Fault Symptom
The PE is configured with BGP/MPLS VPN services, which are classified into signaling VPN services and media VPN services. CE1 is an Access Gateway (AG) device; CE2 is a Softswitch device (Soft3000); CE1 and CE2 are in the same VPN. After the configuration is complete, it is found that CE1 cannot register with CE2.
Fault Analysis
1. Run the display bgp vpnv4 all peer command on PE1 and PE2. It is found that the BGP peer relationships between the PEs and between the PEs and CEs are in the Established state.
2. Run the ping -vpn-instance vpn-instance-name command on PE1 and PE2. It is found that the PEs can ping the corresponding CEs successfully.
3. Run the display ip routing-table vpn-instance vpn-instance-name command on PE1 and PE2. It is found that PE1 and PE2 have VPN instance routes that are destined for each other.
4. Run the display bgp vpnv4 all routing-table 10.1.1.1 command on PE1 to view the information about the BGP routes to the network segment 10.1.1.1/24. It is found that there are two routes in the signaling VPN and no route in the VPN instance.
Total routes of Route Distinguisher(65029:2995): 2
BGP routing table entry information of 10.1.1.1/24:
Label information (Received/Applied): 589826/NULL
From: 11.1.1.1 (11.1.1.1)
Original nexthop: 12.1.1.1
Ext-Community: <65029 : 2995>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, best, pre 255
Originator: 12.1.1.1
Cluster list: 11.1.1.1
Not advertised to any peer yet
BGP routing table entry information of 172.16.7.20/30:
Label information (Received/Applied): 589826/NULL
From: 11.1.1.2 (11.1.1.2)
Original nexthop: 12.1.1.1
Ext-Community: <65029 : 2995>
AS-path Nil, origin incomplete, MED 0, localpref 100, pref-val 0, valid, internal, pre 255
Originator: 12.1.1.1
Cluster list: 11.1.1.2
Not advertised to any peer yet
5. Run the display current-configuration configuration vpn-instance vpn-instance-name command on PE1 to view the configurations of the VPN instance. It is found that route restriction is configured in the signaling VPN of PE1.
ip vpn-instance ngn-signal
route-distinguisher 65029:2995
apply-label per-instance
routing-table limit 100 80
vpn-target 65029:2995 export-extcommunity
vpn-target 65029:2995 import-extcommunity
6. Run the display ip routing-table vpn-instance vpn-instance-name statistics command on PE1 to view the statistics on the routes of the VPN instance. It is found that the number of the routes of the VPN instance exceeds the threshold of route restriction.
Proto total original active original added deleted freed
routes routes routes active routes routes routes
DIRECT 10 10 10 10 10 0 0
STATIC 1 1 1 1 2 1 1
RIP 0 0 0 0 0 0 0
OSPF 8 8 6 6 13 5 5
IS-IS 0 0 0 0 0 0 0
BGP 81 81 34 34 0 0 0
Total 100 100 51 51 25 6 6
The number of actual VPN instance routes exceeds the threshold of route restriction. Therefore, new VPN instance routes from PE2 cannot be added to the VPN routing table on PE1. As a result, the AG cannot register with the softswitch.
Procedure
1. Run the system-view command on PE1 to enter the system view.
2. Run the ip vpn-instance vpn-instance-name command on PE1 to enter the VPN instance view.
3. Run the routing-table limit 200 80 command on PE1 to re-configure the maximum number of routes supported by the current VPN instance.
After the preceding operations, CE2 can be pinged successfully from CE1, and CE1 can register with CE2. The fault is rectified.
Summary
If the maximum number of routes supported by the VPN instance is configured, you need to check whether the actual routes in an VPN instance exceeds the configured upper threshold.
