hi Cisco,
I am using below topology in my lab where ASA in multiple context - C1 and C2 sharing the same physical interface, in different VLANs (sub interface) is not able to establish EIGRP neighborship with 2 cisco routers (point to point). Although, the ASA can ping both routers.
##############ASA Configuration#####################
ASA(config)# sh run context
admin-context admin
context admin
config-url disk0:/admin.cfg
!
context c1
allocate-interface Ethernet1.1 inside_c1
config-url disk0:/c1.cfg
!
context c2
allocate-interface Ethernet1.2 inside_c2
config-url disk0:/c2.cfg
!
########### ASA context C1 configuration ###############
!
interface inside_c1
nameif inside
security-level 100
ip address 10.10.10.10 255.0.0.0
!
!
router eigrp 100
network 10.0.0.0 255.0.0.0
!
##################R1#######################
!
interface GigabitEthernet0/0
ip address 10.10.10.100 255.0.0.0
duplex auto
speed auto
media-type rj45
!
router eigrp 100
network 10.0.0.0
network 17.0.0.0 0.0.0.255
=================ASA context 2========================
!
interface inside_c2
nameif inside
security-level 100
ip address 11.11.11.11 255.0.0.0
hello-interval eigrp 2 12
hold-time eigrp 2 12
!
mtu inside 1500
!
router eigrp 2
neighbor 11.11.11.100 interface inside
network 11.0.0.0 255.0.0.0
!
Note: tried both options by specifying the neighbour IP address.
=================== R2==================
!
interface GigabitEthernet0/0
ip address 11.11.11.100 255.0.0.0
ip hello-interval eigrp 2 12
ip hold-time eigrp 2 12
duplex auto
speed auto
media-type rj45
!
router eigrp 2
network 11.0.0.0
neighbor 11.11.11.11 GigabitEthernet0/0
!
================= Troubleshooting done so far ===============
- Manually hardcoded the MTU at both sides
- Manually hardcoded the EIGRP hello and hold timer
=====================error logs============================
*May 8 17:52:30.288: %DUAL-5-NBRCHANGE: EIGRP-IPv4 2: Neighbor 11.11.11.11 (GigabitEthernet0/0) is up: new adjacency
*May 8 17:52:30.318: EIGRP-IPv4(2): table(default): 11.0.0.0/8 - do advertise out GigabitEthernet0/0
*May 8 17:52:30.328: EIGRP-IPv4(2): table(default): 11.0.0.0/8 - do advertise out GigabitEthernet0/0
*May 8 17:50:00.968: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 10.10.10.10 (GigabitEthernet0/0) is down: holding time expired
*May 8 17:50:05.345: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 10.10.10.10 (GigabitEthernet0/0) is up: new adjacency
####################ping results##########################
ASA/c2(config)# ping 11.11.11.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms
ASA/c1(config)# ping 10.10.10.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/10 ms
##################### EIGRP flapping ###############
ASA/c1(config)# show eigrp neighbors
EIGRP-IPv4 neighbors for process 100
ASA/c1(config)# show eigrp neighbors
EIGRP-IPv4 neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.10.10.100 inside 14 00:00:00 1 2000 2 2241
Hi MHM,
Refer below details. I have attached the R1 configuration and switches configuration for reference.
######################Topology #################
################ output ##################
Regards,
Dhruv
I run lab not multi context and I see same issue flapping in one router
the solution was
config eigrp first in router
then config eigrp in ASA
note:- in your case the R2 interface g0/0 there is Zero Peer so it never see ASA
do above workaround
MHM
