Junos OS

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about Junos OS.
  • 1.  MPLS VPN Packet Capture

    Posted 12-10-2018 09:27

    Dear Experts,

     

    I am runnging out of idea regarding one issue I am facing.

    Indeed, I failing to get MPLS VPN traffic b/w two juniper mx PE routers.

     

    Below is an overview of the architecture :

    HOST-A <<<>>>> PE1<<<< OSPF+MPLS RSVP+L3VPN>>>>>PE2<<>>>>HOSTB

    Low Level, I do have PE1<<<<<<TX1(L2)>>><<<<<TX2(L2)<<<>>>>PE2

     

    I have tried to mirror the port at either interfaces facing PE1/PE2 (Or b/w PE1<<<>>T1 and other side also).

     

    Unfortunately, I could get only OSPF (with BFD) and RSVP signal traffic.  Nowhere, I could see the MPLS VPN traffic.

     

    Test Case 1 -- No MPLS VPN traffic--- This is the way I use to pick traces which always works. But could see the traffic utilization is more than 300 Mbps. How comes I am getting only control traffic ?

     

    set forwarding-options port-mirroring input rate 1
    set forwarding-options port-mirroring input run-length 1
    set forwarding-options port-mirroring family inet output interface ge-1/0/7.0 next-hop 1.1.1.2
    set forwarding-options port-mirroring family inet output no-filter-check


    set firewall family inet filter port-mirror term 1 then port-mirror
    set firewall family inet filter port-mirror term 1 then accept
    set firewall family inet filter port-mirror term 2 then accept

    set interfaces ge-1/0/5 unit XXX family inet filter input port-mirror
    set interfaces ge-1/0/5 unit XXX family inet filter output port-mirror

     

    Test Case 2 -- No MPLS VPN traffic--- This is the way I use to pick traces which always works. But could see the traffic utilization is more than 300 Mbps. How comes I am getting only control traffic ?

     

    Since TX node is used as a switch,  I've mirrored the related port to check... It was same content.

     

     

    Required Help :

    1. Is this behaviour normal ? what could explain this ?

    2. If the case, it means the nodes (TX) in b/w cannot manage the QoS from packet coming from PEx ? This is what is being observed. Only control traffic (OSPF hello, RSVP, etc--> DSCP CS6) can been seen in qos map at TX side while the MPLS VPN traffic (huge) is all reflected in default queue (DSCP BE) and not visible with wireshark. Please advise.

     

    Note: I used two differents laptop for the test.

     

     

     



  • 2.  RE: MPLS VPN Packet Capture
    Best Answer

    Posted 12-10-2018 09:58

    Hello,


    @Ephs_NE wrote:

    Dear Experts,

     

     

     

    I have tried to mirror the port at either interfaces facing PE1/PE2 (Or b/w PE1<<<>>T1 and other side also).

     

    Unfortunately, I could get only OSPF (with BFD) and RSVP signal traffic.  Nowhere, I could see the MPLS VPN traffic.

     

    Test Case 1 -- No MPLS VPN traffic--- This is the way I use to pick traces which always works. But could see the traffic utilization is more than 300 Mbps. How comes I am getting only control traffic ?

     

    set forwarding-options port-mirroring input rate 1
    set forwarding-options port-mirroring input run-length 1
    set forwarding-options port-mirroring family inet output interface ge-1/0/7.0 next-hop 1.1.1.2
    set forwarding-options port-mirroring family inet output no-filter-check

     

     Well, You asked the MX to mirror IPv4 traffic for You and it dutifully showed You only IP traffic - which on this link happens to be only control traffic. MPLS VPN traffic is NOT IP - it has a different Ethertype 0x8847 to start with, whereas IP has 0x800.

    You need to replace "family inet" with "family any". You don't need the "next-hop" knob then.

    More information on MX port-mirror for "family any" is here

    https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/services-configuring-port-mirroring-family-any.html

    HTH

    Thx

    Alex

     



  • 3.  RE: MPLS VPN Packet Capture

    Posted 12-10-2018 13:18

    Hello Alex, Thanks for your support.



  • 4.  RE: MPLS VPN Packet Capture

    Posted 03-25-2019 04:56

    Hi. I'm Jeong.

     

    I read a your question & solution.

     

    I'm having the same difficulties now, can I see the full config?

     

    Thank you.



  • 5.  RE: MPLS VPN Packet Capture

    Posted 11-15-2019 02:38

    Hi Jeong,

     

    Did you get the full config ? I have the same issue 😞

     

    Thanks!

     

    Thomas