cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
808
Views
0
Helpful
5
Replies

Static routes or EIGRP

waresd
Level 1
Level 1

Where I work, we currently have 4 remote offices (small, each with about 10 - 20 users), and one central HQ (about 200 users). I am debating whether or not to use a routing protocol, such as EIGRP for the WAN (point-to-point T1's), or just use static routes because there would only be about 2 entries.

Each remote site has a seperate Internet connection, that is used for IPSec GRE tunnel backup when/if the T1 goes down.

What is it that anyone would recommend?

5 Replies 5

vcjones
Level 5
Level 5

Static routes will work just fine, with a floating static for your VPN backup. But be careful with your VPN, you may find that if two remotes are both on VPN, they can't talk to each other. That is guaranteed to be the case if the GRE tunnels end on a PIX rather than a router.

Also watch out for MTU problems. Your T1 will support 1500 byte data packets while your VPN backup may be limited to 1440 or so... This could cause MTU failures when you fail over from T1 to VPN with an established connection already up with a negotiated 1500 byte MTU.

FWIW: As you describe your situation, there is no real advantage to running a dynamic protocol. There is also no real advantage to using static routes, so feel free to do whatever floats your boat.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

Richard Burts
Hall of Fame
Hall of Fame

A dynamic routing protocol is especially appropriate when there is potentially more than one way to get to destinations. A dyamic routing protocol allows you to choose the optimum path to the destination, and most important, the dynamic routing protocol allows you to adjust to changes in the network automatically.

Static routes are especially appropriate when there is a single way to get to destinations and there are no choices to be evaluated.

When you stated that your network is essentially hub and spoke with a T1 from the HQ to each remote, I was thinking that static routes would be the choice. When you added that the remotes have another Internet connection and should do IPSec with GRE over the Internet for connectivity to HQ as a backup, then you have added an alternative and a choice needs to be made. I believe that in this circumstance I would prefer to run a dynamic protocol such as EIGRP.

You probably could get it to work ok with a static route pointed at the serial interface and a floating static pointed to the internet. If the serial interface went down the primary static would be withdrawn and the floating static would be inserted into the routing table. But if it were me I would do this with EIGRP. I believe that EIGRP might react to some problems that the static route pointing to the serial interface might not catch.

HTH

Rick

HTH

Rick

Thank you for your replies! I was leaning more towards the EIGRP way, but just wanted some feedback and others' personal experience with those situations.

Thanks again!

One more thing...so if I go the EIGRP route (no pun intended), on one of my remote routers, would the routing config look something like this:

router eigrp 1

network 10.150.0.0 0.0.255.255

network 192.168.0.0 0.0.255.255

no auto-summary

eigrp log-neighbor-changes

ip route 10.150.0.0 255.255.0.0 Tunnel0 10.150.2.20 250

ip route 192.168.1.0 255.255.255.0 Tunnel0 10.150.2.20 250

with the static routes using the GRE tunnel interface and the next-hop IP of the head-end router.

If not, then could you provide me with a way that you might do it?

If you want those static routes to be seen by the EIGRP, you will have to redstribute then specifically. They will not be picked up automatically by the network commands. Try adding something like:

redistribute static metric 10000 100 254 1 1500 subnets

Kevin Dorrell

Luxembourg

Review Cisco Networking for a $25 gift card