Show Command Outputs of Working MPLS VPN Configuration with PE-CE BGP (With a Route Reflector in the SP-CORE)

Following post will help in troubleshooting MPLS VPN configurations when a route reflector is in the SP-CORE network. These are the widely using show command outputs which you can compare and decide which has configured incorrectly.

To learn theory related to this configuration, please go through the following posts.

IPv4, IPv4 VRF & VPNv4 Address Families of BGP
Configuring MPLS L3 VPN with PE-CE BGP

For a same kind of post where there is no route reflector in the SP-CORE, please go through the following post.

Show Command Outputs of Working MPLS VPN Configuration with PE-CE BGP

Following is the diagram used in the post.

P-CORE will be the route-reflector. E0/0 interfaces of PE1 and PE2 are configured with sub interfaces and they are assigned to VRFs per customer. CE means customer edges and Green color areas are belong to customer 1 and the purple areas are belong to customer 2. SP CORE runs OSPF and MPLS and PS means Provider-Edge Switches. Loopbacks are configured like shown in the diagram and following are the configuration for each devices. Since this post is about to understand the show command outputs, configuration will not be explained, placing here only for the reference..

Configuration of the Custer Edge Routers..

Configuration of the Provider Edge Routers..

Configuration of the Provider Edge Switches..

Configuration of the Provider Core Router (The Route Reflector)..

Now let's go through the show commands..

show ip route
show ip route vrf <VRF>

show bgp summay
show ip bgp summay
show bgp ipv4 unicast summary
show ip bgp ipv4 unicast summary

All the above commands will give the same result and only the Customer Edge routers will have something to show for these commands..

show bgp vpnv4 unicast all summary

show bgp vpnv4 unicast all
show ip bgp vpnv4 all summary
show ip bgp vpnv4 all

show bgp vpnv4 unicast vrf <VRF> summary
show bgp vpnv4 unicast vrf <VRF>
show ip bgp vpnv4 vrf <VRF> summary
show ip bgp vpnv4 vrf <VRF>

These commands will be show outputs on Provider Edge routers where VRFs and VPNs are configured.. Provider Core will respond for vpnv4 all commands as it is the route reflector for VPNv4 address family.

Note:-
Note that the 1st 4 commands will result the both IPv4 VRF and VPNv4 family results while the last 4 commands will only show the IPv4 VRF family results. So there is no command to view only the VPNv4 family results..

show mpls forwarding-table

This is for Provider Edge and Provider Core routers.

Traceroutes and Forwarding

Now let's see what a trace route will show. Let's initiate one from a Customer Edge Router to its other side Customer Edge router.

However a traceroute from a Provider Edge to a Customer Edge router of the other side will not work because there is no return route advertised to that customer router..

But if you look at the mpls labeling for that same destination from the same Provider Edge router, you will see there are are 2 labels because it goes through the MPLS VPN.

16 will be the outer label and 20 will be the inner label in this case. What PE1 does is that it will add 20 and 16 on top of that and forward it to the 3.3.3.3 which should go through the 2.2.2.2 as per the topology (look at the mpls forwarding tables above). When 2.2.2.2 receives it, it will remove the label 16 and it will forward it to 3.3.3.3 and when 3.3.3.3 receives it, it will remove the label 20 and route as per the routing table.

Provider Core  Routers will not maintain any Customer Edge route as it is in the middle of the VPN..

Show Command Outputs of Working MPLS VPN Configuration with PE-CE BGP (Without a Route Reflector in the SP-CORE)

Following post will help in troubleshooting MPLS VPN configurations. These are the widely using show command outputs which you can compare and decide which has configured incorrectly.

To learn theory related to this configuration, please go through the following posts.

IPv4, IPv4 VRF & VPNv4 Address Families of BGP
Configuring MPLS L3 VPN with PE-CE BGP

For a similar example where a Route Reflector is in the SP-CORE please see the following post.

Show Command Outputs of Working MPLS VPN Configuration with PE-CE BGP (With a Route Reflector In the SP-CORE)

Following is the diagram used in the post.

E0/0 interfaces of PE1 and PE2 are configured with sub interfaces and they are assigned to VRFs per customer. CE means customer edges and Green color areas are belong to customer 1 and the purple areas are belong to customer 2. SP CORE runs OSPF and MPLS and PS means Provider-Edge Switches. Loopbacks are configured like shown in the diagram and following are the configuration for each devices. Since this post is about to understand the show command outputs, configuration will not be explained, placing here only for the reference..

Configuration of the Custer Edge Routers..

Configuration of the Provider Edge Routers..

Configuration of the Provider Edge Switches..

Configuration of the Provider Core Router..

Now let's go through the show commands..

show ip route
show ip route vrf <VRF>

show bgp summay
show ip bgp summay
show bgp ipv4 unicast summary
show ip bgp ipv4 unicast summary

All the above commands will give the same result and only the Customer Edge routers will have something to show for these commands..

show bgp vpnv4 unicast all summary
show bgp vpnv4 unicast all
show ip bgp vpnv4 all summary
show ip bgp vpnv4 all

show bgp vpnv4 unicast vrf <VRF> summary
show bgp vpnv4 unicast vrf <VRF>
show ip bgp vpnv4 vrf <VRF> summary
show ip bgp vpnv4 vrf <VRF>

These commands will be show outputs on Provider Edge routers where VRFs and VPNs are configured..

Note:-
Note that the 1st 4 commands will result the both IPv4 VRF and VPNv4 family results while the last 4 commands will only show the IPv4 VRF family results. So there is no command to view only the VPNv4 family results..

show mpls forwarding-table

This is for Provider Edge and Provider Core routers.

Traceroutes and Forwarding

Now let's see what a trace route will show. Let's initiate one from a Customer Edge Router to its other side Customer Edge router.

However a traceroute from a Provider Edge to a Customer Edge router of the other side will not work because there is no return route advertised to that customer router..

But if you look at the mpls labeling for that same destination from the same Provider Edge router, you will see there are are 2 labels because it goes through the MPLS VPN.

16 will be the outer label and 20 will be the inner label in this case. What PE1 does is that it will add 20 and 16 on top of that and forward it to the 3.3.3.3 which should go through the 2.2.2.2 as per the topology (look at the mpls forwarding tables above). When 2.2.2.2 receives it, it will remove the label 16 and it will forward it to 3.3.3.3 and when 3.3.3.3 receives it, it will remove the label 20 and route as per the routing table.

Provider Core  Routers will not maintain any Customer Edge route as it is in the middle of the VPN..