Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
281
Views
0
Helpful
2
Replies

Routing problem between two 7206-VXR routers

tdg911
Level 1
Level 1

‎09-07-2004 02:04 PM - edited ‎03-02-2019 06:18 PM

Hello all, I'm having a major problem routing between my 7206 and my upstreams 7206. I hope

that someone can help me out with this situation as you all have in the past with some

other problems that I've had.

We used to have a DS3 connection with MCI, we moved our office and also moved carriers a

couple of weeks ago. My new upstream provider is a friend of mine (next door suite) that

has a full DS3 connecting via serial interface. We connect to each other via PA-FE-FX

interfaces. **Note** For these interface address examples I will be using public IP

addresses instead of the privates that I have listed here. Upstream side has the address

(for this example) 10.10.10.1/30 and my side is FastEthernet6/0

10.10.10.2/30

I have a /19 routed to me from my upstream, my internal net interface is F0/0. After

assigning an IP addresses to F0/0 10.10.11.1 and a few secondary addresses I added a

static route 0.0.0.0 0.0.0.0 F6/0.

My F6/0 can talk to my Upstreams F6/0 all day but I can not ping F0/0 10.10.11.1 from the

upstream router. The only way I could get things routing was to enable proxy-arp on F6/0.

By turning on proxy-arp things appeared to work fine. After a couple of days I noticed

my network performance was degrading rapidly. The latency was horrible and I was also

dropping packets. On a ping count of 500 (pinging from a unix server with no traffic or load)

to the upstreams interface there was 19-25% packet loss.

One thing I did not mention, from F0/0 I'm connecting to a Cat5500 switch using the default

vlan1. All ports belong to the same vlan. I spoke with another Cisco "savy" person and

they had told me that 1) I had an "ethernet loop" somewhere or 2) a duplicate IP address that

was causing the problem. I have my 7206 logging to a syslog server and not once did I see

a duplicate IP problem. I even took things one step further to rule out the "ethernet loop"

problem. I disconnected my entire network by removing the uplink from the Cat5500 to F0/0

and plugged my laptop directly to F0/0. After disabling proxy-arp on F6/0, clearing arp

on both routers, my laptop was not able to ping beyond the upstreams interface.

If I had to run proxy-arp to keep things working, that would not be a problem. Before the

move my router was running BGP between 3 carriers, eigrp, vlans, very long access lists

and was only 15% utilization on the CPU. Now with proxy-arp enabled the router runs from

60-80% utilized ( arp-input is consuming the CPU ).

Today I decided to wipe the startup-config (since everything has changed with the move I was

thinking I might have left something behind that is causing a confict) and start from scratch.

I am still having the same problem having to run proxy-arp on the interfaces. My old

connection with MCI I noticed the statements "no ip proxy-arp" all throughout my router and

things worked fine without a glitch for over 1year 18weeks.

My questions are:

1) Do I have to run a routing protocol between our 7206's such as eigrp, rip etc

2) Does proxy-arp have to be turned on both routers and why

3) Why was proxy-arp not an issue before but it is now?

Thanks in advance, I really appreciate the input from everyone.

Labels:
0 Helpful
2 Replies 2

pflunkert
Level 4
Level 4

‎09-08-2004 01:29 AM

Hi,

i would try a routing protocol when you had problem. But i must told you that i don't understood you description complete ;-))). With proxy-arp the router anser to the request from your hosts. And when this feature is handled in software you CPU load increase. Don't use proxy arp and try a routing protocol.

Regards

Peter

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame

‎09-08-2004 11:30 AM

I think the answers to 1) and 3) are interrelated. You did not need proxy arp before because you were running a routing protocol. You might be better off if you did run a routing protocol and that certainly would remove the need to run proxy arp.

The answer to 2) really is "it depends". It is involved in how you configured your static route. As you probably know, there are two forms of static route: one form identifies the next hop address and the other form identifies the output interface. You chose the form which identifies the interface (and I am guessing that your upstream configured their router the same way). That form is better for point to point connections and less good for multipoint connections like FastEthernet.

To understand this point think about what happens as the router forwards a data packet. The static route says forward through F6/0 so the packet is sent to the interface. To actually send the packet on the wire the interface must have the destination MAC address. If the MAC address is not already in the ARP table, the interface must ARP for it. To respond to the ARP for "remote" addresses the router must have proxy arp turned on.

If you configure the router with the other form of static route you would not require proxy arp. If you configure ip route 0.0.0.0 0.0.0.0 10.10.10.1 then the router would know that it is forwarding through F6/0 since that is the connected subnet. When the packet gets to the interface it knows that it is looking for the next hop 10.10.10.1 and that is the MAC address it will need. And you do not need proxy arp for this to work.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents