Solved: EIGRP routing over new L3 connections - Page 2

jkuehl · ‎12-30-2013

we have our network separated into a northend and southend. each data center has two 4510R+E switches running VSS between them. we have both data center's connected with a port channel that connects to a 3750E switch. we would like to remove the port channel and connect both data center's using EIGRP. I have setup the ports as L3 with IP addresses, i have setup the EIGRP process with the network, I can ping the interface of the switch on my side of the network. when i try to ping the other side, the ping fails.

What I am needing to happen, is to be able to drop the port-channel and then load balance over the L3 connections.

Jon Marshall · ‎12-31-2013

Your arp tables are showing the same mac address for different IPs.

Do you have the same domain ID on both VSS pairs and if so are you using this command -

"mac-address use-virtual"

Jon

jkuehl · ‎12-31-2013

yes i am using this command

"mac-address use-virtual"

Jon Marshall · ‎12-31-2013

Okay, you have posted the output of "sh switch virtual" from one VSS pair. What about the other pair.

I simply need to know if you are using the same domain ID for both VSS pairs. I suspect you are because of the arp tables but i want to confirm before leading you off in the wrong direction.

So can you run that command on both pairs and see if the domain ID is the same.

Jon

jkuehl · ‎12-31-2013

#show swit virt

Executing the command on VSS member switch role = VSS Active, id = 1

Switch mode : Virtual Switch

Virtual switch domain number : 1

Local switch number : 1

Local switch operational role: Virtual Switch Active

Peer switch number : 2

Peer switch operational role : Virtual Switch Standby

Executing the command on VSS member switch role = VSS Standby, id = 2

Switch mode : Virtual Switch

Virtual switch domain number : 1

Local switch number : 2

Local switch operational role: Virtual Switch Standby

Peer switch number : 1

Peer switch operational role : Virtual Switch Active

Jon Marshall · ‎12-31-2013

If that is the other switch pair then that is your problem.

If you have "mac-address use-virtual" then the domain ID is used to generate the unique mac addresses per VSS pair.

Because you have the same domain ID on both VSS pairs they are generating the same mac addresses and that explains your arp table output.

There are a number of workarounds but i think changing the domain ID for one VSS pair would be the preferred solution because using the same domain ID affects other things such as port channels which you may want to use.

See this link for full details of possible solutions -

http://www.labminutes.com/blog/2012/12/cisco-6500-vss-domain-id-and-virtual-mac-address

Jon

jkuehl · ‎12-31-2013

then that explains why we have to use a 3750e switch to connect both VSS switch pairs to gain connectivity between our northend and southend over our current port-channel.

Jon Marshall · ‎12-31-2013

I think it explains it yes. If the port channels connecting the VSS pairs to the 3750 were L2 then i suspect it would work. The docs are not entirely clear but it looks like for L2 MECs the actual mac address of a member link is used so the 3750 would not see duplicate mac addresses on different ports.

If the port channels had been L3 though then they use a mac address from the shared pool and so the 3750 would have seen the same mac on different ports and i don't think it would have worked.

Jon

jkuehl · ‎12-31-2013

Could this be the other reason why EIGRP is having issues as well? with the Mac addresses being the same?

Jon Marshall · ‎12-31-2013

That is very probably is the reason. You do not have L3 connectivity working properly. I suspect once you change the domain ID (or whatever solution you choose) EIGRP will work properly.

Jon

Jon Marshall · ‎12-31-2013

Just to clarify.

On each VSS pair "sh ip eigrp neighbor" shows a Q cnt of 1. This means each side is waiting for an acknowledgement from the other. Acknowledgements are sent as unicast but because of the wrong arp tables i don't believe these acks are getting to the remote end.

Once you have L3 connectivity between the VSS pairs working properly then EIGRP should also start working.

Jon

jkuehl · ‎12-31-2013

the document was very helpful. We will probably just change the virutal domain ID and reboot the switches.

Jon Marshall · ‎01-01-2014

the document was very helpful. We will probably just change the virutal domain ID and reboot the switches.

That's probably the best solution as it will allow you to run L3 port channels as interconnects if you decide that is the way you want to go.

Jon

jkuehl · ‎02-19-2014

The documentation worked. i was able to change the switch domain and reload the VSS switches.