cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5375
Views
5
Helpful
11
Replies

Redistritube default route in EIGRP between ASA v8.0 and Cat6500

benny
Level 1
Level 1

Hi,

We have an ASA running eigrp in the inside interface, and there are a few other layer 3 switches (6500, 3750G) in the same subnet as the inside interface of the ASA, all running EIGRP, with authentication. On the ASA, there is a default route pointing to the ISP router, and I have redistribute this default route into EIGRP by using 'redistribute static route-map' under the eigrp process.

The problem is the ASA can learn all routes from the 6500 and 3750G, the 3750G can learn all routes from ASA and 6500 including the default route from the ASA, the 6500 can learn all routes from ASA and 3750G, but not the default route from the ASA.

Any idea?

Thanks!

Ben

1 Accepted Solution

Accepted Solutions

Hi Benny,

That is a wonderful observation! I am not sure I would have spotted it. Good work! Certainly, individual EIGRP routers in an EIGRP domain should have unique Router IDs so let's start by making sure that they indeed have it unique.

The EIGRP Router ID is selected precisely in the same way as in OSPF - first the highest IP among loopbacks, and if no loopbacks are present, the highest IP among active interfaces. It can also be set manually in the EIGRP configuration using the command eigrp router-id A.B.C.D.

To answer your questions:

1.) Rebooting will make EIGRP reinitialize its Router ID. Therefore it will help if the loopback IP addresses are unique among your routers.

2.) Yes, you can. The EIGRP will again reinitialize its Router ID when configured anew.

3.) I have described it a few lines before - first the command "eigrp router-id" is used. If that is not present, then the highest IP among loopbacks, and if they are not present or active, the highest IP among active interfaces.

4.) Yes, I think that the redistribution is fine.

The easiest way now is probably to just use the command "eigrp router-id" to force the ID to a unique value and then see what happens.

Best regards,

Peter

View solution in original post

11 Replies 11

Edison Ortiz
Hall of Fame
Hall of Fame

During the redistribution on the ASA, are you also including the EIGRP metrics ? either via:

1) within the route-map

2) on the redistribution command

3) or default-metric under EIGRP process

Without including the metric information you may get odd results and more often than not, it will not redistribute static into EIGRP.

It's odd that all routes are seen with the exception of the default.

Can you provide the 'show ip eigrp topology' from the 3750G and 6500?

__

Edison.

Edison,

Thanks very much for your reply.

NO, I didn't put in any metric, or default-metric, as I think there is a default for it and if I didn't specify it, it will just use any default metric in the IOS, is that not the case?

In that case, what metric do you suggest me to use? I am using the Gigabit interface on the ASA as the inside interface.

I will first try your suggestion, and if still not working, i will provide with the output of the command, as I need to modify the IP before I post it publicly.

Thanks a lot.

Ben

It's arbitrary, you can use metric 1 1 1 1 1 on the redistribution command, for instance:

router eigrp x

redistribute static metric 1 1 1 1 1 route-map xyz

Just tried it. Same result. The 6500 still can't learn the redistribute default route.

Just to note, we have two 6500 running HSRP on the same subnet as the ASA inside interface. The standby 6500 can learn the default route from the ASA through EIGRP, but the active 6500 can't. But the active 6500 can learn all other routes from the ASA (the DMZ, which is directly connected on another interface of the ASA).

I will do the show command later and post here.

In the meantime, anymore suggestion?

Thanks very much.

Ben

Check for any distribute-list under the EIGRP process on both boxes.

Please post a snippet from each EIGRP process config in all routing devices.

Hello Benny,

A couple of suggestions.

1.) Check the EIGRP topology table on the ASA (try "show eigrp topology" or similar). Do you see the default route there? If not, there is a problem with the redistribution. Obviously, you can't distribute a default route if it is not in your EIGRP topology table.

2.) If the default route is there, can you also check if it is present in the EIGRP topology table on your 6500?

3.) If not, it would be helpful to see if it is advertised from the ASA. Unfortunately I don't know any debug command that displays the contents of the EIGRP Update packet so a packet sniffer may be the only viable option.

Best regards,

Peter

Peter,

Thanks a lot for your reply, while i was checking the eigrp topology table on the devices, i did find a possible cause of the problem, please kindly take a look at the message i just post.

Thanks!

Ben

Thanks a lot. While I was checking the topology table among the firewall and the 6500 switches, i found something that may contribute to this issue.

When I am looking at the eigrp topology table of each device, i found out that the 6500-1 switch and the ASA has the same IP address as the ID in the eigrp topology table. I think maybe the ASA IP was used on the 6500-1 switch before, but then the IP on the 6500-1 switch has been changed to something else, and the old IP is now being used on the ASA.

From Cisco website, it says:

The router ID is used to identify the originating router for external routes. If an external route is received with the local router ID, the route is discarded.

That's why the 6500-1 drop the redistribute default route.

I configure a static eigrp router-id on the 6500-1, now it is seeing the default route from ASA. Thanks Everyone for your help!!!

But I just have one more questions:

Below is the config on the ASA to redistribute the default route, is this the correct way to do this:

access-list redistribute-default standard permit host 0.0.0.0

route-map redistribute-default permit 10

match ip address redistribute-default

router eigrp 100

no auto-summary

network 10.1.0.0 255.255.0.0

redistribute static metric 1 1 1 1 1 route-map redistribute-default

Hi Benny,

That is a wonderful observation! I am not sure I would have spotted it. Good work! Certainly, individual EIGRP routers in an EIGRP domain should have unique Router IDs so let's start by making sure that they indeed have it unique.

The EIGRP Router ID is selected precisely in the same way as in OSPF - first the highest IP among loopbacks, and if no loopbacks are present, the highest IP among active interfaces. It can also be set manually in the EIGRP configuration using the command eigrp router-id A.B.C.D.

To answer your questions:

1.) Rebooting will make EIGRP reinitialize its Router ID. Therefore it will help if the loopback IP addresses are unique among your routers.

2.) Yes, you can. The EIGRP will again reinitialize its Router ID when configured anew.

3.) I have described it a few lines before - first the command "eigrp router-id" is used. If that is not present, then the highest IP among loopbacks, and if they are not present or active, the highest IP among active interfaces.

4.) Yes, I think that the redistribution is fine.

The easiest way now is probably to just use the command "eigrp router-id" to force the ID to a unique value and then see what happens.

Best regards,

Peter

Hi Benny,

One more suggestion, though. You had posted here some outputs from your devices and you seem to have removed them afterwards. From what I saw when they were still posted here, the redistributed default route had quite a high metric. A possible problem in EIGRP networks is when some of the parameters that make up the EIGRP metric goes up to its limit. For EIGRP, that is an indication of an unreachable network and under circumstances, it could also cause a network to be "lost" among routers. Therefore I suggest that you set up some metric when redistributing that default route. Those values do not need to reflect the reality, they just should make the metric of the default route sufficiently low. For example, use these metrics:

BW = 100000 (100 Mbit)

Delay = 1

Reliability = 255

Load = 1

MTU = 1500

They can be used in the "redistribute" command like:

redistribute static route-map XXX metric 100000 1 255 1 1500

Best regards,

Peter

Peter,

Thanks very much again!

I have change the metric value as you suggest and the external route learned by other layer3 switches are now with metric much lower now.

Thanks again for your help!

Ben

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco