cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1277
Views
0
Helpful
8
Replies

bgp into eigrp redistribution

WILLIAM STEGMAN
Level 4
Level 4

I have my wan router set to redistribute its eBGP learned routes into eigrp, which is then communicated to my 4510, and my 4510 then communicates those routes to my ASA. This is done mostly for backup purposes, which allow longer mask and shorter mask routing rules to work. This worked fine prior to this weekend when we moved in the 4510 to replace an older core switch. EIGRP is working fine between the 4510 and wan router ( I can see local networks that the two host between them), but none of the reditributed bgp routes are being communicated. I have a metric assigned to the redistributed routes.

WAN ROUTER CONFIG

router eigrp 62

redistribute connected

redistribute static

redistribute bgp 65000 metric 1000000 10 255 1 1

passive-interface Serial2/0

network 172.21.0.0

network 172.16.0.0 0.15.255.255

network 192.168.64.0

default-metric 1000000 10 255 1 1

distribute-list 10 out

no auto-summary

Standard IP access list 10

10 deny 0.0.0.0 (12 matches)

20 deny 216.21.248.0 (8 matches)

30 deny 64.9.53.0 (6 matches)

40 permit any (1573 matches)

address-family ipv4

redistribute connected

neighbor 172.21.2.82 activate

no auto-summary

no synchronization

bgp dampening

network 10.0.0.0

network 10.3.0.0 mask 255.255.0.0

network 10.4.14.0 mask 255.255.255.0

network 10.10.0.0 mask 255.255.0.0

network 10.20.0.0 mask 255.255.0.0

network 10.21.4.0 mask 255.255.255.0

network 10.21.4.0 mask 255.255.255.224

network 10.21.5.0 mask 255.255.255.224

network 10.30.0.0 mask 255.255.0.0

network 10.40.0.0 mask 255.255.0.0

network 10.50.0.0 mask 255.255.0.0

network 10.60.0.0 mask 255.255.0.0

network 10.70.0.0 mask 255.255.0.0

network 10.75.0.0 mask 255.255.0.0

network 10.75.98.0 mask 255.255.255.0

network 10.75.99.0 mask 255.255.255.0

network 10.175.138.0 mask 255.255.255.0

network 172.18.0.0

network 172.21.0.0

network 172.21.1.0 mask 255.255.255.0

network 172.21.4.0 mask 255.255.255.0

network 172.21.5.0 mask 255.255.255.0

network 172.21.6.0 mask 255.255.255.0

network 172.21.7.0 mask 255.255.255.0

network 172.21.8.0 mask 255.255.255.0

network 172.21.9.0 mask 255.255.255.0

network 172.21.10.0 mask 255.255.255.0

network 172.21.11.0 mask 255.255.255.0

network 172.21.12.0 mask 255.255.255.0

network 172.21.13.0 mask 255.255.255.0

network 172.21.14.0 mask 255.255.255.0

network 172.21.15.0 mask 255.255.255.0

network 192.168.1.0

network 192.168.8.0

network 192.168.9.0

network 192.168.16.0

network 192.168.17.0

network 192.168.64.0

network 192.168.254.0

aggregate-address 172.21.0.0 255.255.240.0 summary-only

exit-address-family

4510 CONFIG

router eigrp 62

redistribute connected

redistribute static

no auto-summary

network 172.16.0.0 0.15.255.255

network 192.0.0.0 3.255.255.255

172.21.14.2 is the WAN router

HBG-DataCenter-4510R-E#sh ip eigrp neig

EIGRP-IPv4:(62) neighbors for process 62

H Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num

3 172.21.10.245 Vl110 11 02:37:07 4 200 0 1820

2 172.21.10.246 Vl110 14 02:37:07 5 200 0 1921

1 172.21.14.2 Gi9/47 12 02:38:06 23 200 0 60

0 192.168.255.2 Gi9/48 12 02:38:08 4 200 0 52

Here you can see the WAN router is learning about routes from the 4510 via EIGRP

hbgwan-t3#sh ip route eigrp

D EX 192.168.57.0/24 [170/3328] via 172.21.14.1, 02:39:14, GigabitEthernet0/0

172.21.0.0/16 is variably subnetted, 81 subnets, 6 masks

D 172.21.14.128/26

[90/3072] via 172.21.14.1, 02:39:15, GigabitEthernet0/0

thank you,

Bill

1 Accepted Solution

Accepted Solutions

Hello Bill, Giuseppe,

Please allow me to add a few observations.

Bill, your redistribution uses the MTU value of 1B. While I haven't seen a single instance where the EIGRP took the MTU value into account, I would use the standard value of 1500B just to be foolproof. So on your WAN router, the redistribution command should look as:

redistribute bgp 65000 metric 1000000 10 255 1 1500

The second thing to check is the output of the "show ip eigrp topology" on the WAN router to see if the BGP networks really made it into EIGRP. This is the first place to look into to see if the redistribution is really working. If the networks are not present in the WAN router's EIGRP topology database, they also cannot be advertised further.

The third thing to check is whether your EIGRP routers have unique EIGRP Router-ID. The EIGRP RID is chosen in the same way as OSPF RID (command, loopbacks, other interfaces). For redistributed routes, the EIGRP RID is used as a check whether the network has not been advertised back to the original advertised. You can check the EIGRP value in the "show ip eigrp topology" command in the output header. Refer to this article for more info:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800949ab.shtml

Best regards,

Peter

View solution in original post

8 Replies 8

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Bill,

if I've correctly understood your post, after introducing the new C4510 in the network the ASA device that is downstream the new switch doesn't see anymore the routes that the WAN router should redistribute into the EIGRP domain.

The show commands that you have provided show the following:

an EIGRP neighborship is built between the new switch and the wan router.

The wan router receives external routes originated on the new C4510.

First idea:

what is the ios image name that is running on the C4510?

the suspect is that the C4510 is acting as a stub EIGRP router this could happen with a base lan image.

This would explain why routes are not propagated.

post a sh ip protocols taken on C4510 and

sh ver | inc image

Hope to help

Giuseppe

Hi Giuseppe. Your understanding is correct, I would only add that eigrp between the new switch and ASA are also working and the ASA is able to see routes originating from the WAN router, so I'm not sure about the 4510 being a stub.

HBG-DataCenter-4510R-E#sh ip proto

*** IP Routing is NSF aware ***

Routing Protocol is "eigrp 62"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Default networks flagged in outgoing updates

Default networks accepted from incoming updates

Redistributing: connected, static, eigrp 62

Address Family Protocol EIGRP-IPv4:(62)

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP maximum hopcount 100

EIGRP maximum metric variance 1

EIGRP NSF-aware route hold timer is 240

EIGRP NSF disabled

NSF signal timer is 20s

NSF converge timer is 120s

Topologies : 0(base)

Automatic network summarization is not in effect

Maximum path: 4

Routing for Networks:

172.16.0.0/12

192.0.0.0/6

Routing Information Sources:

Gateway Distance Last Update

172.21.10.246 90 02:09:30

172.21.10.245 90 02:09:30

192.168.255.2 90 02:09:31

172.21.14.2 90 00:08:25

Distance: internal 90 external 170

ystem image file is "bootflash:cat4500e-entservicesk9-mz.122-53.SG.bin

Hello Bill,

>> Your understanding is correct, I would only add that eigrp between the new switch and ASA are also working and the ASA is able to see routes originating from the WAN router, so I'm not sure about the 4510 being a stub.

well but if the ASA is receiving the EIGRP external routes originated by WAN router via the new C4510 what is the problem?

You had written:

>> but none of the reditributed bgp routes are being communicated. I have a metric assigned to the redistributed routes.

It is now all working?

Hope to help

Giuseppe

sorry for the misunderstanding. the problem is that the wan router learned routes via BGP are not being communicated to the 4510 via EIGRP. So, neither the 4510 nor the ASA know how to get to remote WAN sites. The only issue I see is that the redistribution of eBGP routes into EIGRP is not working.

Hello Bill, Giuseppe,

Please allow me to add a few observations.

Bill, your redistribution uses the MTU value of 1B. While I haven't seen a single instance where the EIGRP took the MTU value into account, I would use the standard value of 1500B just to be foolproof. So on your WAN router, the redistribution command should look as:

redistribute bgp 65000 metric 1000000 10 255 1 1500

The second thing to check is the output of the "show ip eigrp topology" on the WAN router to see if the BGP networks really made it into EIGRP. This is the first place to look into to see if the redistribution is really working. If the networks are not present in the WAN router's EIGRP topology database, they also cannot be advertised further.

The third thing to check is whether your EIGRP routers have unique EIGRP Router-ID. The EIGRP RID is chosen in the same way as OSPF RID (command, loopbacks, other interfaces). For redistributed routes, the EIGRP RID is used as a check whether the network has not been advertised back to the original advertised. You can check the EIGRP value in the "show ip eigrp topology" command in the output header. Refer to this article for more info:

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800949ab.shtml

Best regards,

Peter

You nailed it Giuseppe, it was a dup RID. I only cleared the IP address on the old segment running from the WAN router to my ASA but hadn't reloaded the router so it would get a new RID, the next highest IP address. The conflict arose because that same segment, 192.168.255.1-2/252 used to be on the WAN router and got moved to 4510 this weekend.

thank you very much!

Hello Bill,

it was Peter to point out the right cause.

Thanks for having provided a feedback.

Best Regards

Giuseppe

thank you very much Peter

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: