I was designing a three tier network with EIGRP and wanted to discuss a very small thing. This is also related to default route advertisement, though my scenario is a little different.. The network looks like:
Corporate WAN -- Dual core routers -- Dual Core switches -- Dual Distribution switches -- access switches...
Core routers have default route towards POP segment which connects to Firewalls/internet etc.. There are actually two or three POP segments in the whole of the WAN, and hence this default route isnt redistributed onto the WAN.. There are some 50 static routes which point to different segments in POP, which is ONLY redistributed into EIGRP, using distribute list..
Now, am designing Core/distribution switches in this network. My question is:
1) Since the core router is redistributing only 50 odd static routes into EIGRP, my Core switch will not get a default route advertisement in.. and so do my distribution/access switches. will summary address or interface based distribute list work well here, just to inject the default route towards the LAN, and not on the WAN ?
The admin here have plans to use dual static default routes internally on the Core/distribution switches, to avoid all these filtering issues, which doesnt seem a good idea to me ! I think we should really avoid static routes, if we run a full fledged dynamic routing protocol like EIGRP..
Two solutions now:
1) take default route via eigrp, but have different filters at different places
2) have static routes on the core/distribution switches pointing to next hops
am trying to avoid the second solution.. if so, what is the best way to go about the first solution ?
Any comments ?
Could you just clarify. You say
"There is a challenge doing the distribute list here.. Firstly I have a distribute list which disallows default route onto some 10 peers (p2p links) terminating on the core routers. There are 4 more p2p ethernet links connecting to distro switches.. Now, I need to define distro lists for these interfaces which allows 0.0.0.0 and all other networks ! "
If these P2P links terminate on the core routers not the core switches then you can simply add a very straightforward distribute-list to the core switches for the interfaces connecting to the core routers just denying 0.0.0.0 and permit all else.
Where i am a little confused is why you need to use distribute-lists at all on the distro switches. All we are trying to do is stop the default-route from getting up to the core routers. Unless i have misunderstood and you need to filter where the default-route goes from the core switches back into the LAN.
If you view the network you are designing in a very simple way, ie. core routers are WAN and core/distro/access-layer switches + anything hanging off them are LAN are we not just talking about propogating a default-route into the LAN without it affecting the WAN ?
If you need to filter within your LAN then yes building the distribute-lists is going to get complicated.
Could you clarify. Also, Giuseppe seems to be suggesting that the default-route with AD 5 will not get propogated to EIGRP neighbors (apologies if i misunderstood Giuseppe). Is there a reason you are not keen on 4 ?