I am looking for best practice advice. In a network I have two Nexus 5548UP switches that are connected together with a port channel. I have created a layer 3 link over the port channel using vlan 1152 192.168.150.8/30. A management vlan has been also been created on the switches with vlan 211 172.30.211.0/24. A Cisco ASA firewall is connected to the Nexus1 switch and has the inside intereface configured with an IP from the management network. A Cisco Router is connected to the Nexus2 switch and the LAN interface is also configured with an IP from the management network. EIGRP has been configured on all 4 devices. On the Nexus switches all svi's have been configured with the passive-interface command with the exception of the Vlan 1152 SVI's and the Vlan 211 SVI's. I am using the vlan 211 SVI IP for my EIGRP router-id. With this configuration the Nexus switches are neighbored twice with each other on both the 192.168.150.8.0/30 network and the 172.30.211.0/24 network. I would like to reduce that down to where they only neighbor using the layer 3 192.168.150.8.0/30 network but if I put the vlan 211 svi's in passive mode then it will break the neighborship with my ASA and router. To overcome this issue would I be better creating loopback interfaces to use as my router id and also making the links between my switch and ASA plus switch and router layer 3? Is there a better way to do this? I have attached two images, the first being the original design and the second being the proposed design. I have also provided the neighbor show commands from original design which lists all the neighbors being formed.
Nexus1# sh ip eigrp neighbor
IP-EIGRP neighbors for process 100 VRF default
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
3 172.30.211.1 Vlan211 14 6w6d 3 200 0 439537
2 172.30.211.2 Vlan211 14 6w6d 2 200 0 439536
1 192.168.150.10 Vlan1152 14 6w6d 1 200 0 439535
0 172.30.211.20 Vlan211 14 11w5d 1 200 0 293289
slondc1#
