Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
231
Views
0
Helpful
6
Replies

Problems with asymetric routing

David Babiano Rodriguez
Level 1
Level 1

‎07-23-2014 08:45 AM - edited ‎03-04-2019 11:25 PM

Hi to all,

I have a switch catalyst C3560 who have configured two static routes:

ip address 10.0.0.0 255.0.0.0 172.10.10.10

ip address 10.100.0.0 255.255.255.0 172.20.20.20

When I try to connect to the IP 10.100.0.221, the switch matches with the first route and it becomes in a asymetric routing because the packet is going back through a incorrect peer.... There is some option to fix it??? Maybe configuring a track in the route??? Somebody can leave me an example??

Thanks to all!!!!

David

 

Labels:
0 Helpful
6 Replies 6

Peter Paluch
Cisco Employee
Cisco Employee

‎07-23-2014 10:17 AM

David,

If you want specifically the traffic to 10.100.0.221 to go over 172.10.10.10 and not over 172.20.20.20 as it does right now then I suggest that you add a third default route saying

ip route 10.100.0.221 255.255.255.255 172.10.10.10

Otherwise, there is absolutely nothing you can do on the local 3560 to influence how the responses are routed back. Remember, a route to a specific destination is totally independent from the route back.

Best regards,
Peter

 

0 Helpful

David Babiano Rodriguez
Level 1
Level 1
In response to Peter Paluch

‎07-24-2014 01:31 AM

Thanks Peter,

I´m trying to configure one new route to reach the host, but it doesn't work properly, I don't know why.... I configure the weight too, but there isn't good luck...

I will check all the configurations to try to send the traffic by the other way.

Thanks one more time!!

David

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to David Babiano Rodriguez

‎07-24-2014 03:30 AM

Hi David,

To be absolutely sure how and why the packets get to the remote host and how they get back, you first need to be very sure about the source and destination IP address of these packets, and then do a traceroute from the source IP toward the remote host to see what routers does the packet traverse in the direction from you to the remote host, and then you should use the remote host and tell it to traceroute the path back to you. After you have the list of routers through which the packet flow in the forward and return direction, you need to inspect the last router that is correct and after which the packets take a different path that you would expect.

Best regards,
Peter

 

0 Helpful

David Babiano Rodriguez
Level 1
Level 1
In response to Peter Paluch

‎07-24-2014 04:10 AM

Hi Peter,

The problem is the way is through various firewall who are dropping the ICMP packets, then the traceroute isn't a nice test....

I have the control of two of this FW, but there is one which is controlled by other people, then I can't open ICMP to test it... I know the source and destination IP but the problem is in the routes. I have one route who summarizes all subnets 10.X.X.X, this route is sending traffic through one gateway and the network 10.100.0.X /24 is through other different gateway. When arrive a packet with destination 10.100.0.X, the switch matches with the first route and it should match with the second... I have configured weight in the route, but is not working properly.

Best Regards.

David.

 

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to David Babiano Rodriguez

‎07-24-2014 04:51 AM

David,

What is the "route weight" you are talking about? If you are talking about the administrative distance then this is not an appropriate tool for this purpose - the administrativ distance only defines which route is more trustworthy when two or more different sources (routing protocols, static configuration) try to insert the same route (i.e. the same address and netmask) into the routing table. In such a case, the route with the smaller administrative distance will win

However, in your case, the administrative distance does not apply. If you define a static host route toward the specific IP address, using a netmask of 255.255.255.255, this route will be placed at the top of the routing table because the routing table is searched starting the longest prefixes and moving down toward shorter prefixes. You are adding a new route to your routing table, therefore the administrative distance is not truly relevant because there is no competing route in the routing table.

I am not sure if this is understandable so please feel welcome to ask further.

Best regards,
Peter

 

0 Helpful

David Babiano Rodriguez
Level 1
Level 1
In response to Peter Paluch

‎07-24-2014 05:26 AM

Hi Peter,

Sorry!! Yes, is the administrative distance!! cheeky
I understand you, but is not working properly. I will have to check all the equipment controlled by me. If all is correct, then I will call to the people who manage the other equipment and we will do some test to reach a solution.

Thanks for all!!!

Regards

David

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card