05-18-2010 02:39 AM - edited 03-06-2019 11:08 AM
Good morning,
I receive eigrp routes from provider on an fwsm interface.
Some of these routes do not advertise to msfc on 6500.
example) i receive routes 10.100.0.0 , 10.22.0.0, 10.60.0.0 etc in fwsm
in msf I only receive 10.100.0.0 , 10.22.0.0 but nothing about 10.60.0.0...
no eigrp filter between fwsm and msf
any idea?
Regards
Fran
05-18-2010 02:53 AM
Hello Fran,
how are you using the FWSM? transparent mode or routed mode?
does the FWSM speak EIGRP in your setup?
Hope to help
Giuseppe
05-18-2010 03:40 AM
Routed mode,
Yes firewall speak eigrp in the two interfaces.
Most of 10.X.0.0 routes are received by 6500 but I have detected at least one that is not (10.60.0.0)...
Thank you for your help.
Fran
05-18-2010 05:05 AM
Hello Fran,
look at the EIGRP topology table for the missing IP prefix on the FWSM and on the MSFC.
for example a duplicated EIGRP router-id could prevent the MSFC from installing the route if it is an external EIGRP route.
you could even think of using specific EIGRP debug commands to see the update process on the MSFC.
Hope to help
Giuseppe
05-20-2010 02:04 AM
Hello I think the problem could be related with eigrp between 2 6500.
There are two links between them,
Checking the neighbors table i see nei 172.16.1.5 and 172.16.1.1 which
is the same 6500 configured with eigrp router-id 10.153.1.247
Is this normal? i think it should appear just one entry 10.153.1.247
instead 172.16.1.5 and 172.16.1.1...
sh ip eigrp neighbors
IP-EIGRP neighbors for process 10
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
3 10.163.1.249 Vl301 13 23:35:21 1 200 0 13100
2 172.16.1.5 Gi8/48 10 1d23h 1 200 0 132763
1 10.163.1.247 Vl301 11 1d23h 1 200 0 5464
0 172.16.1.1 Gi7/48 13 1d23h 1 200 0 132762
the nei topology in the other 6500:
sh ip eigrp neighbors
IP-EIGRP neighbors for process 10
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.153.1.249 Vl301 14 23:41:27 1 200 0 26049
3 172.16.1.6 Gi8/48 11 1d23h 1 200 0 109706
2 172.16.1.2 Gi7/48 13 1d23h 1 200 0 109707
4 172.16.3.241 Gi8/47 13 20w6d 1 200 0 75844
1 10.153.1.246 Vl301 12 20w6d 1 200 0 72748
2010/5/18 giuslar
FRAN PENA MARTINEZ,
>
A new message was posted in the Discussion thread "EIGRP updates error between fwsm and msf":
>
https://supportforums.cisco.com/message/3074714#3074714
>
Author : giuslar
Profile : https://supportforums.cisco.com/people/giuslar
>
Message:
05-20-2010 02:12 AM
Hello Fran,
>> Checking the neighbors table i see nei 172.16.1.5 and 172.16.1.1 which
is the same 6500 configured with eigrp router-id 10.153.1.247
Is this normal? i think it should appear just one entry 10.153.1.247
instead 172.16.1.5 and 172.16.1.1...
This is normal because EIGRP use of router-id is limited in comparison to OSPF, so you can see the same device as neighbor multiple times with the local IP addresses
this is not a problem, however the missing routes may be learned on another path
Hope to help
Giuseppe
05-20-2010 02:21 AM
Hi,
Could you please check the Eigrp topology & ip route on MSFC with using these commands. first of all lets verify whether the 10.60.0.0 is in the topology or not.
1 . sh ip route eigrp
2. sh ip eigrp 10 topology all-links
Regards
Hitesh Vinzoda
05-20-2010 04:58 AM
I receive routes in fwsm
example)
FWSMS1# sh route | i 10.20.0.0
D EX 10.20.0.0 255.255.0.0 via 10.153.3.254, 23:15:29, VPN-GS
FWSMS1# sh route | i 10.100.0.0
D EX 10.100.0.0 255.255.0.0 via 10.153.3.254, 23:16:41, VPN-GS
but in MSFC 10.100.0.0 received OK, but 10.20.0.0 not received , I had
to install a static route in fwsm for 10.0.0.0/8 to point providers
router
SWS1-246#sh ip eigrp 10 topology all-links | i 10.20.0.0
SWS1-246#sh ip eigrp 10 topology all-links | i 10.100.0.0
P 10.100.0.0/16, 1 successors, FD is 51712, tag is 3352, serno 84515
SWS1-246#sh ip route 10.20.0.0
Routing entry for 10.0.0.0/8
Known via "eigrp 10", distance 170, metric 3072, type external
Redistributing via eigrp 10
Last update from 10.153.1.249 on Vlan301, 04:16:18 ago
Routing Descriptor Blocks:
10.153.1.249, from 10.153.1.249, 04:16:18 ago, via Vlan301
Route metric is 3072, traffic share count is 1
Total delay is 20 microseconds, minimum bandwidth is 1000000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
SWS1-246#sh ip route 10.100.0.0
Routing entry for 10.100.0.0/16
Known via "eigrp 10", distance 170, metric 51712
Tag 3352, type external
Redistributing via eigrp 10
Last update from 10.153.1.249 on Vlan301, 23:17:06 ago
Routing Descriptor Blocks:
10.153.1.249, from 10.153.1.249, 23:17:06 ago, via Vlan301
Route metric is 51712, traffic share count is 1
Total delay is 1020 microseconds, minimum bandwidth is 100000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 2
Route tag 3352
2010/5/20 hitesh.vinzoda
FRAN PENA MARTINEZ,
>
A new message was posted in the Discussion thread "EIGRP updates error between fwsm and msf":
>
https://supportforums.cisco.com/message/3076277#3076277
>
Author : hitesh.vinzoda
Profile : https://supportforums.cisco.com/people/hitesh.vinzoda
>
Message:
09-24-2015 10:14 AM
Hi Franpena,
Did you find out the reason?
We have a similar issue. The "debug ip eigrp" on the FWSM shows that it do advertise all the routes. The "debug ip eigrp" on the neighbor shows it receives the majority of the routes. But some are missing, as a result, some of the route are not shown in the 'show ip eigrip topo' for 'show ip eigrip topo all-links'.
I am still troubleshooting this issue. I know this thread is very old. But if you did resolve the issue, could you share the resolution with myself?
Thanks.
Frank
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide