Re: [mpls-linux-general] MPLS on Virtual machines - no connectivity

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Fedora 8 seems to, by default, have a rule which rejects forwarding ping
requests.  

Look at the contents of all the tables using # iptables -L

Try running # iptables -F FORWARD on LER1 and LER2 to flush the FORWARD
tables.

________________________________

From: Ricardo Faria [mailto:ric...@fe...] 
Sent: 13 May 2009 01:40
To: mpl...@li...
Subject: [mpls-linux-general] MPLS on Virtual machines - no connectivity

Hello,

I'm new to mpls and I'm my final college project is based on mpls.

 I was trying to put it to work in fedora 8 virtual machine (VMware). I
installed all the rpms from the rep, getting the mpls 1.962 version on a

i386 kernel, and made 4 copies of that VM. Then follow the "MPLS for
Linux: IPv4 over MPLS: two LER one LSR example for mpls-linux-1.95x", (i
know is not the same version, but i suspect that the commands are the
same).

This is my exact configuration:

                                                     172.16.0.0/24

10.0.0.2/32                                          |
10.0.0.3/32

  eth4                                                     |
eth7

    |                                                         |

 --------eth3       eth6------eth5    v  eth3------eth5
eth6--------

| HOST A |---------| LER1 |-------------| LER2 |---------| HOST B |

     ---------2    ^        3-------2                      3-------3
^      4--------

                          |
|

                          |
|

            192.168.0.0/24
192.168.1.0/24

Host A

ifconfig eth4 10.0.0.2/32

ifconfig eth3 192.168.0.2/24

LER1

ifconfig eth6 192.168.0.3/24

ifconfig eth5 172.16.0.2/24

LER2

ifconfig eth3 172.16.0.3/24

ifconfig eth5 192.168.1.3/24

Host B

ifconfig eth7 10.0.0.3/32

ifconfig eth6 192.168.1.4/24

Traffic from HOST A to HOST B

=============================

HOST A

------

modprobe mpls4

ip route add 10.0.0.3/32 via 192.168.0.3 src 10.0.0.2

LER1

-----

modprobe mpls4

mpls nhlfe add key 0 instructions push gen 1000 nexthop eth5 ipv4
172.16.0.3   (returns key 0x2)

ip route add 10.0.0.3/32 via 172.16.0.3 mpls 0x2

echo 1 > /proc/sys/net/ipv4/ip_forward

LER2

-----

modprobe mpls4

mpls labelspace set dev eth3 labelspace 0

mpls ilm add label gen 1000 labelspace 0

mpls nhlfe add key 0 instructions nexthop eth5 ipv4 192.168.1.4
(returns key 0x2) 

mpls xc add ilm_label gen 1000 ilm_labelspace 0 nhlfe_key 0x2

Traffic from HOST B to HOST A

=============================

HOST B

------

modprobe mpls4

ip route add 10.0.0.2/32 via 192.168.1.3 src 10.0.0.3

LER2

-----

modprobe mpls4

mpls nhlfe add key 0 instructions push gen 2000 nexthop eth3 ipv4
172.16.0.2   (returns key 0x3)

ip route add 10.0.0.2/32 via 172.16.0.2 mpls 0x3

echo 1 > /proc/sys/net/ipv4/ip_forward

LER1

-----

modprobe mpls4

mpls labelspace set dev eth5 labelspace 0

mpls ilm add label gen 2000 labelspace 0

mpls nhlfe add key 0 instructions nexthop eth6 ipv4 192.168.0.2
(returns key 0x3) 

mpls xc add ilm_label gen 2000 ilm_labelspace 0 nhlfe_key 0x3

I execute all, but in the end i don't have any connectivity. I would
like to know if a simple ping from host A to Host B should have a
response (witch i already tried without success) , or i have to execute
some special command to test the mpls. Also, for this example, do i have
to add something to iptables or route add something else? Should this
few commands in the example work without nothing else?

In attachment I put the output of the commands: "ip link show", "ip
route show", "mpls nhlfe show", "mpls ilm show", "mpls labelspace show"
and "lsmod" for each computer.

Thanks for the help you could give me, but I'm starting with this and
I'm getting a lot of difficulties just to start.

Also if you have other tutorial, i would appreciate that.

The information contained in this E-Mail and any subsequent 
correspondence is private and is intended solely for the intended 
recipient(s).  The information in this communication may be 
confidential and/or legally privileged.  Nothing in this e-mail is 
intended to conclude a contract on behalf of QinetiQ or make QinetiQ 
subject to any other legally binding commitments, unless the e-mail 
contains an express statement to the contrary or incorporates a formal Purchase Order.

For those other than the recipient any disclosure, copying, 
distribution, or any action taken or omitted to be taken in reliance 
on such information is prohibited and may be unlawful.

Emails and other electronic communication with QinetiQ may be 
monitored and recorded for business purposes including security, audit 
and archival purposes.  Any response to this email indicates consent 
to this.

Telephone calls to QinetiQ may be monitored or recorded for quality 
control, security and other business purposes.

QinetiQ Limited
Registered in England & Wales: Company Number:3796233
Registered office: 85 Buckingham Gate, London SW1E 6PD, United Kingdom
Trading address: Cody Technology Park, Cody Building, Ively Road, Farnborough, Hampshire, GU14 0LX, United Kingdom 
http://www.qinetiq.com/home/notices/legal.html