cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
284
Views
0
Helpful
3
Replies

problem to forward traffic to one host in Catalyst 6506

dimitavton
Level 1
Level 1

Hello. Do anyone see what the problem could be ?

There is a route in vrf (catalyst 6506):

Sw2#sh ip route vrf DMZ 10.249.17.0

Routing entry for 10.249.17.0/29

Known via "ospf 501", distance 110, metric 2, type intra area

Last update from 10.249.207.70 on GigabitEthernet1/1.2024, 00:01:12 ago

Routing Descriptor Blocks:

* 10.249.207.70, from 10.249.17.1, 00:01:12 ago, via GigabitEthernet1/1.2024

Route metric is 2, traffic share count is 1

And the same route for more specific hosts:

Sw2#sh ip route vrf DMZ 10.249.17.3

Routing entry for 10.249.17.0/29

Known via "ospf 501", distance 110, metric 2, type intra area

Last update from 10.249.207.70 on GigabitEthernet1/1.2024, 00:01:26 ago

Routing Descriptor Blocks:

* 10.249.207.70, from 10.249.17.1, 00:01:26 ago, via GigabitEthernet1/1.2024

Route metric is 2, traffic share count is 1

Sw2#sh ip route vrf DMZ 10.249.17.4

Routing entry for 10.249.17.0/29

Known via "ospf 501", distance 110, metric 2, type intra area

Last update from 10.249.207.70 on GigabitEthernet1/1.2024, 00:01:34 ago

Routing Descriptor Blocks:

* 10.249.207.70, from 10.249.17.1, 00:01:34 ago, via GigabitEthernet1/1.2024

Route metric is 2, traffic share count is 1

when i tracert to on host:

Sw2#traceroute vrf DMZ 10.249.17.4

Tracing the route to 10.249.17.4

1 10.249.207.70 0 msec 0 msec 4 msec

2 10.249.17.4 0 msec 0 msec 4 msec

all correct!!!!!

BUT when i tracert (or ping) to another host in the same subnet

traceroute vrf DMZ 10.249.17.3

Type escape sequence to abort.

Tracing the route to 10.249.17.3

1 * * *

2 * * *

switch don't reach next hop router!!!!!

There is not ACL on next-hop router.

I can't explain this behavior.

Do anyone see what the problem could be ?

Thank you for any help

3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Dmitriy,

to detect if there is a CEF multilaer switching issue on the C6500 you can:

add a static route in VRF for host 10.249.17.3

this should trigger a CEF recalculation and could be a temporary fix.

Another method could be that of adding an ACL outbound permitting everything but with the log option so that is not processed by normal CEF table.

We experienced similar problems but in global routing table for C6500 that receives full BGP tables from two border routers.

We performed also an IOS upgrade on the C6500.

Hope to help

Giuseppe

hello Giuseppe.

thank you for answer.

but, unfortunally, you advice was not helpful.

neither adding static route, nor ACL with log option.

Hello Dmitriy,

I would move the focus on the next-hop router using the same "tools".

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: