Weird Problems On Cisco 2610 Router

Unanswered Question
Dec 4th, 2007

Hi In our company there is a 2610 router that connects two branches of our firm but more than 2 weeks there is a weird problem(we didnt change anything on it) router doesnt route some ip addresses

ip address of the router is 10.0.0.4

it has a static routes such as

ip route 0.0.0.0 0.0.0.0 10.0.0.6

ip route 62.41.66.0 255.255.255.0 212.50.38.49

ip route 172.16.0.0 255.255.0.0 10.0.0.6

ip route 192.168.1.0 255.255.255.0 1.0.0.2

ip route 212.50.38.100 255.255.255.252 1.0.0.2

but for example it doesnt route this ip address

62.244.241.54

when i ping this addres via this router it gives

10.0.0.4 : destination host unreacheable

does anyone know why can it be?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 12/04/2007 - 02:02

Hi

Okay, that is your problem.

ip route 0.0.0.0 0.0.0.0 10.0.0.6

ip route 62.41.66.0 255.255.255.0 212.50.38.49

ip route 172.16.0.0 255.255.0.0 10.0.0.6

ip route 192.168.1.0 255.255.255.0 1.0.0.2

ip route 212.50.38.100 255.255.255.252 1.0.0.2

62.244.241.54 should be routed using the default route entry ie.

ip route 0.0.0.0 0.0.0.0 10.0.0.6

Trouble is you have a route for the major network 62.x.x.x in your routing table. It is using a class C subnet mask but it is still a class A address. So the router looks for a match on the major network number of 62. for 62.244.241.54. It doesn't find an entry but it can't use the default-route because of your "no ip classless" command.

So enter "ip classless" and it should then route that destination to 10.0.0.6 which is the next hop for your default-gateway.

Note that this will only happen for 62.x.x.x addresses. If you try 61.x.x.x then it should route to 10.0.0.6 anyway.

Hope this makes sense

Jon

tolgatanriverdi Tue, 12/04/2007 - 03:56

Thanks

But I tried that and it didnt work

I made

configure terminal

ip classless

reload

and still the same problem

may it be hardware of router related problem?

Hi

From your mail it looks like you did not save your configuration before the reload, so when the router rebooted it had reverted back to "no ip classless" and so you still have the same problem.

Also why did you reload?? This is a Cisco router not a PC running a Microsoft OS, so there should be no reason to reload the router after a change to the network configuration.

Just try the following and see if it works,

Router#conf t

Router(config)#ip classless

Router(config)#exit

Router#wr (or "copy run start" if you prefer)

Then test your connectivity.

Best regards,

Michael

Jon Marshall Tue, 12/04/2007 - 06:39

Hi

As Michael says, did you save the running config. You definitely don't need to reload the router.

If you do a "sh run" make sure that you cannot see a "no ip classless" statement. If you can

router(config)# ip classless

router(config)# wr mem

then try your ping

Jon

hdt Tue, 12/04/2007 - 05:22

Hi,

You could try the following:

turn off route-caching / cef on all interfaces.

create a numbered acl which matches your test traffic.

then debug ip packet detail (with term mon if connected via vty)

The output of the packetdump could shine some light on your problem,

regards,

Henk

mheusing Tue, 12/04/2007 - 06:38

Hi,

Could you provide the output from "show ip route" of your 2610?

Tha might help to understand the problem.

Also be extremely careful before using the troubleshooting path suggested by Henk. Make sure your CPU is not overwhelmed and also make sure that CEF is not needed for any feature you are using!

Making a mistake with Henks approach can easily crash your router (though you do not seem to have an issue with frequent reloads ...).

Regards, Martin

tolgatanriverdi Wed, 12/05/2007 - 00:16

here is the output of my cisco 2610's show ip route

Gateway of last resort is 10.0.0.6 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets

C 1.0.0.0 is directly connected, Serial1/0:0

S 172.16.0.0/16 [1/0] via 10.0.0.6

C 10.0.0.0/8 is directly connected, FastEthernet0/0

212.50.38.0/24 is variably subnetted, 2 subnets, 2 masks

S 212.50.38.100/30 [1/0] via 1.0.0.2

C 212.50.38.48/29 is directly connected, FastEthernet0/0

S 192.168.1.0/24 [1/0] via 1.0.0.2

62.0.0.0/24 is subnetted, 1 subnets

S 62.41.66.0 [1/0] via 212.50.38.49

S* 0.0.0.0/0 [1/0] via 10.0.0.6

tolgatanriverdi Wed, 12/05/2007 - 01:31

Building configuration...

Current configuration : 1441 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

no service dhcp

!

hostname teknokent

!

enable secret 5 xxxxxxxxxxxxxxxxx/

!

username root password 7 xxxxxxxxxxxxxx

no ip subnet-zero

!

!

ip host sincan 192.168.1.1

!

!

class-map match-all TEST

match none

!

!

policy-map DENIZ

class TEST

!

!

controller E1 1/0

framing NO-CRC4

channel-group 0 timeslots 1-16

!

!

!

interface FastEthernet0/0

ip address 212.50.38.54 255.255.255.248 secondary

ip address 10.0.0.4 255.0.0.0

no ip mroute-cache

speed auto

half-duplex

no cdp enable

!

interface Serial1/0:0

ip address 1.0.0.1 255.255.255.0

encapsulation frame-relay

ip policy route-map VOIP

frame-relay interface-dlci 100

frame-relay lmi-type ansi

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.6

ip route 62.41.66.0 255.255.255.0 212.50.38.49

ip route 172.16.0.0 255.255.0.0 10.0.0.6

ip route 192.168.1.0 255.255.255.0 1.0.0.2

ip route 212.50.38.100 255.255.255.252 1.0.0.2

no ip http server

no ip pim bidir-enable

!

!

access-list 101 permit ip host 212.50.38.100 any

access-list 101 permit ip host 212.50.38.101 any

access-list 101 permit ip host 212.50.38.102 any

no cdp run

route-map VOIP permit 10

match ip address 101

set ip next-hop 212.50.38.49

!

!

line con 0

exec-timeout 0 0

line aux 0

exec-timeout 0 1

login

no exec

line vty 0 4

password 7 xxxxxxxxxxxxx

login local

!

!

end

Jon Marshall Wed, 12/05/2007 - 01:37

Hi

Can you just confirm that when you try to ping 62.244.241.54 you are still getting the same message ie. 10.0.0.4 reports a destination host unreachable ?

Which next hop should 62.244.241.54 be reachable through because your routing table is saying 10.0.0.6 - is that correct ?

Jon

Jon

smothuku Wed, 12/05/2007 - 01:40

HI ,

interface FastEthernet0/0

ip address 212.50.38.54 255.255.255.248 secondary

ip address 10.0.0.4 255.0.0.0

no ip mroute-cache

speed auto

half-duplex -------why it is half duplex...

no cdp enable

10.0.0.6 ---belongs to which router..and how is the connectivity..

Thanks,

satish

tolgatanriverdi Wed, 12/05/2007 - 01:46

10.0.0.6 is our company's firewall which directly connected to 212.50.38.49(or 212.50.35.97 both are same devices)

and everything beside static routes should have to go through 10.0.0.6

and yes I'am still taking destination host unreacheable error

Thanks

smothuku Wed, 12/05/2007 - 01:54

Hi ,

Have you checked the Firewall logs when you were trying to ping to 62.244.241.54.

Was it allowing icmp(policy) from router to reach 62.244.241.54.

Try to ping 10.0.0.6 first and then check the Firewall logs.

If there is a policy or icmp is allowed from your company's firewall , try the "EXTENDED PING" from router.

While posting the conversation you mentioned that """Hi In our company there is a 2610 router that connects two branches of our firm but more than 2 weeks there is a weird problem(****we didnt change anything on it) router doesnt route some ip addresses ""

Are you sure nothing was changed on firewall also ?

Thanks,

satish

tolgatanriverdi Wed, 12/05/2007 - 05:29

Yes I'm sure nothing changed on firewall or router for that matter

Because when i changed the pc's(which i ping from) default gateway from this router to our firewall everything works fine

The router doesnt allow that 62.244.241.54 ip address

Jon Marshall Wed, 12/05/2007 - 05:35

Could set the PC's default-gateway to be the router again and then ping

1) 62.182.1.10

2) 57.10.1.2

3) 156.11.1.2

And post results

Jon

lgijssel Wed, 12/05/2007 - 02:27

Perhaps I shouldn't but this thread is becoming so bizarre that i cannot leave it;-)

One of the most important question has not yet been asked, that is: Where is your ping originating from?

The general expectation is that the routing table will select 10.0.0.6 as the next hop.

However, there is a slight chance that you are originating from an adress that matches acl 101 in which case you are policy routed to another device.

If so, you would also see something like "TTL expired in transit" when you look at the right spot.

regards,

Leo

Actions

This Discussion