[131971] in North American Network Operators' Group
RE: GRE Tunnels and MPLS
daemon@ATHENA.MIT.EDU (Rettke, Brian)
Tue Nov 9 20:05:46 2010
From: "Rettke, Brian" <Brian.Rettke@cableone.biz>
To: "shimshah@cisco.com" <shimshah@cisco.com>, "nanog@nanog.org"
<nanog@nanog.org>
Date: Tue, 9 Nov 2010 18:04:16 -0700
In-Reply-To: <4CD85B4E.70409@cisco.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
It appears that about half of our web traffic is now being dropped, so prob=
lems continue. I'll have to double check MTU and TCP adjust-mss settings, b=
ut other than that I have no idea. I've heard that there are some issues wi=
th MPLS using some of the 67xx linecards, and apparently this is going to b=
e a huge problem for us.
________________________________________
From: Shimol Shah [shimshah@cisco.com]
Sent: Monday, November 08, 2010 1:19 PM
To: nanog@nanog.org
Subject: Re: GRE Tunnels and MPLS
Good deal. Sounds like a plan.
Shimol
On 11/8/10 2:00 PM, Rettke, Brian wrote:
> This seems to be working now with the 'mls mpls tunnel-recir' command ent=
ered. There are some potential downsides, but this should get things up and=
running until I create the new backup tunnels (GRE over IPSec) on a connec=
ted router that is not MPLS-enabled. Thanks!
>
> Sincerely,
>
> Brian A . Rettke
> RHCT, CCDP, CCNP, CCIP
> Network Engineer, CableONE Internet Services
>
>
> ------------------------------
>
> Message: 6
> Date: Thu, 04 Nov 2010 16:49:55 -0400
> From: Shimol Shah<shimshah@cisco.com>
> Subject: Re: GRE Tunnels and MPLS
> To: nanog@nanog.org
> Message-ID:<4CD31C73.80004@cisco.com>
> Content-Type: text/plain; charset=3DISO-8859-1; format=3Dflowed
>
> Do you have recir enabled ? If not, good one to enable and check for
> status of issue.
>
> http://www.cisco.com/en/US/docs/ios/mpls/command/reference/mp_m1.html#wp1=
012208
>
> "If you do not enable tunnel-MPLS recirculation, the IPv4 and
> IPv4-tunneled packets that need to be labeled (for example, the packets
> that are encapsulated with an MPLS header) will be corrupted when they
> are transmitted from the Cisco 7600 series router."
>
> Shimol
>
> On 11/4/10 4:00 PM, Rettke, Brian wrote:
>> Beginning work on our implementation of MPLS for the backbone network. I=
've run into difficulty with our GRE tunnels. The GRE Tunnel sits on our co=
-lo router (a Cisco 7600), and it uses a route-map to push our 10.x modem t=
raffic to our DHCP servers. This is because the backbone is not complete an=
d DHCP traffic needs to traverse the internet. What I have found is that wh=
en I enable basic MPLS on the co-location interfaces that head back to the =
individual systems, DHCP traffic still works, but ICMP and other 10.x traff=
ic dies. There is also an intermittent problem with DHCP when it is enabled=
, where not all DISCOVERS are answered. I've tried everything I can think o=
f, including adjusting MTU and TCP MSS. It only seems to impact when the co=
-location router has a GRE tunnel on one buffer, which it terminates, and t=
hen it has to encapsulate traffic with an MPLS tag before sending out of th=
e other buffer. Theoretically, it should work, but I can't figure out if th=
ere is some pro
b
> lem with MPLS' interaction with the tunnel. Has anyone encountered someth=
ing similar?
>>
>> Sincerely,
>>
>> Brian A . Rettke
>> RHCT, CCDP, CCNP, CCIP
>> Network Engineer, CableONE Internet Services
>>
>>
>
