[All About Switches]Remote Cross Cannot Be Performed for L3VPN Routes

Involved Products and Versions

None

Networking

None

Fault Symptom

The local device cannot display private routes advertised by a remote PE.

Cause Analysis

Check information about VPNv4 routes and VPN instances.

<switch> display bgp vpnv4 all routing-table 176.43.137.0 24

BGP local router ID : 172.30.212.226
Local AS number : 34984
 
Total routes of Route Distinguisher(34984:888): 2
BGP routing table entry information of 176.43.137.0/24:
Label information (Received/Applied): 3742/NULL
From: 172.28.111.14 (172.28.111.14)
Route Duration: 16h21m59s 
Relay IP Nexthop: 0.0.0.0
Relay IP Out-Interface: -------IP route iteration failure
Relay Tunnel Out-Interface: Vlanif20
Relay token: 0x480057f1
Original nexthop: 85.29.0.46
Qos information : 0x0
Ext-Community:RT <34984 : 380>, RT <34984 : 381>, 
RT <34984 : 888>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, internal, pre 255
Originator: 85.29.0.46
Cluster list: 172.28.111.14, 92.44.0.5
Not advertised to any peer yet
 
BGP routing table entry information of 176.43.137.0/24:
Label information (Received/Applied): 3742/NULL
From: 172.28.111.203 (172.28.111.203)
Route Duration: 16h17m30s 
Relay IP Nexthop: 0.0.0.0
Relay IP Out-Interface: 
Relay Tunnel Out-Interface: Vlanif20
Relay token: 0x480057f1 
Original nexthop: 85.29.0.46
Qos information : 0x0
Ext-Community:RT <34984 : 380>, RT <34984 : 381>, 
RT <34984 : 888>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, internal, pre 255
Originator: 85.29.0.46
Cluster list: 172.28.111.203, 92.44.0.5
Not advertised to any peer yet

<switch>display current-configuration configuration vpn-instance WiFi_AP

#
ip vpn-instance WiFi_AP
ipv4-family
route-distinguisher 34984:1670
tnl-policy lsp-lb
routing-table limit 4000 80
vpn-target 34984:1671 export-extcommunity
vpn-target 34984:1670 34984:888 import-extcommunity
#
return

In the command output, the Relay IP Out-Interface field is empty, indicating an IP route iteration failure. As a result, the current VPNv4 routes are not optimal and are not copied to the VPN instance.

Check the LSP of the IP address 85.29.0.46. The command output shows that there is a corresponding LSP.

<switch>dis mpls lsp include 85.29.0.46 32

                               
-------------------------------------------------------------------- 
                 LSP Information: RSVP LSP                                      
---------------------------------------------------------------------
FEC                In/Out Label  In/Out IF                      Vrf Name        
85.29.0.46/32      3/NULL        XGE4/0/0/- 

Check routes matching the IP address 85.29.0.46. In the command output, only the default route is displayed and no specific route exists.

 
<CORE1>dis ip routing-table  85.29.0.46                                           
Route Flags: R - relay, D - download to fib                                     
------------------------------------------------------------------------------  
Routing Table : Public                                                           
Summary Count : 1                                                               
Destination/Mask    Proto   Pre  Cost      Flags NextHop         Interface      
                                                                                
        0.0.0.0/0   O_ASE   150  1           D   163.139.128.226 XGigabitEtherne
t4/0/1  

Troubleshooting Procedure

An IP route fails to be iterated generally because there is no specific route to the next hop. Add a specific route matching the IP address 85.29.0.46.

Conclusions and Suggestions

The next hop of a VPNv4 route cannot be the default route.