EIGRP

Unanswered Question
Jul 22nd, 2008
User Badges:

Please refer the attachment.


Location X , Y , Z & central are all running EIGRP. Location X has got a new DS3 link. All traffic from X, Y & Z will traverse to Central via this DS3 link.

I would want the traffic from X, Y & "A" in location z to have their traffic traverse via the DS3 link at location x [ this would be the best route]. However, traffic from "B" & "C" in location Z have to have theri traffic via the 5 E1 links to Central. How do i achieve this.


Subnet details :


Location x - 10.1.x.x 255.255.0.0

Location y - 10.2.x.x 255.255.0.0

location z : "A" - 10.3.x.x 255.255.0.0

"B" - 10.4.x.x 255.255.0.0

"C" - 10.5.x.x 255.255.0.0

central - 10.10.x.x 255.255.0.0



By EIGRP metrics, the best path to Central from location Z ["A", "B" & "C"] is over DS3 on location Y.


How do i block the traffic?




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
lgijssel Tue, 07/22/2008 - 22:43
User Badges:
  • Red, 2250 points or more

Perhaps you can configure a distribute list to filter eigrp updates from B & C towards A.

In that way, B & C subnets will only be advertised over the E1-path that you prefer and hence become routed that way.

Use floating static routes to preserve connectivity over the alternate path via A.


regards,

Leo

deepa.muralidharan Wed, 07/23/2008 - 01:52
User Badges:

Can we configure Single distribute list over multiple interface / VLANs ?


Ex :

router eigrp 200

network x.x.x.x

ditribute-list 25 out fa8/48

distribute-list 25 out vlan 26

distribute-list 25 out vlan 27





lgijssel Wed, 07/23/2008 - 02:03
User Badges:
  • Red, 2250 points or more

This will certainly be an option, as long as you are sure that the correct networks are advertised. keep in mind that this will also affect internal traffic within the site.


regards,

Leo

deepa.muralidharan Wed, 07/23/2008 - 02:40
User Badges:

Thanks Leo!


So, Similarly distribution-lists need to be configured on the router end at Central locatiion as well, right ?

lgijssel Wed, 07/23/2008 - 02:47
User Badges:
  • Red, 2250 points or more

Well, I guess that would seriously affect all routing. Look at it like this:

Currently, subnets B & C are receiving a better metric for via A. Filtering it at A in the direction of B & C would be the solution with the least impact. The routers in B & C would then "automatically" select the route(s) offered via the 5 x E1-path.

Better be sure that you know what you are dealing with here, the impacts of misconfiguration can be pretty severe.


regards,

Leo

deepa.muralidharan Wed, 07/23/2008 - 03:17
User Badges:

You had mentioned about floating Static routes in here.

This should mainly be on the links connecting A from B & C, right. But, for the traffic to traverse via these links from Central location will need all thr 5 E1 links going down. But the probability of this would be very minimal. So, how does floating static routes serve the purpose ?

lgijssel Wed, 07/23/2008 - 03:27
User Badges:
  • Red, 2250 points or more

With your knowledge of the network topology you are likely capable to judge what is wisdom here. As I see it, an intermediate device might fail and cause loss of connectivity to (a part of) the network while there is still a path available. That should never be allowed to happen so I would always configure some redundancy in there, what else do you have it for?


Leo

deepa.muralidharan Mon, 07/28/2008 - 00:32
User Badges:

Leo,

Please check the config below.

I have configured it on the Central location specific to the interface. Considering the DS3 link to be connected to Serail 0/0 of the router.


As we already know :

Location x - 10.1.x.x 255.255.0.0

Location y - 10.2.x.x 255.255.0.0

location z : "A" - 10.3.x.x 255.255.0.0

"B" - 10.4.x.x 255.255.0.0

"C" - 10.5.x.x 255.255.0.0

central - 10.10.x.x 255.255.0.0


Now,config on Central location router>

Central_router:

access-list 45 deny 10.4.0.0 0.0.255.255

access-list 45 deny 10.5.0.0 0.0.255.255

access-list 45 permit any


access-list 40 permit 10.1.0.0 0.0.255.255

access-list 40 permit 10.2.0.0 0.0.255.255

access-list 40 permit 10.3.0.0 0.0.255.255

access-list 40 deny any



router eigrp 100

distribute-list 45 out se 0/0

distribute-list 40 in se 0/0


Is this possible?




Actions

This Discussion