Problem
Why are we not able to ping LAN/WAN subnet from LAN or WAN?
Solution
Follow these steps when you are unable to ping a device (192.168.20.0/24) from your Branch (CPE):
- Run the show route routing-instance <name-LAN-VR> CLI command from the branch to view all the routing instances associated with it.
<in the cli command below please replace <branch-name> with the relevant name of the LAN-VR>
snet@SNT-SDWB-<branch-name>-cli> show route routing-instance <branch-name> Routes for Routing instance : <branch-name> AFI: ipv4 Codes: E1 - OSPF external type 1, E2 - OSPF external type 2 IA - inter area, iA - intra area, L1 - IS-IS level-1, L2 - IS-IS level-2 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 RTI - Learnt from another routing-instance + - Active Route Prot Type Dest Address/Mask Next-hop Age Interface name ---- ---- ----------------- -------- --- -------------- BGP N/A 0.0.0.0/0 10.19.64.101 1d07h20m Indirect BGP N/A 0.0.0.0/0 10.19.64.102 1d07h20m Indirect BGP N/A +0.0.0.0/0 169.254.24.1 6d04h16m tvi-0/625.0 local N/A +162.251.135.221/32 0.0.0.0 6d05h04m directly connected conn N/A +169.254.24.0/24 0.0.0.0 6d05h04m tvi-0/625.0 local N/A +169.254.24.2/32 0.0.0.0 6d05h04m directly connected conn N/A +169.254.25.0/24 0.0.0.0 6d05h04m tvi-0/627.0 local N/A +169.254.25.2/32 0.0.0.0 6d05h04m directly connected conn N/A +169.254.26.0/24 0.0.0.0 6d05h04m tvi-0/629.0 local N/A +169.254.26.2/32 0.0.0.0 6d05h04m directly connected conn N/A +192.168.20.0/24 0.0.0.0 6d03h53m vni-0/4.0 local N/A +192.168.20.1/32 0.0.0.0 6d03h53m directly connected BGP N/A +199.182.208.0/24 10.19.64.101 1d07h20m Indirect BGP N/A 199.182.208.0/24 10.19.64.102 1d07h20m Indirect BGP N/A +199.182.213.112/30 10.19.64.101 1d07h20m Indirect BGP N/A 199.182.213.112/30 10.19.64.102 1d07h20m Indirect Routes for Routing instance : Indirap-LAN-VR AFI: ipv6 [ok][2019-02-13 17:10:20]
2. Run the ping 192.168.20.4 routing-instance <branch-name> CLI command to check the reachability to the device.
The command throws an error message if the branch is unable to ping the device.
<in the cli command below please replace <branch-name> with the relevant name of the LAN-VR>
snet@SNT-SDWB-<branch-name>-cli> ping 192.168.20.4 routing-instance <branch-name> PING 192.168.20.4 (192.168.20.4) 56(84) bytes of data. --- 192.168.20.4 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4032ms [error][2019-02-13 17:11:08]
For any prefix configured in vnf-manager, all packets destined to that prefix are sent to the global routing instance in Linux. If you are unable to ping the device from the branch’s routing instance, then ping the device from the global routing instance if the source/destination is in the vnf-manager list.
Follow these steps to ping the device from the branch using the global routing instance:
1. Run the show system vnf-manager CLI command to view the list of configured prefixes and interfaces associated with the vnf-manager.
admin@SNT-SDWB-<branch-name>-cli(config)% show system vnf-manager ip-addresses [ 172.16.20.120/32 192.168.20.0/24 199.182.208.0/24 199.182.213.112/30 ]; vnf-mgmt-interfaces [ tvi-0/2000.0 tvi-0/39.0 vni-0/4.0 ]; [ok][2019-02-13 18:30:40]
2. Run the ping 192.168.20.4 CLI command to check the ping status of the interface.
admin@SNT-SDWB-cli> ping 192.168.20.4 PING 192.168.20.4 (192.168.20.4) 56(84) bytes of data. 64 bytes from 192.168.20.4: icmp_seq=1 ttl=255 time=1.61 ms 64 bytes from 192.168.20.4: icmp_seq=2 ttl=255 time=1.46 ms 64 bytes from 192.168.2<span class="fr-marker" data-id="0" data-type="false" style="display: none; line-height: 0;"></span><span class="fr-marker" data-id="0" data-type="true" style="display: none; line-height: 0;"></span>0.4: icmp_seq=3 ttl=255 time=2.79 ms 64 bytes from 192.168.20.4: icmp_seq=4 ttl=255 time=1.59 ms 64 bytes from 192.168.20.4: icmp_seq=5 ttl=255 time=1.45 ms --- 192.168.20.4 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4005ms rtt min/avg/max/mdev = 1.451/1.785/2.798/0.511 ms [ok][2019-02-13 18:32:02] admin@SNT-SDWB-cli>