Solved: EIGRP and redistribution

mljevakovic · ‎09-06-2006

I have at central site Cisco 2811 with WIC-1T and NM-4B-S/T and at remote sites Cisco 1841 with WIC-1T and WIC-B-S/T-V3. I've implemented WAN network over Frame-Relay with ISDN backup. I use EIGRP as routing protocols. Now at the central site I have tow Internet connection to two different ISP. One is primary (over Ethernet-wireless) and second is as backup (ADSL-PPPoE). Also I've implemented RTR so if the primary links is down backup link should be active. Through EIGRP I want to redistribute Default Gateway to my remote offices so that they can use Internet. I've done it through redistribute static route. But It works only when is primary route active but when is backup link is active only central site have internet connection. I see in the routing table at remote site that EIGRP propagate default network but it doesn?t work.

Does anybody have some idea?

jackyoung · ‎09-07-2006

Mustafa, do you mean the remote router will able to find the default route via EIGRP when then primary Internet link down and backup Internet up ?

If yes, it is not related to the routing issue that I also find the rouing config. is ok. In order to isolate this problem, you can simply add a default route (stat route) to point to the hub site in remote router. Then you can find the problem is routing or other issue.

Moreover, can you confirm the backup Internet works at hub site ? If yes, I believe you miss the NAT inside command at the serial interface then the traffic from remote site is via serial and not the Ethernet, so even you enable NAT at FE0/0 but it only for the user from local LAN. You have to enable the NAT from remote too.

Hope this helps.

View solution in original post

vijayasankar · ‎09-06-2006

Hi,

Can you post the configuration of your central router( excluding the sensitive details lik e public ip etc..) ?

Are you doing any NAT'ing in the central office to use the ADSL link, if so have you added all the remote office network also for this NAT?

What other troubleshooting have you done when the primary link to internet has gone down?

Do you observe that traffic from the remote network reaches the central site( trace route output from remote office )?

-VJ

Richard Burts · ‎09-07-2006

Mustafa

Do I understand correctly from your original post that you have checked the routing table at the remote when the central router was using the backup path and the remote router did still have the default route pointing to the central router?

If so then the remote router should still be sending its Internet traffic to the central router. If that traffic is not working then either the central router is not sending it out over the backup path (which is very unlikely) or the Internet destinations are not able to send responses (which I think is the most likely explanation). I believe that VJ has a good suggestion that you may be translating addresses on the central router when you go out the backup path but not translating addresses from the remote. Can you post the config from the central router so we can verify how it is set up?

HTH

Rick

HTH

Rick

mljevakovic · ‎09-07-2006

here it is

JOHN VOLTER · ‎09-07-2006

can you copy and paste "show ip route 0.0.0.0" while the backup link is active.

also, please copy/paste whatever you have under "router eigrp x" (you can strip off all proprietary info)

jackyoung · ‎09-07-2006

Mustafa, do you mean the remote router will able to find the default route via EIGRP when then primary Internet link down and backup Internet up ?

If yes, it is not related to the routing issue that I also find the rouing config. is ok. In order to isolate this problem, you can simply add a default route (stat route) to point to the hub site in remote router. Then you can find the problem is routing or other issue.

Moreover, can you confirm the backup Internet works at hub site ? If yes, I believe you miss the NAT inside command at the serial interface then the traffic from remote site is via serial and not the Ethernet, so even you enable NAT at FE0/0 but it only for the user from local LAN. You have to enable the NAT from remote too.

Hope this helps.

mljevakovic · ‎09-07-2006

You're right.

jackyoung · ‎09-07-2006

Do you mean enable the NAT inside at serial and it works now ?

mljevakovic · ‎09-08-2006

I've enabled nat inside on every subinterface on serial interface. When I did only on serial interface it didn't work.

mljevakovic · ‎09-08-2006

Also I have a lot packets from the HQ Router to public IP address with explanation "routed via FIB". What does it mean?

jackyoung · ‎09-08-2006

Yes, I mean the serail sub-interfaces, because it actually assigned the IP address.

FIB = Forwarding Information Base

It was because there is a default route in HQ router that all traffic with destination address is not listed on the specific routes in routing table, then it will route to the next-hop of default route (i.e. public Internet IP). If you want to avoid this issue, you need to determine where is the destination of those traffic and try to filter the unwanted location. However, it spend quite lots of effort and the router seems not a device to carry those activity. So you may consider to block those traffic in the firewall.

Hope this helps.