cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1196
Views
5
Helpful
2
Replies

EIGRP - Links with packet loss

corycandia
Level 1
Level 1

Experts,

 

I'm trying to understand if EIGRP can detect and make decisions based on packet loss over a path.  This doesn't seem to be related to delay or bandwidth metrics we can manipulate, and reliability doesn't seem to change even when there's packet loss, probably due to being a GRE tunnel?.  The environment runs a 2921 15.4 and an 819 15.4.  I keep reading cisco's docs, but I feel like you need to already understand the topic for some of them to be useful.

 

Overall question: I've been trying to read about this, but don't see the light:

If a link doesn't go down, but packet loss takes the path's throughput down below it's successor's, will EIGRP switch paths?

 

Scenario:

US HQ, and Germany branch office, connected over DMVPN (ignoring other sites).

 

Connectivity between the two sites experiences a clear daily pattern of around 15% packet loss during certain times of day, we suspect the German ISP.  (Ignoring working with the ISP for this discussion.)

 

I'm testing a VPN that takes a different path: rather than using public inter-continental internet, we're testing a second VPN to each site's respective local Microsoft Azure datacenter, and using Microsoft's internal network to cross the ocean, so now we know there are no connectivity issues there (Azure is fast as hell, and solid).  There could still be local German ISP issues, which could still experience loss getting from the branch to the Azure gateway, but let's assume not for now. 

 

Now EIGRP has two paths.  During times with no packet loss, the old equipment maxes out DMVPN at 30mbps.  The Azure path maxes out at 10mbps due to the insane triple tunnel solution that makes our GRE work without Azure's BGP (It would cost a bunch more money per month, grit your teeth and keep reading).

 

During the times of heavy packet loss, the DMVPN goes from 30mbps to 1-3mbps.  At that point, the path hasn't failed, but you want the 10mbps Azure path to be the active entry.

 

 

Question 1 : Does EIGRP detect the throughput and packet loss issues, would it switch based on dropping performance below the other path?

 

Question 2: If yes, is that Bidirectional Forwarding Detection?  I keep reading it, and continue to be confused.  Reading about reliability suggests this is how we measure loss, but the GRE tunnel stay's up, so it sees the interface as up and fine.

 

 

Thanks

 

 

 

 

 

 

 

 

 

2 Replies 2

John York
Level 1
Level 1

What type of packets are getting lost, ICMP?

Have you considered setting up an IP SLA to monitor the link?

To answer question #1, EIGRP will only failover to a feasible successor if the packet loss is significant enough in which hello packets are getting lost, typically sent out every 5 seconds. Unless the timers have been tuned, after 15 seconds, then EIGRP will drop the current successor routes for the feasible successor.


You could look at the EIGRP traffic by means of "show ip eigrp traffic" and "show ip eigrp neighbors" to see what the timers are and what the SRTT value is.

 

Your ISP could be policing or prioritizing the ICMP traffic as such that it's getting low priority and dropped.

Hello,

 

you could use two EEM scripts to monitor packet loss on the outgoing interface. Below is an example. I don't know what you configured to activate the failover, but the scripts act on packet loss, and you can take any action you want. In the example below, the script just shuts down the primary interface when the packet loss exceeds a configured threshold value, and reactivates the interface when the packet loss drops below the configured threshold value:

 

event manager environment OUTPUT_DROPS 1000
event manager applet OUTPUT__DROPS_EEM
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "show interfaces GigabitEthernet 0/0 | include Total output drops"
action 2.1 set MATCH regexp_substr
action 3.0 regexp ".*Total output drops:.[0-9]+.*" $_cli_result _regexp_result regexp_substr
action 4.0 if $MATCH gt $OUTPUT_DROPS
action 5.0 syslog msg "VPN Link experiences congestion, failover initiated"
action 6.0 cli command "conf t"
action 7.0 cli command "interface GigabitEthernet0/0"
action 8.0 cli command "shut"
action 9.0 cli command "end"
action 9.1 end
!
event manager applet NO_OUTPUT__DROPS_EEM
event timer watchdog time 300
action 1.0 cli command "enable"
action 2.0 cli command "show interfaces GigabitEthernet 0/0 | include Total output drops"
action 2.1 set MATCH regexp_substr
action 3.0 regexp ".*Total output drops:.[0-9]+.*" $_cli_result _regexp_result regexp_substr
action 4.0 if $MATCH lt $OUTPUT_DROPS
action 5.0 syslog msg "VPN Link experiences congestion, failover initiated"
action 6.0 cli command "conf t"
action 7.0 cli command "interface GigabitEthernet0/0"
action 8.0 cli command "no shut"
action 9.0 cli command "end"
action 9.1 end

Review Cisco Networking for a $25 gift card