cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5614
Views
5
Helpful
36
Replies

EIGRP neighbor UP, routes showing but ping working only on one direction!

mazzz
Level 1
Level 1

Hi guys,

 

I have my two Cisco L3 switches connected via a L2 link on which I activated EIGRP 10 and the neighborship is up.

 

vlan 50 : 172.17.192.128/25 --------[L3_SW_2] Fa0/24====L2====Fa1/0/48 [L3_SW_1] -------- vlan 50 : 172.17.192.0/25

 

The interco subnet of the L2 link is : 192.168.1.200/30

 

From L3_SW_2, I am able to ping an IP of the vlan 50 behind L3_SW_L1 : 172.17.192.24.

But the reverse doesn't work (I tried to ping from L3_SW_2 an IP behind SW_1 : 172.17.192.130 which desn't work).

 

L3_SW_2#sh ip route eigr     
.... output omitted ....
Gateway of last resort is 172.17.192.210 to network 0.0.0.0

      172.17.0.0/16 is variably subnetted, 3 subnets, 2 masks
D        172.17.192.0/25
           [90/28416] via 192.168.1.201, 02:00:21, FastEthernet0/24
L3_SW_2#

 

L3_SW_1#sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(10)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   192.168.1.202           Fa1/0/48                 14 01:57:25    7   100  0  29
L3_SW_2#

 

L3_SW_2#sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(10)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   192.168.1.201           Fa0/24            14 01:58:10    1   200  0  34
L3_SW_2#

 

L3_SW_2#sh ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  172.17.192.130          1   000c.297e.8f75  ARPA   Vlan50
Internet  172.17.192.140          9   c81f.66d7.c878  ARPA   Vlan50
Internet  172.17.192.200          -   9caf.cad2.c0c4  ARPA   Vlan50
Internet  172.17.192.210        200   4c4e.3539.77c1  ARPA   Vlan50
Internet  192.168.1.201         121   b8be.bf9e.3b44  ARPA   FastEthernet0/24
Internet  192.168.1.202           -   9caf.cad2.c0c1  ARPA   FastEthernet0/24

L3_SW_1#sh ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.170.124.121          -   b8be.bf9e.3b42  ARPA   Vlan30
Internet  10.170.124.122         22   0025.90ca.1f62  ARPA   Vlan30
Internet  172.17.192.8          160   0026.b981.a277  ARPA   Vlan50
Internet  172.17.192.9            0   0026.b981.a26f  ARPA   Vlan50

 

L3_SW_1#sh run | s eigrp
router eigrp 10
 network 172.17.192.0 0.0.0.127
 network 192.168.1.200 0.0.0.3
 passive-interface default
 no passive-interface FastEthernet1/0/48
 no passive-interface Vlan50

L3_SW_2#sh run | s eigrp
router eigrp 10
 network 172.17.192.128 0.0.0.127
 network 192.168.1.200 0.0.0.3
 passive-interface default
 no passive-interface FastEthernet0/24
 no passive-interface Vlan50

 

 

I need your help on this. Please ask me if you need other command outputs.

Thank  you,

1 Accepted Solution

Accepted Solutions

Please post the details of the configuration of the devices at 172.17.192.130 and 140. I am especially interested in what is their default gateway.

 

HTH

 

Rick

HTH

Rick

View solution in original post

36 Replies 36

mljevakovic
Level 3
Level 3

Hi,

let's check to disable auto-summary under router eigrp process.

mljevakovic
Level 3
Level 3

and post sh ip route eigrp from L3_SW_1

L3_SW_1#sh ip route eigrp

Gateway of last resort is 172.17.243.171 to network 0.0.0.0

      172.17.0.0/16 is variably subnetted, 5 subnets, 3 masks
D        172.17.192.128/25
           [90/28416] via 192.168.1.202, 02:19:18, FastEthernet1/0/48

 

And I've already applied "no auto-summary" on EIGRP 10 process on both of the switches.

 

Thanks

Hi, can you add the output of show ip route eigrp form SW_1?

Regards.

L3_SW_1#sh ip route eigrp

Gateway of last resort is 172.17.243.171 to network 0.0.0.0

      172.17.0.0/16 is variably subnetted, 5 subnets, 3 masks
D        172.17.192.128/25
           [90/28416] via 192.168.1.202, 02:19:18, FastEthernet1/0/48

 

And I've already applied "no auto-summary" on EIGRP 10 process on both of the switches.

 

The strange thing is I am able to ping from an IP of SW_1 from SW_2 but the inverse is not possible.

 

L3_SW_2#ping 172.17.192.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.192.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

L3_SW_1#ping 172.17.192.130
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.192.130, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

 

 

 

Can you post the results of a tracert command?

Regards.

Richard Burts
Hall of Fame
Hall of Fame

I am somewhat confused by the explanation of the problem

From L3_SW_2, I am able to ping an IP of the vlan 50 behind L3_SW_L1 : 172.17.192.24.

But the reverse doesn't work (I tried to ping from L3_SW_2 an IP behind SW_1 : 172.17.192.130 which desn't work).

 

You show us routing information from one switch but not from the other switch

L3_SW_2#sh ip route eigr     
.... output omitted ....
Gateway of last resort is 172.17.192.210 to network 0.0.0.0

      172.17.0.0/16 is variably subnetted, 3 subnets, 2 masks
D        172.17.192.0/25
           [90/28416] via 192.168.1.201, 02:00:21, FastEthernet0/24
L3_SW_2#

 

Can you post the routing information from SW1? I suspect that it may show that SW1 is not learning the subnet from SW2.

 

HTH

 

Rick

HTH

Rick

Rick,

It is learnt properly:

L3_SW_1#sh ip route eigrp

Gateway of last resort is 172.17.243.171 to network 0.0.0.0

172.17.0.0/16 is variably subnetted, 5 subnets, 3 masks
D 172.17.192.128/25
[90/28416] via 192.168.1.202, 02:19:18, FastEthernet1/0/48



And I've already applied "no auto-summary" on EIGRP 10 process on both of the switches.



The strange thing is I am able to ping from an IP of SW_1 from SW_2 but the inverse is not possible.



L3_SW_2#ping 172.17.192.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.192.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

L3_SW_1#ping 172.17.192.130
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.192.130, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Thank you for the information confirming that the subnet route is learned. So that is one theory of the problem that was not correct. Next theory is the possibility is that the device at 172.17.192.130 has a firewall operating that does not allow ping. ping from SW1 is failing, so can you try ping to that IP from SW2 and see if it works?

 

HTH

 

Rick

HTH

Rick

Ping from SW_2 to the local VLAN 50 (172.17.192.130) IP in quesiton is ok.

L3_SW_2#ping 172.17.192.130

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.192.130, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms

See also the topology tables :

L3_SW_2#sh ip eigrp topology
EIGRP-IPv4 Topology Table for AS(10)/ID(192.168.1.202)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status

P 172.17.192.128/25, 1 successors, FD is 2816
via Connected, Vlan50
P 192.168.1.200/30, 1 successors, FD is 28160
via Connected, FastEthernet0/24
P 172.17.192.0/25, 1 successors, FD is 28416
via 192.168.1.201 (28416/2816), FastEthernet0/24


L3_SW_1#sh ip eigrp topology
EIGRP-IPv4 Topology Table for AS(10)/ID(192.168.1.201)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status

P 172.17.192.128/25, 1 successors, FD is 28416
via 192.168.1.202 (28416/2816), FastEthernet1/0/48
P 192.168.1.200/30, 1 successors, FD is 28160
via Connected, FastEthernet1/0/48
P 172.17.192.0/25, 1 successors, FD is 2816
via Connected, Vlan50

Do you have access lists configured on the switch?

No active ACL on any of the Switches!

L3_SW_1#sh ip arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.170.124.121          -   b8be.bf9e.3b42  ARPA   Vlan30
Internet  10.170.124.122         22   0025.90ca.1f62  ARPA   Vlan30
Internet  172.17.192.8          160   0026.b981.a277  ARPA   Vlan50
Internet  172.17.192.9            0   0026.b981.a26f  ARPA   Vlan50

 

Can the SW_1 ping the connected IP 172.17.192.8? And the 172.17.192.9?
As suggested in prevoius post, the '.8' could be firewalled.

What is the '.8' device? What is the gateway? Based to the mac address is a DELL PC. Can you check for firewall or wrong/missing gateay config?

 

Regards

Review Cisco Networking for a $25 gift card