Cisco Service Control MPLS/VPN Solution Guide, Rel 3.1.5 - Managing MPLS/VPN Support [Cisco Service Control Application for Broadband]

Table Of Contents

Managing MPLS/VPN Support

How to Manage MPLS/VPN Support via SNMP

MPLS/VPN MIB Objects

MPLS/VPN Traps

How to Monitor MPLS/VPN Support via SCE Platform CLI

How to Display VPN-related Mappings

How to Display Mappings for a Specified VPN

How to Display a Listing of all VPNs

How to Display Subscriber Mappings for an IP range on a Specified VPN

How to Display the Number of Subscribers Mapped to an IP range on a Specified VPN

How to Display the Name of the Subscriber Mapped to a Specified VPN

How to Display the Mappings of Upstream Labels that Belong to Non-VPN Flows

How to Clear Upstream VPN Mappings

Options

How to Monitor Subscriber Counters

About Subscriber Counters

Monitoring Subscriber Counters: Example

How to Monitor MPLS/VPN Counters

Monitoring MPLS/VPN Counters: Example

How to Monitor the PE Routers

How to Display the Configuration of all Currently Defined PE Routers

How to Display the Configuration of a Specified PE Router

How to Monitor Bypassed VPNs

How to Display the Currently Bypassed VPNs

How to Remove all Learned Bypassed VPNs

How to Monitor Non-VPN Mappings

How to Display Non-VPN Mappings

How to Remove all Learned non-VPN Mappings

How to Manage MPLS/VPN Support via SM CLU

Managing VPNs

Options

How to Add a New MPLS-based VPN

How to Remove a VPN

How to Display VPN Information

How to Manage VPN Mappings

How to Add Mappings to VPN-based Subscribers

How to Add IP Address Mappings

How to Add VPN-based Mappings

How to Configure the Community Parameter

How to Remove VPN Mappings from Subscribers

To Remove All Existing Mappings from a Specified Subscriber

To Remove a Specified IP Mapping from a Specified Subscriber

To Remove a Specified VPN Mapping from a Specified Subscriber

To Remove a Specified Community-based Mapping from a Specified Subscriber

How to Monitor Subscriber MPLS/VPN Mappings

Managing MPLS/VPN Support

This module explains how to manage MPLS/VPN support.

•How to Manage MPLS/VPN Support via SNMP

•How to Monitor MPLS/VPN Support via SCE Platform CLI

•How to Manage MPLS/VPN Support via SM CLU

How to Manage MPLS/VPN Support via SNMP

SNMP support for MPLS/VPN auto-learn is provided in two ways:

•MIB variables

•SNMP traps

MPLS/VPN MIB Objects

The mplsVpnAutoLearnGrp MIB object group (pcubeSEObjs 17) contains information regarding MPLS/VPN auto-learning.

The objects in the mplsVpnAutoLearnGrp provide the following information:

•maximum number of mappings

•allowed current number of mappings

For more information, see the "Proprietary MIB Reference" in the Cisco Service Control Engine Software Configuration Guide.

MPLS/VPN Traps

There is one MPLS/VPN-related trap:

•mplsVpnTotalHWMappingsThresholdExceeded (pcubeSeEvents 45)

To provide online notification of a resource deficiency, when the system reaches a level of 80% utilization of the hardware MPLS/VPN mappings, a warning message appears in the user log, and this SNMP trap is sent.

Both the warning and the trap are sent for each 100 mappings that are added after the threshold has been exceeded.

How to Monitor MPLS/VPN Support via SCE Platform CLI

The SCE platform CLI allows you to do the following:

•Display VPN-related mappings

•Monitor subscriber counters

•Monitor PE routers

•Monitor bypassed VPNs

How to Display VPN-related Mappings

Use the following Viewer commands to display subscriber mappings. These commands display the following information:

•All the mappings for a specified VPN

•A listing of all currently logged-in VPNs

•A listing of all subscribers mapped to an IP range on a specified VPN

•The number of subscribers mapped to an IP range on a specified VPN

•The subscriber to whom a specified downstream mapping (PE loopback IP address &BGP label) is mapped. (This option is provided for backwards compatibility and has certain restrictions. See below How to Display the Name of the Subscriber Mapped to a Specified VPN.)

How to Display Mappings for a Specified VPN

•Options

•Displaying Mappings for a Specified VPN: Examples

Options

The following option is available:

•vpn-name — The name of the VPN for which to display mappings.

Step 1 From the SCE> prompt, type show interface linecard 0 VPN name vpn-name and press Enter.

Displaying Mappings for a Specified VPN: Examples

The following example illustrates the output of this command for an MPLS-based VPN.
SCE# show interface linecard 0 VPN name vpn1 
VPN name: Vpn1 
Downstream MPLS Mappings: 
PE-ID = 1.0.0.1 Mpls Label = 20  
PE-ID = 1.0.0.1 Mpls Label = 30  
=======>Total Downstream Mappings: 2  
Upstream MPLS Mappings: 
=======>Total Upstream Mappings: 0 
Number of subscriber mappings: 0 
Explicitly introduced VPN
The following example illustrates the output of this command for a VLAN-based VPN.
SCE&gt; show interface linecard 0 VPN name Vpn3
VPN name: Vpn3
VLAN: 2
Number of subscriber mappings: 0
Explicitly introduced VPN
The following example illustrates the output of this command for an automatically created VLAN.
SCE&gt; show interface linecard 0 VPN name 2
VPN name: 2
VLAN: 2
Number of subscriber mappings: 1
Automatically created VPN
How to Display a Listing of all VPNs

Use this command to display a listing of all currently logged-in VPNs

Step 1 From the SCE> prompt, type show interface linecard 0 VPN all-names and press Enter.

Displaying a Listing of All VPNs: Example
SCE# show interface linecard 0 VPN all-names 
How to Display Subscriber Mappings for an IP range on a Specified VPN

•Options

•Displaying Subscribers Mapped to a IP range on a Specified VPN: Example

Options

The following options are available:

•ip-range — The IP range for which to display mapped subscribers

•vpn-name — The name of the VPN for which to display mappings.

Step 1 From the SCE> prompt, type show interface linecard 0 subscriber mapping included-in IP ip-range VPN vpn-name and press Enter.

The VPN option allows you to search for subscribers with a private IP mapping

Displaying Subscribers Mapped to a IP range on a Specified VPN: Example
SCE# show interface linecard 0 subscriber mapping included-in IP 10.0.0.0/0 VPN vpn1 
Subscribers with IP mappings included in IP range '10.0.0.0/0'@vpn1: 
Subscriber 'Sub10', mapping '10.1.4.150/32@vpn1'. 
Subscriber 'Sub10', mapping '10.1.4.149/32@vpn1'. 
Subscriber 'Sub10', mapping '10.1.4.145/32@vpn1'. 
Subscriber 'Sub11', mapping '10.1.4.146/32@vpn1'. 
Total 2 subscribers found, with 4 matching mappings
How to Display the Number of Subscribers Mapped to an IP range on a Specified VPN

•Options

•Displaying the Number of Subscribers Mapped to range on a Specified VPN: Example

Options

The following options are available:

•ip-range — The IP range for which to display mapped subscribers

•vpn-name — The name of the VPN for which to display mappings.

Use the ` amount ` keyword to display the number of subscribers rather than a listing of subscriber names.

Step 1 From the SCE> prompt, type show interface linecard 0 subscriber amount mapping included-in IP ip-range VPN vpn-name and press Enter.

Displaying the Number of Subscribers Mapped to range on a Specified VPN: Example
SCE# show interface linecard 0 subscriber amount mapping included-in IP 0.0.0.0/0 VPN vpn1 
There are 2 subscribers with 4 IP mappings included in IP range '0.0.0.0/0'.
How to Display the Name of the Subscriber Mapped to a Specified VPN

If the MPLS/VPN is configured as a single subscriber mapped to 0.0.0.0/0 on the VPN that is mapped to the specified MPLS, this option displays that subscriber

Note This command provides backward compatibility for MPLS/VPN subscriber configuration in SCOS versions previous to 3.1.5.

Step 1 From the SCE# prompt, type show interface linecard 0 subscriber mapping MPLS-VPN PE-ID pe-id BGP-label label and press Enter.

•Displaying the Subscriber Mapped to a Specified VPN: Example 1

•Displaying the Subscriber Mapped to a Specified VPN: Example 2

Displaying the Subscriber Mapped to a Specified VPN: Example 1
SCE#>show interface lineCard 0 subscriber mapping MPLS-VPN PE-ID 1.0.0.1 BGP-label 30 
BGP MPLS label 30 on PE 1.0.0.1 is mapped to VPN named 'Vpn1' 
The VPN is NOT mapped to a single subscriber (0.0.0.0/0@Vpn1)
Displaying the Subscriber Mapped to a Specified VPN: Example 2
SCE#>show interface lineCard 0 subscriber mapping MPLS-VPN PE-ID 1.0.0.1 BGP-label 30 
BGP MPLS label 30 on PE 1.0.0.1 is mapped to VPN named 'Vpn1' 
Subscriber 'Sub10' is mapped to 0.0.0.0/0@Vpn1
How to Display the Mappings of Upstream Labels that Belong to Non-VPN Flows

Step 1 From the SCE# prompt, type show interface linecard 0 MPLS-VPN non-VPN-mappings and press Enter.

How to Clear Upstream VPN Mappings

Use this command to remove all learned upstream labels of a specified VPN.

Options

The following option is available:

•vpn-name — The name of the VPN for which to display mappings.

Step 1 From the SCE# prompt, type clear interface linecard 0 VPN name vpn-name upstream mpls all and press Enter.

This command, in effect, causes early label aging. Clearing the mappings allows relearning; labels will probably be quickly relearned after they have been cleared. Therefore, this command is useful when you want to update the VPN mappings without waiting for the standard aging period.

How to Monitor Subscriber Counters

Use the following Viewer command to display subscriber counters, including those related to MPLS/VPN mappings.

•About Subscriber Counters

•Monitoring Subscriber Counters: Example

About Subscriber Counters

When MPLS/VPN-based subscribers are enabled, the following related counters appear in addition to the basic subscriber counters:

•MPLS/VPN-based subscribers:

–Current number of MPLS/-based subscribers that have VPN mappings.

–Maximum number of MPLS/VPN-based subscribers

•MPLS/VPN-based subscribers are also counted in the general subscribers counters, but the general subscribers maximum number does not apply to MPLS/VPN-based subscribers, which have a smaller maximum number.

•MPLS/VPN mappings:

–Current number of used MPLS/VPN mappings

–Maximum number of MPLS/VPN mappings

•Note that these values reflect the total number of mappings, not just the mappings used by MPLS/VPN-based subscribers. Bypassed VPNs also consume MPLS/VPN mappings.

Step 1 From the SCE# prompt, type show interface linecard 0 subscriber db counters and press Enter.

Monitoring Subscriber Counters: Example
SCE#show interface linecard 0 subscriber db counters 
Current values: 
=============== 
Subscribers: 2 used out of 99999 max.  
Introduced subscribers: 2. 
Anonymous subscribers: 0. 
Subscribers with mappings: 2 used out of 99999 max.  
SINGLE non-VPN IP mappings: 1. 
non-VPN IP Range mappings: 1. 
IP Range over VPN mappings: 1. 
Single IP over VPN mappings: 3. 
MPLS-based subscribers are enabled. 
MPLS/VPN mappings: 2 used out of 57344 max. 
MPLS based VPNs with subscriber mappings: 2 used out of 2015 max. 
Subscribers with open sessions: 0. 
Subscribers with TIR mappings: 0. 
Sessions mapped to the default subscriber: 0.  
Peak values: 
============ 
Peak number of subscribers with mappings: 2 
Peak number occurred at: 14:56:55 ISR MON June 9 2007 
Peak number cleared at: 15:29:39 ISR MON June 9 2007  
Event counters: 
=============== 
Subscriber introduced: 2. 
Subscriber pulled: 0. 
Subscriber aged: 0. 
Pull-request notifications sent: 0. 
State notifications sent: 0. 
Logout notifications sent: 0. 
Subscriber mapping TIR contradictions: 0
How to Monitor MPLS/VPN Counters

Use the following Viewer command to display MPLS/VPN information.

Step 1 From the SCE# prompt, type show interface linecard 0 mpls vpn and press Enter.

Monitoring MPLS/VPN Counters: Example
SCE#show interface linecard 0 mpls vpn 
MPLS/VPN auto-learn mode is enabled. 
MPLS based VPNs with subscriber mappings: 0 used out of 2015 max 
Total HW MPLS/VPN mappings utilization: 0 used out of 57344 max 
MPLS/VPN mappings are divided as follows:  
downstream VPN subscriber mappings: 0 
upstream VPN subscriber mappings: 0 
non-vpn upstream mappings: 0 
downstream bypassed VPN mappings: 0 
upstream bypassed VPN mappings: 0
How to Monitor the PE Routers

Use the following Viewer commands to monitor PE routers. These commands provide the following information:

•Configuration of all currently defined PE routers.

•Configuration of a specified PE router.

How to Display the Configuration of all Currently Defined PE Routers

Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN PE-Database and press Enter.

How to Display the Configuration of a Specified PE Router

Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN PE-Database PE-ID pe-id and press Enter.

How to Monitor Bypassed VPNs

•How to Display the Currently Bypassed VPNs

•How to Remove all Learned Bypassed VPNs

How to Display the Currently Bypassed VPNs

Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN Bypassed-VPNs and press Enter.

How to Remove all Learned Bypassed VPNs

Step 1 From the SCE# prompt, type clear interface linecard 0 MPLS VPN Bypassed-VPNs and press Enter.

How to Monitor Non-VPN Mappings

•How to Display Non-VPN Mappings

•How to Remove all Learned non-VPN Mappings

How to Display Non-VPN Mappings

Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN non-VPN-mappings and press Enter.

How to Remove all Learned non-VPN Mappings

Step 1 From the SCE# prompt, type clear interface linecard 0 MPLS VPN non-VPN-mappings and press Enter.

How to Manage MPLS/VPN Support via SM CLU

The SM CLU allows you to do the following:

•Add and remove VPNs

•Display VPN information

•Clear MPLS/VPN mappings

For more information, see the Cisco Service Control Management Suite Subscriber Manager User Guide.

Managing VPNs

Use the p3vpn utility to manage VPNs.

•Options

•How to Add a New MPLS-based VPN

•How to Remove a VPN

•How to Display VPN Information

•How to Manage VPN Mappings

Options

The following options are available:

•VPN-Name — The name assigned to the VPN when it was added, or, if adding a VPN, the name to be assigned to it..

•RT@PE-IP — The mapping assigned to the VPN. Multiple mappings can be specified using a comma.

–RT = the route target of the VPN, specified using the ASN:n notation or the IP:n notation

Note that the Route Distinguisher may be specified rather than the route target

–PE-IP = the loopback IP of the PE router connected to that VPN

How to Add a New MPLS-based VPN

Step 1 From the shell prompt, type the following command: p3vpn --add --vpn=VPN-Name
--mpls-vpn=RT@PE,(RT@PE2, RT@PE3,...) .

How to Remove a VPN

Step 1 From the shell prompt, type the following command: p3vpn --remove --vpn=VPN-Name

How to Display VPN Information

•To List All Existing VPNs

•To List All Subscribers for a Specified VPN

•To Display the Mappings for a Specified VPN

To List All Existing VPNs

Step 1 From the shell prompt, type the following command: p3vpn --show-all

To List All Subscribers for a Specified VPN

Step 1 From the shell prompt, type the following command: p3vpn --show-sub --vpn=VPN-Name

Listing All Subscribers for a Specified VPN: Example
p3vpn -show-sub --vpn=vpn1 
sub1: 10.1.1.0/24@vpn1 
sub2: 20.1.1.0/24@vpn1 
Command terminated successfully
To Display the Mappings for a Specified VPN

Step 1 From the shell prompt, type the following command: p3vpn --show --vpn=VPN-Name

Listing All Subscribers for a Specified VPN: Example
p3vpn --show --vpn=vpn1 
Name:           vpn1 
Domain:         subscribers 
Mappings: 
MPLS/VPN: 1:1000@10.0.0.1       (no BGP information) 
MPLS/VPN: 1:1000@10.0.0.2       label: 10 IP range: 1.1.1.1/32 
Command terminated successfully
How to Manage VPN Mappings

•To Remove All Existing Mappings from a Specified VPN

•To Remove a Specified Mapping from a Specified VPN

To Remove All Existing Mappings from a Specified VPN

Step 1 From the shell prompt, type the following command: p3vpn --remove-all-mappings --vpn=VPN-Name

To Remove a Specified Mapping from a Specified VPN

Step 1 From the shell prompt, type the following command: p3vpn --remove-mappings --vpn=VPN-Name --mpls-vpn=RT@PE,(RT@PE2, RT@PE3,...)

How to Add Mappings to VPN-based Subscribers

There are three types of mappings that can be added to an existing VPN-based subscriber:

•A set of IP addresses defined as IP@VPN

•A complete VPN (this is actually a special case of IP@VPN mappings, in which the mapping is defined as 0.0.0.0/0@VPN)

•All the IP addresses of a CE router, defined by a AS:value@VPN-NAME (BGP community)

How to Add IP Address Mappings

Options

The following options are available

•SUB-NAME — The name of the subscriber to be associated with the specified community attribute

•IP1[/RANGE][,...]@VPN-NAME — IP address or addresses to assign to the VPN

–IP = the IP address. This may be any of the following

–a single IP address (x.x.x.x)

–a single range of IP addresses (x.x.x.x/y)

–a list of IP addresses separated by commas (x.x.x.x, y.y.y.y, z.z.z.z)

–a list of IP address ranges (x.x.x.x/a, y.y.y.y/b, z.z.z.z/c)

–VPN-NAME = name of the VPN to which the community attribute will be assigned

•--additive-mappings — Use this option to add the new mapping(s) to any existing ones. (Without this option, any existing mappings are overwritten.)

Step 1 From the shell prompt, type the following command: p3subs -add --subscriber=SUB-NAME
--ip=IP1[/RANGE][,...]@VPN-NAME [--additive-mappings]

How to Add VPN-based Mappings

This option is supported to provide backwards compatibility with MPLS/VPN-based subscribers in releases before 3.1.5.

Options

The following options are available

•SUB-NAME — The name of the subscriber to be associated with the specified community attribute

•VPN-NAME — The name of the VPN to which the subscriber will be mapped. (This option is equivalent to defining the mapping as 0.0.0.0/0@VPN)

•--additive-mappings — Use this option to add the new mapping(s) to any existing ones. (Without this option, any existing mappings are overwritten.)

Step 1 From the shell prompt, type the following command: p3subs -add --subscriber=SUB-NAME
--vpn=VPN-NAME [--additive-mappings]

How to Configure the Community Parameter

An optional parameter may be set defining a community attribute. The community attribute provides a mechanism for defining the BGP community as one subscriber, using the community@VPN specification.

The community attribute in the BGP protocol is used to dynamically map IP ranges to subscribers. The community attribute can be configured in the Provider Edge (PE) router or in the Customer Edge (CE) router.

The community@VPN specification is replaced by an IP@VPN specification by the BGP LEG.

Use the p3subs utility to configure the community parameter.

Options

The following options are available:

•SUB-NAME — The name of the subscriber to be associated with the specified community attribute

•AS:value@VPN-NAME — The community attribute to assign to the VPN

–AS = autonomous system. Integer in the range 0-65535 assigned by the network administrator

–value = the community attribute. Integer in the range 0-65535 assigned by the network administrator

–VPN-NAME = name of the VPN to which the community attribute will be assigned

Step 1 From the shell prompt, type the following command: p3subs -add --subscriber=SUB-NAME --community=AS:value@VPN-NAME

How to Remove VPN Mappings from Subscribers

•To Remove All Existing Mappings from a Specified Subscriber

•To Remove a Specified IP Mapping from a Specified Subscriber

•To Remove a Specified VPN Mapping from a Specified Subscriber

•To Remove a Specified Community-based Mapping from a Specified Subscriber

To Remove All Existing Mappings from a Specified Subscriber

Step 1 From the shell prompt, type the following command: p3subs --remove-all-mappings --subscriber=SUB-NAME

To Remove a Specified IP Mapping from a Specified Subscriber

Step 1 From the shell prompt, type the following command: p3psubs --remove-mappings --subscriber=SUB-NAME --ip=IP1[/RANGE][,...]@VPN-NAME

To Remove a Specified VPN Mapping from a Specified Subscriber

Step 1 From the shell prompt, type the following command: p3psubs --remove-mappings --subscriber=SUB-NAME --vpn=VPN-NAME

To Remove a Specified Community-based Mapping from a Specified Subscriber

Step 1 From the shell prompt, type the following command: p3psubs --remove-mappings --subscriber=SUB-NAME --community=AS:value@VPN-NAME

How to Monitor Subscriber MPLS/VPN Mappings

Use the p3subs utility to manage VPNs.

Step 1 From the shell prompt, type the following command: p3subs --show-all-mappings --subscriber=SUB-NAME

	Cisco Service Control MPLS/VPN Solution Guide, Rel 3.1.5
	Managing MPLS/VPN Support
Cisco Service Control MPLS/VPN Solution Guide, Rel 3.1.5 Preface Introduction to the Service Control MPLS/VPN Solution Overview of the Service Control Solution for MPLS/VPN Networks Configuring MPLS/VPN Support Managing MPLS/VPN Support	Download this chapter Managing MPLS/VPN Support Download the complete book Cisco Service Control MPLS/VPN Solution Guide, Rel 3.1.5 (PDF - 880 KB) Feedback Table Of Contents Managing MPLS/VPN Support How to Manage MPLS/VPN Support via SNMP MPLS/VPN MIB Objects MPLS/VPN Traps How to Monitor MPLS/VPN Support via SCE Platform CLI How to Display VPN-related Mappings How to Display Mappings for a Specified VPN How to Display a Listing of all VPNs How to Display Subscriber Mappings for an IP range on a Specified VPN How to Display the Number of Subscribers Mapped to an IP range on a Specified VPN How to Display the Name of the Subscriber Mapped to a Specified VPN How to Display the Mappings of Upstream Labels that Belong to Non-VPN Flows How to Clear Upstream VPN Mappings Options How to Monitor Subscriber Counters About Subscriber Counters Monitoring Subscriber Counters: Example How to Monitor MPLS/VPN Counters Monitoring MPLS/VPN Counters: Example How to Monitor the PE Routers How to Display the Configuration of all Currently Defined PE Routers How to Display the Configuration of a Specified PE Router How to Monitor Bypassed VPNs How to Display the Currently Bypassed VPNs How to Remove all Learned Bypassed VPNs How to Monitor Non-VPN Mappings How to Display Non-VPN Mappings How to Remove all Learned non-VPN Mappings How to Manage MPLS/VPN Support via SM CLU Managing VPNs Options How to Add a New MPLS-based VPN How to Remove a VPN How to Display VPN Information How to Manage VPN Mappings How to Add Mappings to VPN-based Subscribers How to Add IP Address Mappings How to Add VPN-based Mappings How to Configure the Community Parameter How to Remove VPN Mappings from Subscribers To Remove All Existing Mappings from a Specified Subscriber To Remove a Specified IP Mapping from a Specified Subscriber To Remove a Specified VPN Mapping from a Specified Subscriber To Remove a Specified Community-based Mapping from a Specified Subscriber How to Monitor Subscriber MPLS/VPN Mappings Managing MPLS/VPN Support This module explains how to manage MPLS/VPN support. •How to Manage MPLS/VPN Support via SNMP •How to Monitor MPLS/VPN Support via SCE Platform CLI •How to Manage MPLS/VPN Support via SM CLU How to Manage MPLS/VPN Support via SNMP SNMP support for MPLS/VPN auto-learn is provided in two ways: •MIB variables •SNMP traps MPLS/VPN MIB Objects The mplsVpnAutoLearnGrp MIB object group (pcubeSEObjs 17) contains information regarding MPLS/VPN auto-learning. The objects in the mplsVpnAutoLearnGrp provide the following information: •maximum number of mappings •allowed current number of mappings For more information, see the "Proprietary MIB Reference" in the Cisco Service Control Engine Software Configuration Guide. MPLS/VPN Traps There is one MPLS/VPN-related trap: •mplsVpnTotalHWMappingsThresholdExceeded (pcubeSeEvents 45) To provide online notification of a resource deficiency, when the system reaches a level of 80% utilization of the hardware MPLS/VPN mappings, a warning message appears in the user log, and this SNMP trap is sent. Both the warning and the trap are sent for each 100 mappings that are added after the threshold has been exceeded. How to Monitor MPLS/VPN Support via SCE Platform CLI The SCE platform CLI allows you to do the following: •Display VPN-related mappings •Monitor subscriber counters •Monitor PE routers •Monitor bypassed VPNs How to Display VPN-related Mappings Use the following Viewer commands to display subscriber mappings. These commands display the following information: •All the mappings for a specified VPN •A listing of all currently logged-in VPNs •A listing of all subscribers mapped to an IP range on a specified VPN •The number of subscribers mapped to an IP range on a specified VPN •The subscriber to whom a specified downstream mapping (PE loopback IP address &BGP label) is mapped. (This option is provided for backwards compatibility and has certain restrictions. See below How to Display the Name of the Subscriber Mapped to a Specified VPN.) How to Display Mappings for a Specified VPN •Options •Displaying Mappings for a Specified VPN: Examples Options The following option is available: •vpn-name — The name of the VPN for which to display mappings. Step 1 From the SCE> prompt, type show interface linecard 0 VPN name vpn-name and press Enter. Displaying Mappings for a Specified VPN: Examples The following example illustrates the output of this command for an MPLS-based VPN. SCE# show interface linecard 0 VPN name vpn1 VPN name: Vpn1 Downstream MPLS Mappings: PE-ID = 1.0.0.1 Mpls Label = 20 PE-ID = 1.0.0.1 Mpls Label = 30 =======>Total Downstream Mappings: 2 Upstream MPLS Mappings: =======>Total Upstream Mappings: 0 Number of subscriber mappings: 0 Explicitly introduced VPN The following example illustrates the output of this command for a VLAN-based VPN. SCE> show interface linecard 0 VPN name Vpn3 VPN name: Vpn3 VLAN: 2 Number of subscriber mappings: 0 Explicitly introduced VPN The following example illustrates the output of this command for an automatically created VLAN. SCE> show interface linecard 0 VPN name 2 VPN name: 2 VLAN: 2 Number of subscriber mappings: 1 Automatically created VPN How to Display a Listing of all VPNs Use this command to display a listing of all currently logged-in VPNs Step 1 From the SCE> prompt, type show interface linecard 0 VPN all-names and press Enter. Displaying a Listing of All VPNs: Example SCE# show interface linecard 0 VPN all-names How to Display Subscriber Mappings for an IP range on a Specified VPN •Options •Displaying Subscribers Mapped to a IP range on a Specified VPN: Example Options The following options are available: •ip-range — The IP range for which to display mapped subscribers •vpn-name — The name of the VPN for which to display mappings. Step 1 From the SCE> prompt, type show interface linecard 0 subscriber mapping included-in IP ip-range VPN vpn-name and press Enter. The VPN option allows you to search for subscribers with a private IP mapping Displaying Subscribers Mapped to a IP range on a Specified VPN: Example SCE# show interface linecard 0 subscriber mapping included-in IP 10.0.0.0/0 VPN vpn1 Subscribers with IP mappings included in IP range '10.0.0.0/0'@vpn1: Subscriber 'Sub10', mapping '10.1.4.150/32@vpn1'. Subscriber 'Sub10', mapping '10.1.4.149/32@vpn1'. Subscriber 'Sub10', mapping '10.1.4.145/32@vpn1'. Subscriber 'Sub11', mapping '10.1.4.146/32@vpn1'. Total 2 subscribers found, with 4 matching mappings How to Display the Number of Subscribers Mapped to an IP range on a Specified VPN •Options •Displaying the Number of Subscribers Mapped to range on a Specified VPN: Example Options The following options are available: •ip-range — The IP range for which to display mapped subscribers •vpn-name — The name of the VPN for which to display mappings. Use the ` amount ` keyword to display the number of subscribers rather than a listing of subscriber names. Step 1 From the SCE> prompt, type show interface linecard 0 subscriber amount mapping included-in IP ip-range VPN vpn-name and press Enter. Displaying the Number of Subscribers Mapped to range on a Specified VPN: Example SCE# show interface linecard 0 subscriber amount mapping included-in IP 0.0.0.0/0 VPN vpn1 There are 2 subscribers with 4 IP mappings included in IP range '0.0.0.0/0'. How to Display the Name of the Subscriber Mapped to a Specified VPN If the MPLS/VPN is configured as a single subscriber mapped to 0.0.0.0/0 on the VPN that is mapped to the specified MPLS, this option displays that subscriber Note This command provides backward compatibility for MPLS/VPN subscriber configuration in SCOS versions previous to 3.1.5. Step 1 From the SCE# prompt, type show interface linecard 0 subscriber mapping MPLS-VPN PE-ID pe-id BGP-label label and press Enter. •Displaying the Subscriber Mapped to a Specified VPN: Example 1 •Displaying the Subscriber Mapped to a Specified VPN: Example 2 Displaying the Subscriber Mapped to a Specified VPN: Example 1 SCE#>show interface lineCard 0 subscriber mapping MPLS-VPN PE-ID 1.0.0.1 BGP-label 30 BGP MPLS label 30 on PE 1.0.0.1 is mapped to VPN named 'Vpn1' The VPN is NOT mapped to a single subscriber (0.0.0.0/0@Vpn1) Displaying the Subscriber Mapped to a Specified VPN: Example 2 SCE#>show interface lineCard 0 subscriber mapping MPLS-VPN PE-ID 1.0.0.1 BGP-label 30 BGP MPLS label 30 on PE 1.0.0.1 is mapped to VPN named 'Vpn1' Subscriber 'Sub10' is mapped to 0.0.0.0/0@Vpn1 How to Display the Mappings of Upstream Labels that Belong to Non-VPN Flows Step 1 From the SCE# prompt, type show interface linecard 0 MPLS-VPN non-VPN-mappings and press Enter. How to Clear Upstream VPN Mappings Use this command to remove all learned upstream labels of a specified VPN. Options The following option is available: •vpn-name — The name of the VPN for which to display mappings. Step 1 From the SCE# prompt, type clear interface linecard 0 VPN name vpn-name upstream mpls all and press Enter. This command, in effect, causes early label aging. Clearing the mappings allows relearning; labels will probably be quickly relearned after they have been cleared. Therefore, this command is useful when you want to update the VPN mappings without waiting for the standard aging period. How to Monitor Subscriber Counters Use the following Viewer command to display subscriber counters, including those related to MPLS/VPN mappings. •About Subscriber Counters •Monitoring Subscriber Counters: Example About Subscriber Counters When MPLS/VPN-based subscribers are enabled, the following related counters appear in addition to the basic subscriber counters: •MPLS/VPN-based subscribers: –Current number of MPLS/-based subscribers that have VPN mappings. –Maximum number of MPLS/VPN-based subscribers •MPLS/VPN-based subscribers are also counted in the general subscribers counters, but the general subscribers maximum number does not apply to MPLS/VPN-based subscribers, which have a smaller maximum number. •MPLS/VPN mappings: –Current number of used MPLS/VPN mappings –Maximum number of MPLS/VPN mappings •Note that these values reflect the total number of mappings, not just the mappings used by MPLS/VPN-based subscribers. Bypassed VPNs also consume MPLS/VPN mappings. Step 1 From the SCE# prompt, type show interface linecard 0 subscriber db counters and press Enter. Monitoring Subscriber Counters: Example SCE#show interface linecard 0 subscriber db counters Current values: =============== Subscribers: 2 used out of 99999 max. Introduced subscribers: 2. Anonymous subscribers: 0. Subscribers with mappings: 2 used out of 99999 max. SINGLE non-VPN IP mappings: 1. non-VPN IP Range mappings: 1. IP Range over VPN mappings: 1. Single IP over VPN mappings: 3. MPLS-based subscribers are enabled. MPLS/VPN mappings: 2 used out of 57344 max. MPLS based VPNs with subscriber mappings: 2 used out of 2015 max. Subscribers with open sessions: 0. Subscribers with TIR mappings: 0. Sessions mapped to the default subscriber: 0. Peak values: ============ Peak number of subscribers with mappings: 2 Peak number occurred at: 14:56:55 ISR MON June 9 2007 Peak number cleared at: 15:29:39 ISR MON June 9 2007 Event counters: =============== Subscriber introduced: 2. Subscriber pulled: 0. Subscriber aged: 0. Pull-request notifications sent: 0. State notifications sent: 0. Logout notifications sent: 0. Subscriber mapping TIR contradictions: 0 How to Monitor MPLS/VPN Counters Use the following Viewer command to display MPLS/VPN information. Step 1 From the SCE# prompt, type show interface linecard 0 mpls vpn and press Enter. Monitoring MPLS/VPN Counters: Example SCE#show interface linecard 0 mpls vpn MPLS/VPN auto-learn mode is enabled. MPLS based VPNs with subscriber mappings: 0 used out of 2015 max Total HW MPLS/VPN mappings utilization: 0 used out of 57344 max MPLS/VPN mappings are divided as follows: downstream VPN subscriber mappings: 0 upstream VPN subscriber mappings: 0 non-vpn upstream mappings: 0 downstream bypassed VPN mappings: 0 upstream bypassed VPN mappings: 0 How to Monitor the PE Routers Use the following Viewer commands to monitor PE routers. These commands provide the following information: •Configuration of all currently defined PE routers. •Configuration of a specified PE router. How to Display the Configuration of all Currently Defined PE Routers Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN PE-Database and press Enter. How to Display the Configuration of a Specified PE Router Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN PE-Database PE-ID pe-id and press Enter. How to Monitor Bypassed VPNs •How to Display the Currently Bypassed VPNs •How to Remove all Learned Bypassed VPNs How to Display the Currently Bypassed VPNs Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN Bypassed-VPNs and press Enter. How to Remove all Learned Bypassed VPNs Step 1 From the SCE# prompt, type clear interface linecard 0 MPLS VPN Bypassed-VPNs and press Enter. How to Monitor Non-VPN Mappings •How to Display Non-VPN Mappings •How to Remove all Learned non-VPN Mappings How to Display Non-VPN Mappings Step 1 From the SCE# prompt, type show interface linecard 0 MPLS VPN non-VPN-mappings and press Enter. How to Remove all Learned non-VPN Mappings Step 1 From the SCE# prompt, type clear interface linecard 0 MPLS VPN non-VPN-mappings and press Enter. How to Manage MPLS/VPN Support via SM CLU The SM CLU allows you to do the following: •Add and remove VPNs •Display VPN information •Clear MPLS/VPN mappings For more information, see the Cisco Service Control Management Suite Subscriber Manager User Guide. Managing VPNs Use the p3vpn utility to manage VPNs. •Options •How to Add a New MPLS-based VPN •How to Remove a VPN •How to Display VPN Information •How to Manage VPN Mappings Options The following options are available: •VPN-Name — The name assigned to the VPN when it was added, or, if adding a VPN, the name to be assigned to it.. •RT@PE-IP — The mapping assigned to the VPN. Multiple mappings can be specified using a comma. –RT = the route target of the VPN, specified using the ASN:n notation or the IP:n notation Note that the Route Distinguisher may be specified rather than the route target –PE-IP = the loopback IP of the PE router connected to that VPN How to Add a New MPLS-based VPN Step 1 From the shell prompt, type the following command: p3vpn --add --vpn=VPN-Name --mpls-vpn=RT@PE,(RT@PE2, RT@PE3,...) . How to Remove a VPN Step 1 From the shell prompt, type the following command: p3vpn --remove --vpn=VPN-Name How to Display VPN Information •To List All Existing VPNs •To List All Subscribers for a Specified VPN •To Display the Mappings for a Specified VPN To List All Existing VPNs Step 1 From the shell prompt, type the following command: p3vpn --show-all To List All Subscribers for a Specified VPN Step 1 From the shell prompt, type the following command: p3vpn --show-sub --vpn=VPN-Name Listing All Subscribers for a Specified VPN: Example p3vpn -show-sub --vpn=vpn1 sub1: 10.1.1.0/24@vpn1 sub2: 20.1.1.0/24@vpn1 Command terminated successfully To Display the Mappings for a Specified VPN Step 1 From the shell prompt, type the following command: p3vpn --show --vpn=VPN-Name Listing All Subscribers for a Specified VPN: Example p3vpn --show --vpn=vpn1 Name: vpn1 Domain: subscribers Mappings: MPLS/VPN: 1:1000@10.0.0.1 (no BGP information) MPLS/VPN: 1:1000@10.0.0.2 label: 10 IP range: 1.1.1.1/32 Command terminated successfully How to Manage VPN Mappings •To Remove All Existing Mappings from a Specified VPN •To Remove a Specified Mapping from a Specified VPN To Remove All Existing Mappings from a Specified VPN Step 1 From the shell prompt, type the following command: p3vpn --remove-all-mappings --vpn=VPN-Name To Remove a Specified Mapping from a Specified VPN Step 1 From the shell prompt, type the following command: p3vpn --remove-mappings --vpn=VPN-Name --mpls-vpn=RT@PE,(RT@PE2, RT@PE3,...) How to Add Mappings to VPN-based Subscribers There are three types of mappings that can be added to an existing VPN-based subscriber: •A set of IP addresses defined as IP@VPN •A complete VPN (this is actually a special case of IP@VPN mappings, in which the mapping is defined as 0.0.0.0/0@VPN) •All the IP addresses of a CE router, defined by a AS:value@VPN-NAME (BGP community) How to Add IP Address Mappings Options The following options are available •SUB-NAME — The name of the subscriber to be associated with the specified community attribute •IP1[/RANGE][,...]@VPN-NAME — IP address or addresses to assign to the VPN –IP = the IP address. This may be any of the following –a single IP address (x.x.x.x) –a single range of IP addresses (x.x.x.x/y) –a list of IP addresses separated by commas (x.x.x.x, y.y.y.y, z.z.z.z) –a list of IP address ranges (x.x.x.x/a, y.y.y.y/b, z.z.z.z/c) –VPN-NAME = name of the VPN to which the community attribute will be assigned •--additive-mappings — Use this option to add the new mapping(s) to any existing ones. (Without this option, any existing mappings are overwritten.) Step 1 From the shell prompt, type the following command: p3subs -add --subscriber=SUB-NAME --ip=IP1[/RANGE][,...]@VPN-NAME [--additive-mappings] How to Add VPN-based Mappings This option is supported to provide backwards compatibility with MPLS/VPN-based subscribers in releases before 3.1.5. Options The following options are available •SUB-NAME — The name of the subscriber to be associated with the specified community attribute •VPN-NAME — The name of the VPN to which the subscriber will be mapped. (This option is equivalent to defining the mapping as 0.0.0.0/0@VPN) •--additive-mappings — Use this option to add the new mapping(s) to any existing ones. (Without this option, any existing mappings are overwritten.) Step 1 From the shell prompt, type the following command: p3subs -add --subscriber=SUB-NAME --vpn=VPN-NAME [--additive-mappings] How to Configure the Community Parameter An optional parameter may be set defining a community attribute. The community attribute provides a mechanism for defining the BGP community as one subscriber, using the community@VPN specification. The community attribute in the BGP protocol is used to dynamically map IP ranges to subscribers. The community attribute can be configured in the Provider Edge (PE) router or in the Customer Edge (CE) router. The community@VPN specification is replaced by an IP@VPN specification by the BGP LEG. Use the p3subs utility to configure the community parameter. Options The following options are available: •SUB-NAME — The name of the subscriber to be associated with the specified community attribute •AS:value@VPN-NAME — The community attribute to assign to the VPN –AS = autonomous system. Integer in the range 0-65535 assigned by the network administrator –value = the community attribute. Integer in the range 0-65535 assigned by the network administrator –VPN-NAME = name of the VPN to which the community attribute will be assigned Step 1 From the shell prompt, type the following command: p3subs -add --subscriber=SUB-NAME --community=AS:value@VPN-NAME How to Remove VPN Mappings from Subscribers •To Remove All Existing Mappings from a Specified Subscriber •To Remove a Specified IP Mapping from a Specified Subscriber •To Remove a Specified VPN Mapping from a Specified Subscriber •To Remove a Specified Community-based Mapping from a Specified Subscriber To Remove All Existing Mappings from a Specified Subscriber Step 1 From the shell prompt, type the following command: p3subs --remove-all-mappings --subscriber=SUB-NAME To Remove a Specified IP Mapping from a Specified Subscriber Step 1 From the shell prompt, type the following command: p3psubs --remove-mappings --subscriber=SUB-NAME --ip=IP1[/RANGE][,...]@VPN-NAME To Remove a Specified VPN Mapping from a Specified Subscriber Step 1 From the shell prompt, type the following command: p3psubs --remove-mappings --subscriber=SUB-NAME --vpn=VPN-NAME To Remove a Specified Community-based Mapping from a Specified Subscriber Step 1 From the shell prompt, type the following command: p3psubs --remove-mappings --subscriber=SUB-NAME --community=AS:value@VPN-NAME How to Monitor Subscriber MPLS/VPN Mappings Use the p3subs utility to manage VPNs. Step 1 From the shell prompt, type the following command: p3subs --show-all-mappings --subscriber=SUB-NAME
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks