wondering whether this is normal behaviour or not.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1882
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: MPLS neighbour addresses 'leaking'?

Thu Nov 26, 2020 10:05 am

@mducharme: advertise-filters have been set, but still all addresses show up in the neigbor status page. Not a big issue, but I was just wondering whether this is normal behaviour or not.

You will have to disable / enable LDP interfaces or restart router for filters to take effect
MTCNA, MTCTCE, MTCRE & MTCINE
 
zerobase
just joined
Topic Author
Posts: 15
Joined: Sun May 21, 2017 1:55 pm

Re: MPLS neighbour addresses 'leaking'?

Fri Nov 27, 2020 6:51 pm

@CZfan: Rebooted the router (R1), but still all local addresses of router R1 show up on router R2 in the '/mpls ldp neighbor' menu (and v.v.)

Who is online

Users browsing this forum: No registered users and 4 guests