01-10-2014 02:30 PM - edited 03-04-2019 10:02 PM
HI Friends,
Having issue with EIGRP in Nexus 7k while redistrubuting static routes. I have two core Nexus 7K's , which are connected service provider. Below Core I have distribution running in EIGRP. Goal is to achieve autmated failover between service provders links with shortest path routing.
IP SLA is working fine, but traffic routing within EIGRP is misbehaving.
CORE-1
show ip static-route
ip route 0.0.0.0 0.0.0.0 ethernet 10/1 10.124.56.241
ip route 0.0.0.0 0.0.0.0 ethernet 3/2 10.124.56.245 10
ip route 10.124.56.244 255.255.255.252 ethernet 3/2 10.114.159.2
router eigrp 110
default-information originate
CORE-2
router eigrp 110
default-information originate
ip sla 123
icmp-echo 10.124.56.241 source-ip 10.124.56.246
history filter failures
history buckets-kept 25
request-data-size 38
thre 100
timeout 100
frequency 1
end
track 123 ip sla 123 reachability
show ip static-route
ip route 0.0.0.0 0.0.0.0 ethernet 10/1 10.124.56.241 track 123
ip route 0.0.0.0 0.0.0.0 ethernet 10/1 10.124.56.245 9
ip route 10.124.56.240 255.255.255.252 ethernet 3/2 10.114.159.1
ip sla 123
ip sla schedule 123 life forever start-time now
After this configuration IP SLA is working fine, traffic is diverting to SP gateway on secondary when primary goes down. But still having routing issues as follows, as internal eigrp is not routing well, due to some metric issues being issued by both router default static routes. Same issue even when no failover scenario. Also observed some misbehavior.
via 3750-A•àA1•àC1•àC2
via 3750-A•àA1•àC1•àC2
via C1•àC2
via C1•àC2
01-10-2014 09:56 PM
Hi Sushil,
We can take one issue at a time and check what is going on.
For point 1, you have mentioned that 2960-1 is reach .245 via 3750-A---A1---C1---C2--- .245
I believe the expected is 3750-A --- A1---C2. Please confirm.
A1 is taking a decision to go via C1 instead of C2. What does the routing table looks like in A1? Is this after fail-over?
Give the show ip route at every single node and see why it prefers the C1 path instead of C2.
Thanks,
Madhu
01-11-2014 08:32 AM
Sushil
It looks from your config as though C1 and C2 are both generating a default route. If so A1/A2 will see equal cost paths and so will alternate between C1 and C2. As Madhu, says, check the routing tables of A1/A2.
That said it would be helpful if you could specify what the main issue is ie. you say -
Goal is to achieve autmated failover between service provders links with shortest path routing.
do you mean shortest path for internet traffic ? If so then testing to 10.124.56.245 is not particularly relevant because how often will end clients use that as the destination IP. In fact because that network is only connected to C2 the easiest solution for this is to advertise it into EIGRP on C2 only then traffic should go direct for that subnet.
But that would not fix the issue of internet access. So like i say, can you specify exactly what the main issue is ?
By the way, your config doesn't show it but i presume there is more to your EIGRP config ie.how do C1/C2 learn of the subnets from the internal LAN ?
Jon
01-11-2014 08:52 AM
Sushil
Can you also answer the following -
1) C1 is the primary internet connection ?
2) I understand why you are tracking the route on C2 ie. you need to C2 to use the default route via C1 unless the link goes down in which case it installs the route via it's direct connection to the secondary ISP.
But you are not tracking C1 to ISP1 or C2 to ISP2. Is this because these are point to point links so C1/C2 know ft the link has gone down ?
If so note that i have just been involved in another thread where a very helpful TAC routing engineer pointed out that it is quite common for an ISP to fail further upstream so the link to the ISP stays up but the ISP has lost internet connectivity. I assume, because of your default routes on C1/C2 that you are not receiving any routes from the ISP so you may want to consider tracking a destination IP on the internet.
That said i dont want to complicate the issue at the moment. It would be best to sort out your internal routing problems first and then if you want you can look at perhaps tracking the ISP availability further upstream.
Jon
01-11-2014 07:17 PM
H Madhu, Surely on monday I will attach the routing table information and route details.
Hi Jon,
1) C1 is the primary internet connection ? YES C1 is primary 7K router and C2 is Secondary 7K router.
2) I understand why you are tracking the route on C2 ie. you need to C2 to use the default route via C1 unless the link goes down in which case it installs the route via it's direct connection to the secondary ISP. -- YES you are correct, only primary link on C1 wil be active for forward and reverse path from Internet side. Link on C2 will be in standby and will reverse the traffic from Internet only if Primary link goes down. I have tested failover on internet gateway and found working absolutely fine no issue with that. Only issue is withing EIGRP.
If you notice in the configuration I have configured the default route in C1 with default metric. And configured the default route in C2 with metric 9. So ideally when both routers redistribute their static routes to EIGRP, best would be selected with lowest metric cost and shortest path to reach C1 and further to internet , should be taken. But in NX OS I think so , what is happening is both routers are distributing it's default route information with default metric in to EIGRP, so nearest neighbour A1 & A2 are learning the best route to its respective C1 & C2. This is just assumption....
01-12-2014 06:23 AM
Sushil
If you notice in the configuration I have configured the default route in C1 with default metric. And configured the default route in C2 with metric 9. So ideally when both routers redistribute their static routes.
There are a couple of issues with this -
1) the actual route installed in the routing table on C2 i would have thought would be this one -
ip route 0.0.0.0 0.0.0.0 ethernet 10/1 10.124.56.241 track 123
because you do not have an AD with this one so it is preferred over the one with the AD of 9. You then have this route -
ip route 10.124.56.240 255.255.255.252 ethernet 3/2 10.114.159.1
Can you please answer these questions -
a) looking at the route table on C2 can you clarify which route is in the IP routing table
and
b) why is the first route pointing out of the 10/1 interface but the route to get to 10.124.56.240/30 is pointing out of ethernet 3/2 ?
2) The AD is not passed with the routing update so when it is sent to A1/A2 they will see them as EIGRP internal (AD 90) ie. the AD is only local to the actual switch.
Again can you answer the following question -
on A1/A2 what is the AD of the default route ?
So the main issue is that A1/A2 receive equal cost paths to both C1 and C2 so traffic could go either way. Now you could use offset-lists on C2 or delays on A1/A2's connections to C2 so C1 is always preferred. But if the internet link fails over to C2 then C1 installs it's other default route and so A1/A2 still get two default routes. But because you have configured A1/A2 to prefer C1 now all internet traffic goes via C1 to get to C2. So the configuration has become more complicated and still the traffic is not flowing correctly.
The solution is to only have the active core switch send a default route. And the other core switch simply receives that default route via EIGRP as do A1/A2. If you do this then A1/A2 would still receive two default routes one direct from the active switch (ie on hop away) and one from the standby switch (two hops away) so A1/A2 would always go to the active switch because the metric would be better for the direct route.
If the active switch loses it's internet connection then it stops sending a default route and the new active switch takes over and it this switch that then advertises the default route.
There is a config that may work for you and i will gladly provide it but i need answers to the questions i asked above just in case it is not actually working as i suspect.
So i hope that all makes sense..
Jon
01-12-2014 10:52 AM
Hi Jon,
Thanks a lot for taking time out on weekend and providing support. Well I dont have access to ruouters , tomorrow I will go to DC so I will post the routing table.
Following are the responses to your queries.
a) looking at the route table on C2 can you clarify which route is in the IP routing table --> Soon will update the routing table in attachements.
b) why is the first route pointing out of the 10/1 interface but the route to get to 10.124.56.240/30 is pointing out of ethernet 3/2 ? ---> Well 10.124.56.240 is service provider network connected on Eth 10/1 and Eth 3/2 is L3 connectivity between C1 & C2. For detailed ref. I have attached the Word Document.
c)on A1/A2 what is the AD of the default route ? Will update you tommrow with routing table.
Cheers.
01-12-2014 11:09 AM
Sushil
Thanks for updating. I think you may have forgotten to add the document but no problem.
My question about the routing was this -
on C2 you have 3 routes -
ip route 0.0.0.0 0.0.0.0 ethernet 10/1 10.124.56.241 track 123 <-- this route tracks C1s connection for C1's ISP.
ip route 0.0.0.0 0.0.0.0 ethernet 10/1 10.124.56.245 9 <-- this route is the direct route for C2 for it's own ISP
ip route 10.124.56.240 255.255.255.252 ethernet 3/2 10.114.159.1 <--- this route is presumably there so C2 knows how to get to C1's ISP
so why is the first route, which is checking C1s ISP link pointing out of ethernet 10/1 because for C2 to get to 10.124.56.241 it has to go via ethernet 3/2 ?
I fully understand why the second route above is pointing out of the ethernet 10/1 interface.
I think it may just be a mistake in the configuration as looking at C1 both it's routes for C2's ISP address are pointing to C2. So it's not a major issue and it certainly isn't why you are seeing the traffic flows within your network.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide