Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
624
Views
0
Helpful
5
Replies

Problem with injecting static routes into EIGRP

tilconny1
Level 1
Level 1

‎03-19-2009 12:44 PM - edited ‎03-06-2019 04:42 AM

I'm trying to figure out a problem with regard to EIGRP and static routing and using a route-map policy to inject specific static routes into EIRGP. We have a corporate router and about 24 remote locations connected via frame and a small group connected via site-to-site VPN. At the corporate router I have static route statements for the locations that are connected via VPN (along with many other static routes). My goal is to have only the static routes that I want injected into EIGRP for the networks connected via VPN. With our current configuration not all the static routes are working at our remote locations that are part of EIGRP and it appears the first network (we are heavily subnetted) is the only one showing in EIGRP at the remote locations.

Here is the configuration (all other info removed) for the corporate router.

router eigrp 100

redistribute connected

redistribute static route-map default

ip route 10.15.212.64 255.255.255.192 10.15.192.50

ip route 10.15.212.64 255.255.255.192 10.15.193.50 250

ip route 10.15.212.128 255.255.255.192 10.14.199.10

ip route 10.15.212.192 255.255.255.192 10.14.199.10

ip route 10.15.215.0 255.255.255.192 10.14.199.10

ip route 10.15.215.64 255.255.255.192 10.14.199.10

ip route 10.15.215.128 255.255.255.192 10.14.199.10

ip route 10.15.215.192 255.255.255.192 10.14.199.10

access-list 1 permit 0.0.0.0

access-list 1 permit 10.15.205.0 0.0.0.255

access-list 1 permit 10.15.215.128 0.0.0.63

access-list 1 permit 10.15.215.0 0.0.0.63

access-list 1 permit 10.15.215.192 0.0.0.63

access-list 1 permit 10.15.212.192 0.0.0.63

route-map default permit 10

match ip address 1

Here are the routing results at a remote location:

remoterouter>sh ip route | include 10.15.215

D EX 10.15.215.192/26

D EX 10.15.215.128/26

D EX 10.15.215.0/26 [170/2195456] via 10.15.192.201, 2w5d, Serial0/1/0.294

remoterouter>sh ip route | include 10.15.212

D EX 10.15.212.192/26

D 10.15.212.0/26 [90/2693120] via 10.15.192.201, 3w2d, Serial0/1/0.294

I believe the 0.0.0.0 in the access list is allowing all static routes to be injected into EIGRP and if this is the case than on the remote router with the “sh ip route | include 10.15.212” command the IP network/route 10.15.212.64 255.255.255 does not display.

Thanks for any help.

Jeff

Labels:
0 Helpful
5 Replies 5

Harold Ritter
Cisco Employee
Cisco Employee

‎03-19-2009 01:05 PM

Jeff,

"access-list 1 permit 0.0.0.0" will specifically match the default route (0/0) and nothing else. "access-list 1 permit 0.0.0.0 255.255.255.255" or "access-list 1 permit any" would be used to match all routes.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Harold Ritter

‎03-19-2009 01:14 PM

Jeff

Perhaps there is something in your question that I am not understanding as you intended it. But your access list has only a single permit statement for anything in 10.15.212 and it is:

access-list 1 permit 10.15.212.192 0.0.0.63

So even though you may have a static route for 10.15.212.64 it will not be redistributed since there is no permit for it in the access list used by the route map.

If there is some aspect of this that you still do not understand then please clarify your question.

HTH

Rick

HTH

Rick
0 Helpful

Jerry Ye
Cisco Employee
Cisco Employee

‎03-19-2009 01:08 PM

Hi Jeff,

the comand access-list 1 permit 0.0.0.0 only match network 0.0.0.0 (default) and redistribute it into EIGRP. If you want to match all static route, you have to do

access-list 1 permit 0.0.0.0 255.255.255.255

HTH,

jerry

0 Helpful

tilconny1
Level 1
Level 1

‎03-19-2009 01:34 PM

Thank you for the fast response as your replies helped me understand what the first line of the access list is doing. Sorry if I didn't clarify the problem I'm having.

I see that my problem is I cannot ping the networks in access-list 1 from the remote router but I can ping devices on those networks from the remote router network. My problem was I was pinging devices on the access-list 1 networks from the remote router and not the remote network.

Thanks again,

Jeff

0 Helpful

Jerry Ye
Cisco Employee
Cisco Employee
In response to tilconny1

‎03-19-2009 01:50 PM

Hi Jeff,

Does the next hop router (10.14.199.10) has a return route to your remote router?

If you use traceroute will show you where the packet died.

HTH,

jerry

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card