Page 1 of 1

MPLS neighbour addresses 'leaking'?

Posted: Sat Nov 21, 2020 9:24 am
by zerobase
I am new to MPLS/VPLS, so bear with me regarding the following question:

I have MPLS running between two sites (testing a VPLS tunnel) and noticed that when checking the ldp neighbor status on router R2 it shows all local addresses that are configured on router R1 (and v.v.):

R2:
[admin@R2] /mpls ldp neighbor print
Flags: X - disabled, D - dynamic, O - operational, T - sending-targeted-hello, V - vpls
 0 DO   transport=10.255.255.1 send-targeted=no peer=10.255.255.1:0 local-transport=10.255.255.2
        addresses=10.0.0.1,10.0.0.5,10.235.x.x,10.255.255.1,86.x.x.x,192.168.10.1,192.168.60.1,192.168.80.1,192.168.88.1,192.168.130.1,
          192.168.140.1,192.168.150.1,192.168.254.2
The 10.235.x.x is the address configured on the IPTV interface on R1 and the 86.x.x.x address is the internet address on R1.

I have routing filters in place (OSPF) that only advertise certain routes and discard all others.

R1 routing filters:
[admin@R1] > /routing filter print where chain=r2-out
Flags: X - disabled
 0   chain=r2-out prefix=192.168.10.0 prefix-length=24-32 invert-match=no action=accept set-bgp-prepend-path=""

 1   chain=r2-out prefix=192.168.130.0 prefix-length=24-32 invert-match=no action=accept set-bgp-prepend-path=""

 2   chain=r2-out prefix=10.0.0.4 prefix-length=30-32 invert-match=no action=accept set-bgp-prepend-path=""

 3   chain=r2-out prefix=10.255.255.1 prefix-length=32 invert-match=no action=accept set-bgp-prepend-path=""

 4   chain=r2-out invert-match=no action=discard set-bgp-prepend-path=""
I therefore was expecting that only 192.168.10.1, 192.168.130.1, 10.0.0.5 and 10.255.255.1 would be visible in the neighbour address list.

Is it normal behaviour to always show all local addresses from an ldp neighbour, or can these be filtered out?

Re: MPLS neighbour addresses 'leaking'?

Posted: Sun Nov 22, 2020 1:57 am
by mducharme
You probably only want your loopback addresses to be advertised in the MPLS forwarding table. Assuming your loopbacks are in a single range, ex. 10.255.255.0/24, you would do something like this:
/mpls ldp advertise-filter
add prefix=10.255.255.0/24
add advertise=no
That tells the MikroTik to advertise any IPs within that 10.255.255.0/24 range but nothing outside of that.

Re: MPLS neighbour addresses 'leaking'?

Posted: Thu Nov 26, 2020 7:55 am
by zerobase
@mducharme: advertise-filters have been set, but still all addresses show up in the neigbor status page. Not a big issue, but I was just wondering whether this is normal behaviour or not.

Re: MPLS neighbour addresses 'leaking'?

Posted: Thu Nov 26, 2020 10:05 am
by CZFan
@mducharme: advertise-filters have been set, but still all addresses show up in the neigbor status page. Not a big issue, but I was just wondering whether this is normal behaviour or not.

You will have to disable / enable LDP interfaces or restart router for filters to take effect

Re: MPLS neighbour addresses 'leaking'?

Posted: Fri Nov 27, 2020 6:51 pm
by zerobase
@CZfan: Rebooted the router (R1), but still all local addresses of router R1 show up on router R2 in the '/mpls ldp neighbor' menu (and v.v.)