Rick,

Thanks for your response. Yes we do have a defaul route 0.0.0.0 0.0.0.0 10.x.x.x pointing to our default gateway (Firewall). Can you please briefly explain what you mean by:

"but you do want to make sure that the Administrative Distance of the entry based on the summary address is higher than the Administrative Distance of the summary route"?

Thanks

Brandon

How you are learning your default route will assign it an administrative distance. If it is a static route then its AD defaults to 1. If it is learned via EIGRP it would default to 90, etc. There is an optional parameter that you can specify when configuring the EIGRP summary address and you want to use that parameter to make sure that the summary you are configuring has AD higher than your real default route. The potential issue is that the summary address command will default to an AD of 5 and that could displace the default route that you really want to use.

HTH

Rick

Rick,

On the 6513 giving the summary we are also using redistribute static under the EIGRP process. When you do this and also advertise a default summary to a down stream it makes the eigrp ad 170 and is thus flagged as an external route. On my 6513 I configured my summary advertisement as 0.0.0.0 0.0.0.0 250. Is the 250 (AD specified) the optional parameter you mention to use?

Thanks,

Brandon

Brandon

Yes the 250 is the AD and is the optional parameter that I mentioned.

HTH

Rick

When I use 255 as the AD it still installs a null route.

Attached is a config from my lab showing the config snippets and eigrp topology.

This is straight from Cisco IP routing 12.4 guide about using the summary-address command vs. a distribute-list. See what you think.

You should not use the ip summary-address eigrp summarization command to generate

the default route (0.0.0.0) from an interface. This causes the creation of an EIGRP summary

default route to the null 0 interface with an administrative distance of 5. The low

administrative distance of this default route can cause this route to displace default routes

learned from other neighbors from the routing table. If the default route learned from the

neighbors is displaced by the summary default route, or if the summary route is the only

default route present, all traffic destined for the default route will not leave the router,

instead, this traffic will be sent to the null 0 interface where it is dropped.

The recommended way to send only the default route out a given interface is to use a

distribute-list command. You can configure this command to filter all outbound route

advertisements sent out the interface with the exception of the default (0.0.0.0).

Rick,

I certainly appreciate you and Sundar extremely helpful insight. I noted you both for credit on the solution. I like you would like to hear input for senior Cisco engineers who participate in this forum if any. It seems like most things Cisco there is no real cut best practice and always an exception to the rule. ;-)

HTH

Brandon

There is no hard and fast rule in this case.... It's a matter of preference, which config you like better, and which one you think is "more obvious." THe summary with the admin distance is the shorter config, but the less common, so there are advantages on both sides.

There are some who would not recommend doing this with an admin distance of 255, which prevents the discard route from being installed at all, because if you lose the "underlying" route, then it's possible to build routing loops pretty easily. OTOH, using the admin distance of 250, rather than 255, is safe from these sorts of problems.

So, no hard and fast rule either way.

:-)

Russ

Russ,

Thanks I really appreciate the response.

HTH,

Brandon

Hi Russ,

I have some points I'd like to mention, based on experience with this issue in our network, and I also have a related question:

- Regarding the use of ip summary-address vs distribution list, and comparing the administrative overhead to manage them, it really is the same. With the ip summary-address, you need to apply this command to every interface you add to the router where you want to only send the default route. With the distribute list, you create the list policy once, and then add a distribute-list entry to your eigrp process for every interface you add where you only want to send the default route. So, for ongoing changes, you still need to add an entry per new interface, it's just a matter of whether you put an ip summary-address command on an interface or a distribute-list command into eigrp.

- Regarding a default route on the stub router, what I do in conjunction with the above (we use the distribute-list method) is to create a default route on each stub router (ip route 0.0.0.0 0.0.0.0 ww.xx.yy.zz 200) with an AD of 200. That way, the stub router will have a static 'default' route (AD=1) that it can use if it does not learn an advertised default (AD=90) from eigrp. If you don't change the AD of the default route on the stub, it will never install the eigrp default route into it's routing table, so all the work at the hub router to create and advertise only a default route to the stub routers will be a waste of time.

Finally, I have a question regarding the AD for a summary-address. By default, the AD for the summary route is 5. However, I am trying to understand what issues I should be concerned with regarding this AD, as compared to AD=90 or AD=130 for my eigrp internal and external routes. For a normal network, where I have numerous IP subnets connected to a regional hub, and I want to advertise a few summary routes from the hub to other hubs which will cover the numerous IP subnets, is there anything to gain by changing the AD of the summary route from 5 to something lesser than 90 or greater than 90? I am assuming that the reason a summary route has an AD of 5 since it is something explicitly configured, meaning that someone who should 'know' their network has created this explicit route summary, so it should be trusted more than a normal learned route from eigrp (AD=90)? If this assumption is correct, is the AD=5 designed to tell the router performing the summarization that it should trust this summary above the learned routes, or is it something that the eigrp neighbors benefit from? I've tested it in a lab environment and see the summary route received by the eigrp neighbors with an AD=90, so it looks like the AD=5 preference is really only for the advertising router, to choose advertising the summary over the more specific routes?

Any clarification for this issue is greatly appreciated.

Ron Buchalski