Re: HOW-TO send RIP routing updates through an specific interfac

glenn.guzman · ‎01-29-2008

Hello

Is there a way to force my router to advertise rip updates through interface vlan 4 (ip address 192.168.4.3) instead of fa 0/1 (ip address 192.168.2.4) ?

I'm implementing the customer side of a MPLS VPN implementation. As you know basically all I need to do is advertise my subnet(s) through an IGP (in this case rip V2) with the PE router.

I have a cisco 1841 router that already has the 2 fa ports taken (1 by a WAN connection, the other one for my local LAN --> 192.168.2.0 /24) so I installed a 4 port switch module, create VLAN 4, assigned it an ip address (192.168.4.3) and place all 4 switch ports onto VLAN 4 using the switchmode access command.

Now, all I need to do is force RIP to send updates through my VLAN 4 (fa 0/0/0 to be more specific ) interface that directly connects to the PE router (192.168.4.1)instead of fa 0/1 that connects to my local swicth

Makes sense ??

Router # debug ip rip

*Jan 30 01:38:05.674: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/1 (192.168.2.4)

*Jan 30 01:38:05.674: RIP: build update entries - suppressing null update

How can i force the updated to be sent through VLAN 4 (192.168.4.3 )

Router# show ip route

Gateway of last resort is 201.196.33.25 to network 0.0.0.0

201.196.33.0/29 is subnetted, 1 subnets

C 201.196.33.24 is directly connected, FastEthernet0/0

192.168.4.0/29 is subnetted, 1 subnets

C 192.168.4.0 is directly connected, Vlan4

C 192.168.2.0/24 is directly connected, FastEthernet0/1

S* 0.0.0.0/0 [1/0] via 201.196.33.25

Thanks for any help

s.arunkumar · ‎01-29-2008

Hi

Make the interface fa0/0 passive,so that RIP updates are not send via that,use cmd

"passive-interface fa0/0" under RIP process..

Edit:: thank ro Rick,that was a typo..Use "passive-interface fa0/1"

arun

Richard Burts · ‎01-29-2008

Glenn

You have not given us enough detail about your environment and about how your router is configured to be able to understand your situation and to give really good responses.

You tell us that your 1841 router has a connection to a WAN and to a LAN. You tell us about a switch and about VLAN 4. But you do not tell us how the switch or VLAN 4 are connected to the 1841.

Given how much we do not know I will make one guess at a solution which might work for you. Configure RIPv2 and give it network statements for both 192.168.2.0 and for 192.168.4.0 and use the passive interface command to make the interface for 192.168.2..0 to be passive. This should mean that the router will send RIP packets on the interface to 192.168.4.0 and will not send updates on the interface for 192.168.2.0.

[edit] Arun

One clarification to your suggestion. FastEthernet0/0 is the interface connected to the WAN (according to the routing table in the original post) and assuming that there is not a network statement for 201.196.33.0 RIP will not run on that interface. The interface that should be passive is FastEthernet0/1.

HTH

Rick

HTH

Rick

s.arunkumar · ‎01-29-2008

Hi Rick

Thnks 4 pointing that..I intented that only..was a typo (or was careless ;) )

thanks

arun

Richard Burts · ‎01-29-2008

Arun

No Problem.

You had the right concept and just the implementation detail was flawed. It happens to all of us - and to me also. I try re-read my posts carefully to detect things like this, but sometimes they sneak through.

HTH

Rick

HTH

Rick

glenn.guzman · ‎01-30-2008

Hello my friend!

Thanks a lot for your response and extremely helpful information, worked pretty good!.

You're right about me not providing very specific info for such a "complex" scenario i presented... So here goes the running config part of the "debug ip rip" output and a .jpg file showing the topology of whats going on here.... also I'm including some ping and traceroute results for troubleshooting porpoises

I'm facing an issue and I still can connect both sides (HQ and branch) together....

When doing troubleshooting I noticed a couple of things...

1. Output of the "debug ip rip"

UACA#

*Jan 31 05:00:28.383: RIP: sending v2 update to 224.0.0.9 via Vlan4 (192.168.4.3)

*Jan 31 05:00:28.383: RIP: build update entries

*Jan 31 05:00:28.383: 192.168.2.0/24 via 0.0.0.0, metric 1, tag 0

*Jan 31 05:00:28.383: RIP: sending v2 update to 192.168.4.1 via Vlan4 (192.168.4.3)

*Jan 31 05:00:28.383: RIP: build update entries

*Jan 31 05:00:28.383: 192.168.2.0/24 via 0.0.0.0, metric 1, tag 0

UACA#

*Jan 31 05:00:39.459: RIP: received v2 update from 192.168.4.1 on Vlan4

*Jan 31 05:00:39.459: 192.168.2.0/24 via 0.0.0.0 in 16 hops (inaccessible)

*Jan 31 05:00:39.459: 192.168.3.0/30 via 0.0.0.0 in 1 hops

*Jan 31 05:00:39.459: 192.168.4.0/29 via 0.0.0.0 in 16 hops (inaccessible)

As you can see I'm exchanging routing info with neighbor 192.168.4.1 (out vlan 4 192.168.4.3)

But when I received routing info from my neighbor I noticed that both of my local subnets are 16 hops away (inaccessible)..., why is that ?

2. If I do a "traceroute" command to reach the CPE Router (192.168.4.9) at the branch office location this is what happens....

UACA#ping 192.168.4.9

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.4.9, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

UACA#traceroute 192.168.4.9

Type escape sequence to abort.

Tracing the route to 192.168.4.9

1 201.196.33.25 4 msec 4 msec 0 msec

2 201.196.32.13 4 msec 4 msec 4 msec

3 200.91.108.17 4 msec 4 msec 4 msec

4 200.9.48.213 8 msec 4 msec 4 msec

5 208.173.90.85 !N !N !N

UACA#

I'm going out the wrong interface, how can that be fixed ?

Routing table

****************************************************************************************************************************

UACA#show ip route

Codes:

Gateway of last resort is 201.196.X.25 to network 0.0.0.0

201.196.X.0/29 is subnetted, 1 subnets

C 201.196.X.24 is directly connected, FastEthernet0/0

192.168.4.0/29 is subnetted, 1 subnets

C 192.168.4.0 is directly connected, Vlan4

C 192.168.2.0/24 is directly connected, FastEthernet0/1

192.168.3.0/30 is subnetted, 1 subnets

R 192.168.3.0 [120/1] via 192.168.4.1, 00:00:12, Vlan4

S* 0.0.0.0/0 [1/0] via 201.196.X.25

RUNNING CONFIG

****************

UACA#show running-config

!

version 12.4

service password-encryption

!

hostname UACA

enable secret 5 XX

!

ip cef

!

no ip bootp server

no ip domain lookup

ip domain name uaca.ac.cr

ip ssh time-out 60

!

username Root password xxxx

interface FastEthernet0/0

description WAN Interface.

ip address 201.196.33.30 255.255.255.248

!

interface FastEthernet0/1

description Interfaz LAN.

ip address 192.168.2.4 255.255.255.0

!

interface FastEthernet0/0/0

switchport access vlan 4

!

interface FastEthernet0/0/1

!

interface FastEthernet0/0/2

!

interface FastEthernet0/0/3

!

interface Vlan4

ip address 192.168.4.3 255.255.255.248

!

router rip

version 2

passive-interface FastEthernet0/1

network 192.168.2.0

network 192.168.4.0

neighbor 192.168.4.1

!

ip route 0.0.0.0 0.0.0.0 201.196.33.25

!

line con 0

password 7 xx

logging synchronous

line aux 0

line vty 0 4

password 7 xx

logging synchronous

transport input ssh

line vty 5 15

password 7 xx

logging synchronous

transport input ssh

end

UACA#

****************

I hope you can get a more clear pic of my issue...

Thanks a lot for any additional help you can provide

Glenn

Richard Burts · ‎01-31-2008

Glenn

Thanks for posting the additional information. It was quite helpful. It took a while to get it straight in my mind but I think that I now understand your situation and can answer your questions.

1) output of debug rip shows exchange of route information with the neighbor at 192.168.4.1. As expected you are advertising network 192.168.2.0/24. It shows that the neighbor is advertising a default route and that the neighbor is poisoning 192.168.2.0/24 and 192.168.4.0/29. Advertising those networks as 16 hops or inaccessible is standard behavior for RIP and is part of its loop avoidance mechanism. The neighbor is saying that if you need to reach either of those networks/subnets you should not forward through that neighbor to get to them (seems pretty obvious does it not?).

One thing to note here is that even though network 192.168.4.8/29 is reached through that neighbor it is not advertising that subnet to you.

2) The traceroute results and the fact that 192.168.4.8/29 is unreachable can be explained by a couple aspects of what you have posted. Probably most important is that the subnet is reachable through the neighbor at 192.168.4.1 but that neighbor is not advertising it to you. So there is no entry in the routing table for that subnet.

Since there is no entry in the routing table for that subnet when you attempt to reach it you use the default route which points out interface FastEthernet0/0. But the subnet is not reachable through that interface.

How to fix it is an interesting question. The most effective fix would be to have the neighbor at 192.168.4.1 advertise that subnet to you. If there is some reason why it will not/can not advertise it then you could put a static route for the subnet into your routing table.

HTH

Rick

HTH

Rick

gleguzgo0166 · ‎01-31-2008

Hello friend!

Again, thanks for your valuable info and help..

clarified most of my doubts.

I followed the second suggestion you mentioned and I tried to insert a static route into the routing table to reach subnet 192.168.4.8 /29

UACA(config)# ip route 192.168.4.8 255.255.255.248 192.168.4.1

When I checked the running-config I saw the entry for the static route

ip route 0.0.0.0 0.0.0.0 201.196.33.25

ip route 192.168.4.8 255.255.255.248 192.168.4.1

BUT when I checked the routing table I couldn't find an entry that reflected the static route I just created. Why is that ?

UACA#show ip route

Codes:

Gateway of last resort is 201.196.33.25 to network 0.0.0.0

201.196.33.0/29 is subnetted, 1 subnets

C 201.196.33.24 is directly connected, FastEthernet0/0

192.168.4.0/29 is subnetted, 1 subnets

C 192.168.4.0 is directly connected, Vlan4

C 192.168.2.0/24 is directly connected, FastEthernet0/1

192.168.3.0/30 is subnetted, 1 subnets

R 192.168.3.0 [120/1] via 192.168.4.1, 00:00:26, Vlan4

S* 0.0.0.0/0 [1/0] via 201.196.33.25

Why neighbor 192.168.4.1 is not advertising subnet 192.168.4.8 back to me is a question that I have to ask my ISP right ??

I guess I need to verify with them if they have routing information regarding subnet 192.168.4.8 in CPE's (192.168.4.1) routing table right ?

Again, thx 4 your help

Glenn

Richard Burts · ‎01-31-2008

Glenn

It is a bit unusual that you can see the static route in the running config but that it is not in the routing table. My experience is that usually when a static route does not show up in the routing table is either that there is some syntax issue with the route or that the next hop is not reachable.

Since the next hop is in the routing table as the next hop for the learned route to 192.168.3.0 it should not be a problem with reachability of the next hop. So I am wondering what it might be about the static route. I wonder what would happen if you were to add no auto-summary under router rip.

HTH

Rick

HTH

Rick

gleguzgo0166 · ‎02-05-2008

Hello Rick,

Right after my last post the static route showed up in the routing table (little weird... but it was there all of a sudden...).

Again I should say, Thanks for your incredible output... has helped me A LOT!!!!!!!

I'm facing a new issue here, Can you Please take a look at this post and the attached files and tell me what you think...

Basically I can reach both subnets now (192.168.2.0 /24, 192.168.4.8 /29) but there is an unusual thing going on...

I can ping all internal resources on subnet 192.168.4.8/29 (branch office subnet) but I CAN'T on subnet 192.168.2.0 /24. (HQ subnet) !!

Please take a look at ping and traceroute results from both of my end-point routers...(HQ and BR )

HQ ROUTER

*********

UACA-HQ#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 201.196.33.30 YES NVRAM up up

FastEthernet0/1 192.168.2.4 YES NVRAM up up

FastEthernet0/0/0 unassigned YES unset up up

Vlan4 192.168.4.3 YES NVRAM up up

NVI0 unassigned NO unset up up

UACA-HQ#

UACA-HQ#ping 192.168.4.11

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.4.11, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/19/20 ms

UACA-HQ#traceroute 192.168.4.11

Type escape sequence to abort.

Tracing the route to 192.168.4.11

1 192.168.4.1 4 msec 0 msec 0 msec

2 192.168.3.1 12 msec 8 msec 12 msec

3 192.168.3.6 16 msec 16 msec 20 msec

4 192.168.4.11 16 msec 16 msec 16 msec

UACA-HQ#

********************

BRANCH OFFICE ROUTER

UACA-BR#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 unassigned YES NVRAM administratively down down

FastEthernet0/1 192.168.4.14 YES NVRAM up up

UACA-BR#

UACA-BR#ping 192.168.4.3

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.4.3, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

UACA-BR#traceroute 192.168.4.3

Type escape sequence to abort.

Tracing the route to 192.168.4.3

1 192.168.4.9 4 msec 0 msec 4 msec

2 192.168.3.5 4 msec 8 msec 4 msec

3 192.168.3.2 16 msec 16 msec 20 msec

4 192.168.4.3 16 msec * 16 msec

UACA-BR#

UACA-BR#ping 192.168.2.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.4, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/28 ms

UACA-BR#traceroute 192.168.2.4

Type escape sequence to abort.

Tracing the route to 192.168.2.4

1 192.168.4.9 0 msec 4 msec 0 msec

2 192.168.3.5 4 msec 8 msec 4 msec

3 192.168.3.2 16 msec 16 msec 16 msec

4 192.168.4.3 20 msec * 16 msec

UACA-BR#

UACA-BR#ping 192.168.2.18

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.18, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

UACA-BR#

UACA-BR#traceroute 192.168.2.18

Type escape sequence to abort.

Tracing the route to 192.168.2.18

1 192.168.4.9 4 msec 0 msec 4 msec

2 192.168.3.5 8 msec 4 msec 8 msec

3 192.168.3.2 16 msec 16 msec 16 msec

4 192.168.4.3 20 msec 16 msec 20 msec

5 * * *

6 * * *

UACA-BR#

Please as you read this take a look at the .jpg file for better understanding

Its like if HQ Router wouldn't know how to route packets destined for subnet 192.168.2.0 /24.

Any ideas ?

Glenn

HOW-TO send RIP routing updates through an specific interface