Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
787
Views
0
Helpful
3
Replies

Moving default static route from one site to another

denz_cruel
Level 1
Level 1

‎02-21-2013 06:40 PM - edited ‎03-04-2019 07:06 PM

Hi All,

Can you please give me advise that what I need to consider when moving a default static route from our coreswitch office to coreswitch datacenter. We are planning to move DMZ firewall and some servers from our main office to datacenter. We already had a working DMZ firewall in the datacenter but becasue the default static route still in office, therefore some servers in datacenter still using the office dmz firewall.

Should I need to clear eigrp just to let other sites learn the new gateway of last resort once I moved the default static route? Also should I heads up the Telco that manages our WAN or MPLS?

office coreswitch
!
router eigrp 1
distribute-list 50 in Vlan4
network 10.4.0.0 0.0.255.255
network 192.168.4.0
redistribute static
passive-interface default
no passive-interface GigabitEthernet1/0/5
no passive-interface GigabitEthernet2/0/5
eigrp router-id 10.4.4.1
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.4.1.6 (10.4.1.6 is the firewall)

OfficeCORE#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.4.1.6 to network 0.0.0.0

Data center coreswitch
!
router eigrp 1

redistribute static
passive-interface default
no passive-interface Vlan999
no passive-interface GigabitEthernet7/7
no passive-interface Port-channel1
network 10.5.0.0 0.0.255.255
no auto-summary
eigrp router-id 10.5.4.1
!

DataCORE#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.5.1.4 to network 0.0.0.0    

DataCORE ip eigrp nei

IP-EIGRP neighbors for process 123

H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq

                                            (sec)         (ms)       Cnt Num

0   10.7.1.4              Gi7/7            14 4w5d        1   200  0  89834

+++++++++++++++++++++++++++++++++++++++++++

PLAN OF ACTION:

OfficeCORE

no ip route 0.0.0.0 0.0.0.0 10.4.1.6

DataCORE

ip route 0.0.0.0 0.0.0.0 10.5.1.6

Labels:
0 Helpful
3 Replies 3

denz_cruel
Level 1
Level 1

‎02-24-2013 06:12 PM

Question: once I moved the default static route, should I do clear eigrp 1 neighbor soft? Do this will update the routing table in each site?

0 Helpful

tobyarnett
Level 1
Level 1

‎02-24-2013 08:02 PM

So why are you wanting to remove the default static route from either device? If your servers are moved to the data center then they should be reIPd to an IP in the data center. This will put them closer to you data centers default route and it will take that path. Otherwise you will likely need to do some other static routing or redistribution of your static routes. I would need a better network diagram to give better advise on that, but initially I would not recommend removing a default route as that would cause issues with other devices on your network.

When the servers move to the data center are they using the internet that sits behind the data center firewall, or just trying to access a few servers in a DMZ on that firewall?

Toby


Sent from Cisco Technical Support Android App

-Toby


Please don't forget to rate any helpful post.

_____________________________________
There are no great limits to growth because there are no limits of human intelligence, imagination, and wonder.
- Ronald Reagan
0 Helpful

denz_cruel
Level 1
Level 1
In response to tobyarnett

‎02-24-2013 09:58 PM

Hi Toby,

Our goal is to decomm the Firewall DMZ in the main Office and move it on the DataCenter this also include to transfer all the servers. We already transferred majority of the servers and BES amd Messaging servers still using the default static route because it is not directly connected to DMZ. We already replaced the IP address of the servers to DataCenter IP address but for BES and Messaging servers it still going Office Firewall DMZ because of default static route. I add static route to make some application use the DataCenter DMZ firewall not the Main Office.

I am planning to remove the default static route in the main Office and add it on the Datacenter so we could decom the Main Office firewall DMZ.

For the Network diagram it will be difficult for me to give but it is like hub and spoke. DataCenter will the hub with all servers while the Main Office (Hub before) will be now spoke like the other small offices.

My question will be what is the best practice in moving the default static route, things for me to do and to check.

0 Helpful
Customers Also Viewed These Support Documents