cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1144
Views
0
Helpful
9
Replies

EIGRP in an MPLS enviroment

ouhakheme
Level 3
Level 3

Hello everyone --

I have two routers attached to an MPLS network. I'd like to use EIGRP to connect the routers, but because of the multicast hellos, the routers aren't becoming neighbors.

I could use the neighbor command, but the provider made our IP addresses such that they don't reside on the same segment.

I have 172.16.0.10/30 on one router and 172.16.0.14/30 on the other router.

TAC says that I can use a GRE tunnel to get around the issue, but I'm hoping for a better option.

Any ideas?

Thanks,

Ohamien

9 Replies 9

mohmmad.imran
Level 1
Level 1

Need your configs, if you can paste that.

Site 1

----------------

interface FastEthernet0/0

ip address 10.20.10.78 255.255.255.0

ip helper-address 10.20.10.254

speed auto

no keepalive

!

interface Serial0/0

ip address 172.16.0.10 255.255.255.252

!

router eigrp 100

redistribute static metric 10000 1000 255 1 1500

passive-interface FastEthernet0/0

network 10.0.1.0 0.0.0.255

network 10.0.2.1 0.0.0.0

network 10.20.0.0 0.0.255.255

network 172.16.0.8 0.0.0.3

network 172.30.1.0 0.0.0.255

network 172.31.1.0 0.0.0.255

network 192.168.255.36 0.0.0.0

distribute-list 7 out static

no auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.20.10.1

ip route 10.0.1.0 255.255.255.0 10.20.10.1

ip route 10.0.2.1 255.255.255.255 10.20.10.1

ip route 172.16.0.12 255.255.255.252 172.16.0.9

ip route 172.30.1.0 255.255.255.0 10.20.10.1

ip route 172.31.1.0 255.255.255.0 10.20.10.1

ip route 192.168.255.36 255.255.255.255 10.20.10.1

ip http server

ip http authentication local

ip http secure-server

!

!

!

access-list 7 permit 10.0.2.1

access-list 7 permit 192.168.255.36

access-list 7 permit 10.0.1.0 0.0.0.255

access-list 7 permit 172.30.1.0 0.0.0.255

access-list 7 permit 172.31.1.0 0.0.0.255

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

line con 0

login local

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

line vty 5 15

privilege level 15

login local

transport input telnet ssh

!

ntp clock-period 17179829

ntp source FastEthernet0/0

ntp server 10.20.10.7

end

Site 2

----------------

interface GigabitEthernet0/0

description TRUNK

no ip address

duplex auto

speed auto

!

interface GigabitEthernet0/0.10

description DATA VLAN

encapsulation dot1Q 10

ip address 10.100.0.1 255.255.255.0

!

interface GigabitEthernet0/0.111

description VOICE VLAN

encapsulation dot1Q 111

ip address 192.168.18.254 255.255.255.0

!

interface GigabitEthernet0/1

description TRUNK

no ip address

shutdown

duplex auto

speed auto

!

interface Serial0/1/0

ip address 172.16.0.14 255.255.255.252

!

router eigrp 100

passive-interface GigabitEthernet0/0.10

passive-interface GigabitEthernet0/0.111

network 10.100.0.0 0.0.0.255

network 172.16.0.12 0.0.0.3

network 192.168.18.0

no auto-summary

!

ip route 0.0.0.0 0.0.0.0 10.100.0.5

ip route 172.16.0.8 255.255.255.252 172.16.0.13

walleyewiz
Level 1
Level 1

If your provider does not support EIGRP over their MPLS backbone you will probably be stuck with doing GRE tunnels. Who is your MPLS provider? Ever thought of using BGP instead? That is what I do.

I'm talking with the provider now, they do support EIGRP.

Thanks guys.

If they do support EIGRP, then your peering on your serial links will be with their router rather than your remote.

It will look something like the following:

Site1 --eigrp--provider1--(mpls)--provider2--eigrp--site2

where "provider1" and "provider2" are routers owned by your MPLS service provider.

If they do not support eigrp, then you can tunnel or buy a layer2 circuit to provide Site1-to-Site2 point to point connectivity. It would look something like:

Site1---(wan/eigrp)---Site2.

VPLS or VPWS or L2VPN all will look to you like layer2 circuits of some sort (p2p, FR, ATM, LAN, etc). You buy the access and the provider uses VPLS or VPWS or other technology in their network behind the scenes to provide that access.

HTH,

Mike

One more thought. You could see if your provider supports VPLS or VPWS--essentially L2VPN over MPLS.

What is the benefit to that?

VPLS or VPWS is essentially a L2 VPN. VPLS users get an emulated LAN segment that offers a L2 broadcast domain. VPWS gives you P2P connectivity like FR, ATM, leased-line.

Friend,

First thing whether you want to run EIGRP between your CE routers or between your CE and the providers PE.

If you want to run EIGRP between your CE routers, then you need to run a GRE tunnel which will send muliticast hellos on that and adjacencies would be formed.

Most providers would be using MP_BGP over the MPLS.

If you run EIGRP between the CE and the PE then the provider would redistribute your EIGRP into his BGP and advertise the network back to you via EIGRP on the other end.

HTH, rate if it does

Narayan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco