Routing

Expand all | Collapse all

what does "icmp tunneling" mean in mpls vpn

Jump to Best Answer
  • 1.  what does "icmp tunneling" mean in mpls vpn

    Posted 10-18-2012 07:00
    it is appreicated if u can make a simple diagram to show me this


  • 2.  RE: what does "icmp tunneling" mean in mpls vpn

    Posted 10-18-2012 21:20

     

    hi,

     

    When you configure MPLS to tunnel through a routing domain, it is difficult to route a fragmented packet to its source address; for example, when the IP addresses carried in a packet are private (not globally unique) and MPLS is used to tunnel the packets through a public backbone.

    When you configure ICMP message tunneling, an Internet Control Message Protocol (ICMP) message is sent to the source of a packet. The label stack is copied from the original packet to the ICMP message. The ICMP message is then label switched across the network. This causes the message to go to the original packet destination, rather than its source. Unless the message is label switched all the way to the destination host, it ends up unlabeled in a router that does know the source of the original packet, at which point the message is sent in the proper direction.

    ICMP message tunneling can be useful for debugging and tracing purposes if the message is an ICMP time exceeded messages.

     

     

     



  • 3.  RE: what does "icmp tunneling" mean in mpls vpn

    Posted 10-19-2012 00:22

     Hi,

    To explain ICMP tunneling in MPLS, consider traceroute operation. 

    In normal traceroute, the node which sees the packets with TTL 0 will send the ICMP TTL expired message to the SRC.

     

    But in MPLS network, the routers in the middle don't have to know the routing information of the SRC/DST. They can be pure label switching routers. ( Ex: BGP free Core ).  In that case, those routers won't be able to send the "TTL Expired" message directly to the SRC of the original packet.

     

    To overcome this issue,  the ICMP packet will be sent towards the DST through the LSP in which the original packet came, and the remote end of the LSP will get the ICMP packet which will be routed towards the SRC through another LSP.

     

    Normal Trace Operation

    IP Trace

     

     

     

     

     MPLS Trace ( ICMP Tunnelling) Operation.

     MPLS Trace

     

     

     Ex -

    When SRC sends a packet with TTL=2, Router 2 will recieve the labeled packet through an LSP ( lsp R1-to-R4)

     

    Router2 will drop the original packet and generate an "ICMP TTL Expired" message with destination IP  of SRC and the labels of the original packet and label-switch along the original LSP ( R1-to-R4)

     

    ICMP message will be label switched and reach Router 4 , and it will do route lookup and send the ICMP packet towards SRC through an LSP ( lsp R4-to-R1)

     

     

     

     



  • 4.  RE: what does "icmp tunneling" mean in mpls vpn

    Posted 10-19-2012 00:51
    woooo,also R4 should know the route of src ,right? it means r1 needs to advertise its vrf interface to peer R4 (PE),right?


  • 5.  RE: what does "icmp tunneling" mean in mpls vpn
    Best Answer

    Posted 10-19-2012 01:01

    Hi,

     

    R1 and R4 will be PEs which will have routing informations via MP-BGP and PE-CE protocols.

     

    Regards,

    Moses N



  • 6.  RE: what does "icmp tunneling" mean in mpls vpn

    Posted 01-19-2013 09:45

    Good explanation many thanks Moses


    @mosesnehru wrote:

    Hi,

     

    R1 and R4 will be PEs which will have routing informations via MP-BGP and PE-CE protocols.

     

    Regards,

    Moses N


     



  • 7.  RE: what does "icmp tunneling" mean in mpls vpn

    Posted 06-17-2019 23:15

    Hi,

     

    The core provider routers will not able to get any routing update, because it having label information only. So to make core routers to learn routing information icmp tunneling is used. 

     

    Regards,

    Abhay  



  • 8.  RE: what does "icmp tunneling" mean in mpls vpn

    Posted 06-17-2019 23:42

    Has a use case while performing a traceroute (from the CE to CE or CE to destination PE), the ttl expired packets encountered by P nodes would be sent towards the destination CE (or PE) by copying the label stack along with a ttl of 255 (I believe) so that the destination can perform the routing back to the source CE. The icmp error packet (ttl expired) generated by the P nodes would have information about the incoming interface, and hence would be reported in the traceroute output. Without "icmp tunneling" these packets would get dropped at the P nodes since they won't have any information regarding the vpn destination.