Re: Configuring EIGRP on NX-OS while using custom VRF

tcmckay · ‎11-14-2018

I am trying to get my eigrp routing to work while using non-default vrf's Within the default vrf the configuration was pretty similar to IOS but when I try to configure it to run in my secure VRF I cannot seem to get it to work. Any idea's will help.

nxa# sh run eigrp

!Command: show running-config eigrp

!Time: Wed Nov 14 06:45:58 2018

version 7.0(3)I7(1)

feature eigrp

router eigrp DC

autonomous-system 10

router-id 192.168.3.1

router eigrp test

autonomous-system 20

router-id 192.168.3.2

interface Vlan8

ip router eigrp DC

interface Vlan601

ip router eigrp DC

interface loopback1

ip router eigrp DC

That is the basic config for the default vrf. I have this on each of my 4 switches and the neighbor relations are created

nxa# sh ip eigrp ne

IP-EIGRP neighbors for process 10 VRF default

H Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num

3 10.8.8.4 Vlan8 13 15:37:37 106 636 0 42

0 10.8.8.5 Vlan8 13 15:45:54 101 606 0 39

1 10.8.8.7 Vlan8 12 15:37:57 96 576 0 30

4 10.8.8.8 Vlan8 11 15:37:18 73 438 0 16

5 10.8.8.9 Vlan8 12 15:31:22 63 378 0 15

2 10.200.2.12 Vlan601 13 15:55:20 95 570 0 32

IP-EIGRP neighbors for process 20 VRF default

My design with the NX-OS is simple. I have 2x 5 K's and 2x 9K's

I am using vrf Test for all my routing

nx5a# sh run int vl8

!Command: show running-config interface Vlan8

!Time: Wed Nov 14 06:50:55 2018

version 7.0(3)I7(1)

interface Vlan8

description DomainInf

no shutdown

vrf member test

no ip redirects

ip address 10.8.8.6/24

ip router eigrp DC

hsrp version 2

hsrp 8

preempt

priority 50

timers 1 3

ip 10.8.8.1

ip dhcp relay address 10.10.1.12

nxa# ping 10.8.8.7

PING 10.8.8.7 (10.8.8.7): 56 data bytes

64 bytes from 10.8.8.7: icmp_seq=0 ttl=254 time=9.078 ms

64 bytes from 10.8.8.7: icmp_seq=1 ttl=254 time=9.501 ms

64 bytes from 10.8.8.7: icmp_seq=2 ttl=254 time=11.066 ms

64 bytes from 10.8.8.7: icmp_seq=3 ttl=254 time=9.032 ms

64 bytes from 10.8.8.7: icmp_seq=4 ttl=254 time=9.808 ms

--- 10.8.8.7 ping statistics ---

5 packets transmitted, 5 packets received, 0.00% packet loss

round-trip min/avg/max = 9.032/9.696/11.066 ms

Basic connectivity to a neighbor has been established when the vlans are configured for the default vrf. However, in production all my vlans are in the test vrf and when I move them out of the default into test eigrp stops working.

Georg Pauwen · ‎11-14-2018

Hello,

how do you configure your EIGRP, do you get into 'vrf context vrf' globally first ?

tcmckay · ‎11-14-2018

sw(config) vrf context test

sw(config) router eigrp DC
sw(config-router)autonomous-system 10
sw(config-router)eigrp router-id 10.0.0.3

sw(config) int vl 8

sw(config-int) vrf mem test

sw(config-int) ip 10.10.1.10/24

sw(config-int)ip router eigrp DC

Georg Pauwen · ‎11-14-2018

Hello,

I have looked at some docs and sample configs, try and leave the 'autonomous-system' out of the EIGRP config...

sw(config) vrf context test

sw(config) router eigrp DC
sw(config-router)--> no autonomous-system 10
sw(config-router)eigrp router-id 10.0.0.3

sw(config) int vl 8

sw(config-int) vrf mem test

sw(config-int) ip 10.10.1.10/24

sw(config-int)ip router eigrp DC

tcmckay · ‎11-14-2018

When I make that change things get worse...here is the sh eigrp when the AS is removed

nx9a# sh run eigrp

!Command: show running-config eigrp
!Time: Wed Nov 14 14:56:29 2018

version 7.0(3)I7(1)
feature eigrp

router eigrp DC
eigrp router-id 10.0.0.3
network 10.10.1.0/24

interface Vlan4
ip router eigrp DC

interface Vlan8
ip router eigrp DC

interface Vlan11
ip router eigrp DC

interface loopback1
ip router eigrp DC

nx9a# sh ip eigrp ne
IP-EIGRP neighbors for process 0 VRF default

nx5a# sh ip eigrp ne
IP-EIGRP neighbors for process 0 VRF default

nx5a# sh ip eigrp ne vrf test
IP-EIGRP neighbors for process 0 VRF saas

WITH AS added the EIGRP DC (this is the recommended config for nx-os)

nx9a# sh run eigrp

!Command: show running-config eigrp
!Time: Wed Nov 14 15:00:00 2018

version 7.0(3)I7(1)
feature eigrp

router eigrp DC
autonomous-system 10
eigrp router-id 10.0.0.3
network 10.10.1.0/24

interface Vlan4
ip router eigrp DC

interface Vlan8
ip router eigrp DC

interface Vlan11
ip router eigrp DC

interface loopback1
ip router eigrp DC

nx9a# sh ip eigrp ne
IP-EIGRP neighbors for process 10 VRF default
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 10.8.8.4 Vlan8 12 00:00:21 77 462 0 39
0 10.8.8.5 Vlan8 13 00:00:21 45 270 0 39
1 10.8.8.9 Vlan8 10 00:00:21 37 748 0 39
nx9a# sh ip eigrp ne vrf saas
IP-EIGRP neighbors for process 0 VRF test

When I remove the AS for this router I lose all my routes. When I add it back in the routes come back. My problem is that eigrp works properly if I keep all my vlans and interfaces in the default vrf. When I move them to a custom vrf....vrf <name tag> then I lose connectivity through eigrp.

You can see this I have vlan's inside default and the custom vrf

interface Vlan8
description DomainInf
no shutdown
no ip redirects
ip address 10.8.8.8/24
ip router eigrp DC
hsrp version 2
hsrp 8
preempt
priority 20
timers 1 3
ip 10.8.8.1
ip dhcp relay address 10.10.1.12

interface Vlan11
no shutdown
vrf member test
ip address 10.10.1.13/24
ip router eigrp DC

nx9a# sh ip eigrp ne vrf test
IP-EIGRP neighbors for process 0 VRF test

nx9a# sh ip eigrp ne
IP-EIGRP neighbors for process 10 VRF default
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 10.8.8.4 Vlan8 12 00:05:58 77 462 0 39
0 10.8.8.5 Vlan8 10 00:05:59 45 270 0 39
1 10.8.8.9 Vlan8 10 00:05:58 37 748 0 39

Georg Pauwen · ‎11-14-2018

Odd. Are you in the default VDC ? You might want to try and create a new VDC, and then configure everything in that VDC...

tcmckay · ‎11-16-2018

As I was working on this I discovered a second layer to the EIGRP configs when using NX-OS. I now have EIGRP working in both the default VRF and in a Custom VRF. The actual config is pretty basic but finding where to configure it was a bit of a challenge.

router eigrp DataCenter
autonomous-system 10
router-id 10.0.0.4
vrf TEST
autonomous-system 20
router-id 10.0.0.4

The key is that when you want eigrp to work the initial "router eigrp <router name> puts you into the default vrf. If you want to add eigrp to a custom vrf you simply use "vrf <vrf name> while in the router eigrp configuration. Then you continue to configure it the same as any other eigrp configuration. Now my sh ip eigrp ne output is like this.

nxb(config-if)# sh ip eigrp ne
IP-EIGRP neighbors for process 10 VRF default
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.8.4.9 Vlan4 13 00:34:06 34 204 0 6
nxb(config-if)# sh ip eigrp ne vrf test
IP-EIGRP neighbors for process 20 VRF test
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.10.1.13 Vlan11 11 00:34:29 23 138 0 5

You will notice that I had to call the actual vrf that I wanted to see eigrp in.

My next challenge will be to route between the two vrf's!

Richard Burts · ‎11-16-2018

Glad to know that you have found the solution for your own problem. Thanks for sharing it with us. And +5 for the good solution. When we see the working solution it is sort of obvious. But I agree that needing to use the vrf command in EIGRP configuration is not intuitive.

HTH

Rick

HTH

Rick