01-04-2012 06:39 AM - edited 03-04-2019 02:49 PM
Hi All
I hope someone can help i am trying to speed up the convergence time of EIGRP
basically we have two offices connected by a 10mb point to point using a primary router in each office and connected via ADSL and a VPN tunnel using a back up router in each office
also we run HSRP between the primary and backup routers in each office
if the 10mb lines goes down it fails over to the back up VPN but drops around 3 ping i have read that this can be sub second
the time seem to be when the London end is waiting for the eigrp dead timer to time out for its link to the primary router in Sheffield
once this has timed out the router via the 10mb link is dropped and it sends traffic by the back up router in London and then across the VPN to the back up router in Sheffield
the primary router in london does have a FS for sheffield to go via the backup link but only uses it once the primary route is dropped
any ideas?
thanks !
Ben
01-04-2012 06:54 AM
Change your Hello and Hold timers on the layer 3 interfaces that the neighbors are formed over.
HTH>
01-04-2012 07:00 AM
Hi Andrew
have done that unless i set the dead timer to a second it still drops a ping or two
cisco documentation say should be in ms
thanks
Ben
01-04-2012 07:01 AM
Hi Andrew
have done that unless i set the dead timer to a second it still drops a ping or two
cisco documentation say should be in ms
thanks
Ben
01-04-2012 07:03 AM
So the issue is when your primary link fails - the 3 pings are lost over the VPN tunnel?
Post the config of your GRE interfaces.
01-04-2012 07:06 AM
i think the problem is the primary router in london keeps trying to send traffic via the primary link as there is still a route in its routing table
once the dead timer passes itdrops the route and it then uses the route for the VPN tunnel via the other router
thanks
Ben
01-04-2012 07:35 AM
Hi,
maybe BFD should be an option for you: http://www.cisco.com/en/US/technologies/tk648/tk365/tk207/technologies_white_paper0900aecd80243fe7.html
Regards.
Alain
01-04-2012 08:43 AM
Thanks Alain
that looks good but only one of my routers has the right IOS the other has 12.3 take it that is a cost upgrade?
thanks
Ben
01-04-2012 10:52 AM
just to be clear - when things are stable is there a feasible successor route in the topology for the backup path?
What bandwidth and delay have your configured for the backup path?
Sent from Cisco Technical Support iPad App
01-04-2012 06:10 PM
is it possible that these sites are or should be configured as eigrp stub networks? That will cut convergence time.
Sent from Cisco Technical Support iPad App
01-04-2012 10:34 PM
Just a thought, could the packets be lost as the VPN tunnels starts to initiate ? and only then the route is injected in the routing table.
I know when a tunnel is down, it takes a few packets to bring it back up again.
01-05-2012 12:08 AM
well that's the issue, if the backup route is via a VPN then it must be via a gre tunnel, as you cannot encapsulate a multicast packet into a VPN. So the gre is over the VPN and that means the VPN tunnel will always be up, as the eigrp keepalive hellos are set to 1 second...apparently to the response from the original poster.
Sent from Cisco Technical Support iPad App
01-05-2012 01:01 AM
Hi Andrew,
you can use IPSec VTIs to encapsulate multicast traffic now:
You can also configure a keepalive for GRE tunnels so if one end is down then the tunnel won't be up.
Regards.
Alain
01-05-2012 01:47 AM
Hi Alain,
Thanks for the link - much appreciated.
What are they really, just a GRE tunnel with IPSEC encryption, so the under lying technology is still to encapsulate the multicast packet with a unicast header with encryption....!!!!!
But I remember messing around with this awhile ago - and if I remember correctly you cannot configure the keepalive option on them, as the src/dst happens to be the outside of the tunnel IP's - but the tunnel itself requires it to be source from the inside IP's....something like that - I might have to get back into the lab again and confirm.
But thanks for the URL again.
Thanks,
Andrew.
01-05-2012 02:06 AM
Ignore the above - the keepalives on the tunnel work just fine, alsio when tuned to 1 hello and 3 dead, actually works quicker...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide