cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1776
Views
15
Helpful
13
Replies

EIGRP failover route not working

patel.nishit
Level 1
Level 1

I have a problem with eigrp failover path. When the primary link goes down the failover routemap configuration should become active and work as backup but it doesn't. When we try to do a failover test it doesn't work, any idea.

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

service compress-config

!

hostname lon-wmi-kct-core1

!

boot-start-marker

boot-end-marker

!

!

redundancy

mode sso

enable secret 5....

enable password 7 ....

!

aaa new-model

aaa authentication login default group tacacs+ line

aaa authorization exec default group tacacs+ local if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

!

aaa session-id common

clock timezone GMT 0

clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 1:00

vtp domain test

vtp mode transparent

ip subnet-zero

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

power redundancy-mode redundant

!

!

!

vlan internal allocation policy ascending

!

vlan 6

name Root-DCs

!

vlan 7

name DTA

!

vlan 8

name kensington

!

vlan 10

name Verizon-PIP-Internet

!

vlan 11

name kensington-servers

!

vlan 12

name WME

!

...

...

...

..

interface Vlan1

no ip address

!

interface Vlan6

description VLAN for AD Root Domain Controllers

ip address 10.139.129.129 255.255.255.240

!

interface Vlan7

description Vlan for DTA London Environment

ip address 10.139.64.1 255.255.255.224

!

interface Vlan8

description Connection to WMUK

ip address 194.x.x.67 255.255.255.0

!

interface Vlan10

description Connection to Verizon PIP Network and Internet

ip address 10.135.254.33 255.255.255.248

!

interface Vlan11

description VLAN - Kensington-1

ip address 10.139.65.1 255.255.255.0

!

interface Vlan12

description WME Connection on KCT Ground Floor

ip address 10.139.66.1 255.255.255.224

ip policy route-map 100MB_PIP_CKT

!

router eigrp 22

redistribute static

network 10.135.254.32 0.0.0.15

network 10.139.55.0 0.0.0.255

network 10.139.118.0 0.0.1.255

network 10.139.129.128 0.0.0.15

network 10.0.0.0

network 193.185.212.0

network 194.60.216.0

no auto-summary

!

ip route 10.139.55.0 255.255.255.0 194.60.216.137

ip route 10.139.118.0 255.255.254.0 194.60.216.17

ip route 10.139.120.0 255.255.255.0 194.60.216.4

ip route 193.185.212.0 255.255.255.0 194.60.216.137

no ip http server

!

!

logging 194.60.216.200

access-list 199 permit ip 10.139.66.0 0.0.0.31 any

!

route-map 100MB_PIP_CKT permit 10

match ip address 199

set ip next-hop 10.135.254.36 10.135.254.37

!

snmp-server community ..... RO

snmp-server community .... RO

13 Replies 13

Marwan ALshawi
VIP Alumni
VIP Alumni

why u have for each network static and eigrp route and then u redistributed the static to eigrp???

secondly

try this way

route-map 100MB_PIP_CKT permit 10

match ip address 199

set ip next-hop 10.135.254.36

route-map 100MB_PIP_CKT permit 20

match ip address 199

set ip next-hop 10.135.254.37

good luck

if helpful Rate

We have two upstream routers 10.135.254.36 [100Mbps link] and 10.135.254.37 [34Mbps link].

For this traffic the 10.135.254.36 - this is the preferred route and only if 10.135.254.36 is not available should it ever use the 10.135.254.37 route.

Would it work with what you told me earlier by septrating.

try it

it is designed for this goal mostly

the sequence number represent which route map line will be taken first

so if sequence number line 10 didnt work because of the next hop down it will go to next sequece number her we have 20

good luck

will try this in the evening when the users are gone home.

Nishit

I believe that there is an aspect of what you are trying to do that you have not understood well. And that aspect will prevent the solution suggested by Marwan from working.

If we look at your logic in the route map:

set ip next-hop 10.135.254.36 10.135.254.37

we see that both addresses are in the same subnet and that subnet is on VLAN 10. If the device at 10.135.254.36 becomes unavailable and stops responding, then your router/switch will not know that. As long as the address is connected within an interface that is up/up the router/switch will assume that the address is reachable and will continue to use it. Separating it into 2 route map instances as suggested by Marwan will not change this behavior.

The solution is to use something like Object Tracking (perhaps using sla or rtr) to detect whether the particular address is responding.

HTH

Rick

HTH

Rick

Hello Rick,

excellent observation.

until an ARP entry is present for the next-hop without additiona config the switch cannot realize it is down.

inside the route-map the following command can be used to reference the tracked object:

set ip next-hop verify-availability

To configure policy routing to verify the reachability of the next hop of a route map before the router performs policy routing to that next hop, use the set ip next-hop verify-availability command in route-map configuration mode. To disable this function, use the no form of this command.

set ip next-hop verify-availability [next-hop-address sequence track object]

no set ip next-hop verify-availability [next-hop-address sequence track object]

see

http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_pi2.html#wp1012541

this is supported in Native IOS mode and in routers.

Hope to help

Giuseppe

Giuseppe

Thank you for filling in some gaps in my explanation. The verify-availability and the track object are the specific to which I was generally referring.

HTH

Rick

HTH

Rick

The switch does not recognise set ip next-hop verify-availability

Here's the version we are running:

Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I5S-M), Version 12.2(25)EWA5, RELEASE SOFTWARE (fc1)

Hello Patel,

unfortunately this switch is end of sale so I don't know if you can upgrade to a release that support a basic verify availability to solve your issue.

However I've noticed that you could see if to use the EIGRP variance to have a weighted load-balancing with more traffic going to the router with a 100 Mbps uplink and a quarter of traffic going to router with a 34 Mbps link this would require to extend EIGRP to the two routers and to see if it possible to get this.

Hope to help

Giuseppe

If only use the link as a failover, all the traffice go via primary connection, so if the primary link fails then the back should come up and pass the traffic via seconday link.

AT present the secondary link is failing to come up when the primary link fails.

Need to find the correct config solution.

Nishit

Giuseppe and I have given you the correct config solution for your issue. If the current switch software does not recognize it then you need to either find a version of software for that switch that will recogniaze it or you need to get a different switch.

There is a corect config solution but your current switch implementation does not support it.

HTH

Rick

HTH

Rick

The switch does not recognise set ip next-hop verify-availability

Here's the version we are running:

Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I5S-M), Version 12.2(25)EWA5, RELEASE SOFTWARE (fc1)

really impresive !!

5+ for both of you Giuseppe and Rick :)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco