Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

eigrp static route redistribution

topology

Div1 (DW1, DW2), Div2 (DW3, DW4), Div3 (DW5, DW6)

I configured EIGRP as the routing protocol between core and distribution switches. there are static routes configured in core switches. I redistributed static routes in EIGRP. 

In each distribution switch, I configured vlans and HSRP. 

When I show ip route in DW1, it does not show static routes redistributed from core-1. And in DW2, it does not show static routes redistributed from core-2. 

below is output from DW1:

show ip route 

Gateway of last resort is 10.111.207.85 to network 0.0.0.0

D*EX  0.0.0.0/0 [170/3072] via 10.111.207.85, 6w2d, GigabitEthernet1/1/2
      10.0.0.0/8 is variably subnetted, 36 subnets, 7 masks
D EX     10.0.0.0/8 [170/28416] via 10.111.207.85, 6w2d, GigabitEthernet1/1/2
C        10.111.200.0/24 is directly connected, Vlan200
L        10.111.200.2/32 is directly connected, Vlan200
C        10.111.201.0/24 is directly connected, Vlan210
L        10.111.201.2/32 is directly connected, Vlan210
D        10.111.202.0/24
           [90/3328] via 10.111.207.85, 6w2d, GigabitEthernet1/1/2
           [90/3328] via 10.111.207.81, 6w2d, GigabitEthernet1/1/1
D        10.111.203.0/24
           [90/3328] via 10.111.207.85, 6w2d, GigabitEthernet1/1/2
           [90/3328] via 10.111.207.81, 6w2d, GigabitEthernet1/1/1

.............................

sh ip eigrp topology 10.0.0.0/8
EIGRP-IPv4 Topology Entry for AS(100)/ID(192.168.50.2) for 10.0.0.0/8
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 28416
  Descriptor Blocks:
  10.111.207.85 (GigabitEthernet1/1/2), from 10.111.207.85, Send flag is 0x0
      Composite metric is (28416/28160), route is External
      Vector metric:
        Minimum bandwidth is 100000 Kbit
        Total delay is 110 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 1
      External data:
        Originating router is 192.168.50.3
        AS number of route is 0
        External protocol is Static, external metric is 0
        Administrator tag is 0 (0x00000000)

 

My question is why static routes redistributed from core switches are not all appeared in DW1 or DW2? In other distribution switches, all static routes are advertised, but Originating router either 192.168.50.2 or 192.168.50.3 which are the vlan interface ip address of DW1 and DW2. 

Please help me. 

 

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Can you passive-interface

Can you passive-interface vlan 50 and vlan 1203 on DS1 and DS2? I will typically set passive interface as the default and only do no passive on the interfaces where I want EIGRP neighbor relationships to form. You don't need neighbors on every vlan interface.

Have you done any debugs? I think DS1 and DS2 might be sending summary routes for 10.0.0.0/8 to each other through these vlan interfaces. These summary routes will then be advertised to the upstream core switches. If you remove the vlan neighbor relationships, they won't summarize anything to each other since there's no network boundary to cross.

 

24 REPLIES
New Member

below is partial


vlan 270

interface GigabitEthernet3/13
 no switchport
 ip address 10.111.207.81 255.255.255.252
 auto qos voip trust 
 service-policy input AutoQos-VoIP-Input-Dscp-Policy
 service-policy output AutoQos-VoIP-Output-Policy
!

interface GigabitEthernet3/15
 no switchport
 ip address 10.111.207.89 255.255.255.252
 auto qos voip trust 
 service-policy input AutoQos-VoIP-Input-Dscp-Policy
 service-policy output AutoQos-VoIP-Output-Policy

interface GigabitEthernet3/25
 no switchport
 ip address 10.111.207.97 255.255.255.252

!
interface GigabitEthernet3/27
 no switchport
 ip address 10.111.207.105 255.255.255.252
!

interface GigabitEthernet3/47
 switchport trunk allowed vlan 270
 switchport mode trunk
 channel-group 1 mode desirable
!
interface GigabitEthernet3/48
 switchport trunk allowed vlan 270
 switchport mode trunk
 channel-group 1 mode desirable

!
interface GigabitEthernet5/45
 no switchport
 ip address 10.111.207.41 255.255.255.252
 speed 100
 duplex full

!
interface Vlan1
 no ip address
!
interface Vlan270
 ip address 10.111.207.2 255.255.255.240
 standby ip 10.111.207.1
 standby priority 105
 standby preempt

router eigrp 100
 network 10.111.207.0 0.0.0.15
 network 10.111.207.16 0.0.0.3
 network 10.111.207.20 0.0.0.3
 network 10.111.207.64 0.0.0.31
 network 10.111.207.96 0.0.0.15
 no auto-summary
 redistribute static
!
ip route 0.0.0.0 0.0.0.0 10.111.207.4
ip route 10.0.0.0 255.0.0.0 10.111.207.42
ip route 10.0.0.0 255.0.0.0 10.111.207.3 10

New Member

So D3 and D4 are correctly

So D3 and D4 are correctly getting the static routes?

New Member

Yes, they get two static

Yes, they get two static routes as expected, but originating routers are DW1 and DW2 instead of core-1 and core-2. 

Hall of Fame Super Blue

What switch is the config

What switch is the config above from ?

If it is one of the core switches then from DW1s IP routing table it is getting those routes.

Note that with the statics in the config above you have the same route twice but one has a higher AD so this would not be installed in the routing table and so would not be redistributed.

So if the config is from a core switch then DW1s routing table looks correct to me.

Perhaps you could clarify exactly what the issue is you are seeing.

Jon

New Member

yes, it is core-1 switch

yes, it is core-1 switch config. 

I expected two equal distance static routes in DW1 and DW2, but they only has one static routes and the originating routers are each other. But for DW3-6, they have equal distance static routes, and originating routers are DW1 and DW2 instead of core-1 and core-2. 

Hall of Fame Super Blue

It's really not clear what

It's really not clear what you mean.

When you say you expect equal distance static routes do you mean each core switch is redistributing those static routes into EIGRP ?

If so are the links the same speed from DW1 and DW2 to both core switches ?

Are you doing any redistribution of statics on any of the DW switches ?

Jon

New Member

Yes, each core switch is

Yes, each core switch is redistributing their static routes to EIGRP. 

the link speeds are the same. 

there are no static routes configured in DW switches nor redistribute static routes. 

following is partial config for DW1. 

DW1(other DW switch configs are about the same.)

vlan 50
!
vlan 200
!
vlan 210
!

!
!
interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 50,200,210,260,1203
 switchport mode trunk
!

interface GigabitEthernet1/1/1
 no switchport
 ip address 10.111.207.82 255.255.255.252
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out 
 mls qos trust device cisco-phone
 mls qos trust dscp
 auto qos voip cisco-phone 
 service-policy input AutoQoS-Police-CiscoPhone
!
interface GigabitEthernet1/1/2
 no switchport
 ip address 10.111.207.86 255.255.255.252
 srr-queue bandwidth share 10 10 60 20
 queue-set 2
 priority-queue out 
 mls qos trust device cisco-phone
 mls qos trust dscp
 auto qos voip cisco-phone 
 service-policy input AutoQoS-Police-CiscoPhone
!
interface GigabitEthernet1/1/3
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 50,200,210,260,1203
 switchport mode trunk
 channel-group 1 mode desirable
!
interface GigabitEthernet1/1/4
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 50,200,210,260,1203
 switchport mode trunk
 channel-group 1 mode desirable

interface Vlan50
 description OA_GUEST
 ip address 192.168.50.2 255.255.255.0
 ip helper-address 10.111.205.143
 standby 50 ip 192.168.50.1
 standby 50 priority 105
 standby 50 preempt
!
interface Vlan200
 description OA_DATA
 ip address 10.111.200.2 255.255.255.0
 ip helper-address 10.111.205.143
 standby 200 ip 10.111.200.1
 standby 200 priority 105
 standby 200 preempt
!
interface Vlan210
 description OA_VOICE
 ip address 10.111.201.2 255.255.255.0
 ip helper-address 10.111.205.143
 standby 201 ip 10.111.201.1
 standby 201 priority 105
 standby 201 preempt

!
router eigrp 100
 network 10.111.200.0 0.0.0.255
 network 10.111.201.0 0.0.0.255
 network 10.111.207.80 0.0.0.3
 network 10.111.207.84 0.0.0.3
 network 192.168.50.0
 eigrp stub connected summary

 

core1(core2's config is identical)

vlan 270

interface GigabitEthernet3/13
 no switchport
 ip address 10.111.207.81 255.255.255.252
 auto qos voip trust 
 service-policy input AutoQos-VoIP-Input-Dscp-Policy
 service-policy output AutoQos-VoIP-Output-Policy
!

interface GigabitEthernet3/15
 no switchport
 ip address 10.111.207.89 255.255.255.252
 auto qos voip trust 
 service-policy input AutoQos-VoIP-Input-Dscp-Policy
 service-policy output AutoQos-VoIP-Output-Policy

interface GigabitEthernet3/25
 no switchport
 ip address 10.111.207.97 255.255.255.252

!
interface GigabitEthernet3/27
 no switchport
 ip address 10.111.207.105 255.255.255.252
!

interface GigabitEthernet3/47
 switchport trunk allowed vlan 270
 switchport mode trunk
 channel-group 1 mode desirable
!
interface GigabitEthernet3/48
 switchport trunk allowed vlan 270
 switchport mode trunk
 channel-group 1 mode desirable

!
interface GigabitEthernet5/45
 no switchport
 ip address 10.111.207.41 255.255.255.252
 speed 100
 duplex full

!
interface Vlan1
 no ip address
!
interface Vlan270
 ip address 10.111.207.2 255.255.255.240
 standby ip 10.111.207.1
 standby priority 105
 standby preempt

router eigrp 100
 network 10.111.207.0 0.0.0.15
 network 10.111.207.16 0.0.0.3
 network 10.111.207.20 0.0.0.3
 network 10.111.207.64 0.0.0.31
 network 10.111.207.96 0.0.0.15
 no auto-summary
 redistribute static
!
ip route 0.0.0.0 0.0.0.0 10.111.207.4
ip route 10.0.0.0 255.0.0.0 10.111.207.42
ip route 10.0.0.0 255.0.0.0 10.111.207.3 10

Hall of Fame Super Blue

ip route 0.0.0.0 0.0.0.0 10

ip route 0.0.0.0 0.0.0.0 10.111.207.4
ip route 10.0.0.0 255.0.0.0 10.111.207.42

what are these next hops ie. which switches or other L3 devices.

I think we can only get to the bottom of this if we know all the IPs.

Jon

New Member

Thanks Jon for your prompt

Thanks Jon for your prompt replies. 

ip route 0.0.0.0 0.0.0.0 10.111.207.4 - this is Cisco ASA connected to ISP
ip route 10.0.0.0 255.0.0.0 10.111.207.42 - this is Cisco router for MPLS.
ip route 10.0.0.0 255.0.0.0 10.111.207.3 10 - this is core-2 switch. 

 

Hall of Fame Super Blue

How are the ASA and core MPLS

How are the ASA and core MPLS router connected to the core switches. Are they dual honed to both core switches ?

Can you from each DS switch post a -

"sh ip eigrp topology <network/mask> all-links"

for both the routes.

You can post the outputs into a file and attach it to the post to keep the thread manageable but don't worry if not, just post into the thread.

Also you say DSW3/4 are showing all routes but with DSW1/2 as the originating routers.

What happens if you do a traceroute to the core MPLS router from DSW3. Does it go to one of the core switches and then to the MPLS router ?

Finally i am assuming the schematic you provided is complete ie. there are no other connections between the DSW switches other than to the core switches ?

Jon

 

New Member

We have two ASAs, one ASA

We have two ASAs, one ASA(Active) is connected to core-1 and the other ASA(standby) is connected to core-2.

We have one MPLS router. one of the interfaces is connected to core-1, and another interface is connected to core-2. 

I have attached the output of "sh ip eigrp topology all-links" and sh ip eigrp topology 0.0.0.0/0 and 10.0.0.0/8". 

If I traceroute to the MPLS router, below is the output. it goes to core switches. 10.111.207.65 and 69 is core switch interface IPs.

traceroute 10.111.207.42

Type escape sequence to abort.
Tracing the route to 10.111.207.42

  1 10.111.207.65 0 msec
    10.111.207.69 0 msec
    10.111.207.65 8 msec
  2  *  *  *
  3  *  *  *
  4  *  *  *
  5  *
CCR-3750X-1#ping 10.111.207.42

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.111.207.42, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

There are no connections between DSW groups, but connections within the groups. ie. DSW1 <-> DSW2, DSW3 <->DSW4, DSW5 <-> DSW6

 

Paul

Hall of Fame Super Blue

PaulThanks for the additional

Paul

Thanks for the additional information.

However i cannot read your attachements. I have downloaded a unzip utility and it still won't read them.

Not sure how to open them but could you not save them simply as text files and then zip that up ?

Edit - okay i just needed to add a suffix to the files. I can read them now.

Jon

Hall of Fame Super Blue

PaulJust in case you didn't

Paul

Just in case you didn't see the edit i can read the files now.

Jon

Hall of Fame Super Blue

DSW1/2 are only seeing the

DSW1/2 are only seeing the one route even in the full topology table.

So if you do a "sh ip eigrp neigh" on those switches do you see a neighborship with each core switch ?

Compare the same with DSW3/4.

Jon

New Member

Yes, I can see both core

Yes, I can see both core switches. 

DSW1
sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(100)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
6   192.168.50.3            Vl50              10 4d18h      27   200  0  937
4   192.168.203.3           Vl1203            13 4d18h      27   200  0  938
3   10.111.206.3            Vl260             14 4d18h      37   222  0  936
1   10.111.201.3            Vl210             14 4d18h      33   200  0  939
0   10.111.200.3            Vl200             14 4d18h      29   200  0  940
5   10.111.207.81           Gi1/1/1           10 6w6d      577  3462  0  1234
2   10.111.207.85           Gi1/1/2           14 6w6d      302  1812  0  1136

DSW3
sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(100)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
1   10.111.203.3            Vl230             14 14w2d       5   200  0  490
3   10.111.206.131          Vl261             13 15w6d       5   200  0  492
2   10.111.202.3            Vl220             11 15w6d      25   200  0  489
0   10.111.204.3            Vl240             14 15w6d       4   200  0  491
5   10.111.207.65           Gi1/1/1           13 16w5d      12   200  0  1232
4   10.111.207.69           Gi1/1/2           12 16w5d       1   200  0  1134

 

Paul

Hall of Fame Super Blue

PaulWhat else are the DS2

Paul

What else are the DS2 switches peering with ?

Just to clarify, you have configured the static routes on each core switch and are redistributing into static on both switches ?

Is you EIGRP configuration the same on both switches ?

Jon

New Member

DSW2 peering is also about

DSW2 peering is also about the same as DSW1 as below. 

sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(100)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   10.111.207.89           Gi1/1/1           13 5d14h      21   200  0  1236
6   192.168.50.2            Vl50              14 5d14h      17   200  0  1156
5   192.168.203.2           Vl1203            10 5d14h      17   200  0  1157
4   10.111.206.2            Vl260             11 5d14h      24   200  0  1155
3   10.111.207.93           Gi1/1/2           10 5d14h      13   200  0  1138
2   10.111.201.2            Vl210             14 5d14h      19   200  0  1158
1   10.111.200.2            Vl200             13 5d14h      18   200  0  1159

The EIGRP configuration is he same on both DSW1 and 2. 

attached is full configuration for all core and distribution switches. You can read them in any text editor. 

Thank you

Paul

New Member

What's the reason for

What's the reason for multiple EIGRP AS?

New Member

for the EIGRP AS 200, it is

for the EIGRP AS 200, it is for another router for the voice gateway. 

New Member

You typically shouldn't have

You typically shouldn't have the same interface in 2 different AS. It can cause issues in the topology table. Several of your network statements overlap between the 2 AS numbers.

New Member

Can you passive-interface

Can you passive-interface vlan 50 and vlan 1203 on DS1 and DS2? I will typically set passive interface as the default and only do no passive on the interfaces where I want EIGRP neighbor relationships to form. You don't need neighbors on every vlan interface.

Have you done any debugs? I think DS1 and DS2 might be sending summary routes for 10.0.0.0/8 to each other through these vlan interfaces. These summary routes will then be advertised to the upstream core switches. If you remove the vlan neighbor relationships, they won't summarize anything to each other since there's no network boundary to cross.

 

New Member

I will try it later since it

I will try it later since it is a production network. 

New Member

I made all vlan int to

I made all vlan int to passive-interface. and it worked. thank you for your help. 

New Member

When you say the DS configs

When you say the DS configs are mostly the same, does that mean that all DS pairs are EIGRP stub?

 

671
Views
0
Helpful
24
Replies