05-06-2020 10:42 AM - edited 05-06-2020 10:46 AM
All,
I have done a bunch of Googling and the nature of the problem is difficult to accurately search for and so I've finally decided to open this discussion and ask for help.
I manage a Cisco 6504 router with dual SUP-2T-10G supervisors. They have a public IP block of 10.20.208.0/21 which is subnetted via locally connected VLAN (SVI) as well as some static routes. The question I have is WHY do some of the static routes show as "connected" without reference to HOW they are connected when using the 'longer-prefixes' option.
Examples of what I want / expect:
S 10.20.212.0/24 is directly connected, Null0
C 10.20.213.64/27 is directly connected, Vlan157
L 10.20.213.65/32 is directly connected, Vlan157
S 10.20.215.0/27 [1/0] via 10.20.215.2
Example of the problem I don't understand:
S 10.20.211.0/24 is directly connected
If you check the config, you can see that 10.20.211.0/24 is statically routed to 12.34.56.78 which also shows up correctly if you do a "show ip route 10.20.211.1" but does NOT show up correctly if you do a "show ip route 10.20.211.0 255.255.255.0 longer".
Please note the differences between 10.20.211.0/24 and 10.20.215.0/27. I would expect 10.20.211.0/24 to show up similar to 10.20.215.0/27 based on similar static route configuration.
Route table output demonstrating the problem:
#show ip route 10.20.208.0 255.255.248.0 long Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 1.2.3.4 to network 0.0.0.0 10.20.0.0/8 is variably subnetted, 31 subnets, 5 masks S 10.20.208.0/21 is directly connected, Null0 S 10.20.208.0/24 is directly connected, Null0 C 10.20.208.0/27 is directly connected, Vlan157 L 10.20.208.1/32 is directly connected, Vlan157 C 10.20.208.128/27 is directly connected, Vlan157 L 10.20.208.129/32 is directly connected, Vlan157 C 10.20.208.192/27 is directly connected, Vlan157 L 10.20.208.193/32 is directly connected, Vlan157 S 10.20.209.0/24 is directly connected, Null0 C 10.20.209.0/27 is directly connected, Vlan157 L 10.20.209.1/32 is directly connected, Vlan157 C 10.20.209.32/27 is directly connected, Vlan157 L 10.20.209.33/32 is directly connected, Vlan157 L 10.20.209.35/32 is directly connected, Vlan157 S 10.20.211.0/24 is directly connected S 10.20.212.0/24 is directly connected, Null0 C 10.20.212.0/27 is directly connected, Vlan157 L 10.20.212.1/32 is directly connected, Vlan157 C 10.20.212.192/27 is directly connected, Vlan157 L 10.20.212.193/32 is directly connected, Vlan157 S 10.20.213.0/24 is directly connected, Null0 S 10.20.213.3/32 [1/0] via 10.20.213.2 C 10.20.213.64/27 is directly connected, Vlan157 L 10.20.213.65/32 is directly connected, Vlan157 S 10.20.215.0/24 is directly connected S 10.20.215.0/27 [1/0] via 10.20.215.2 C 10.20.215.0/30 is directly connected, Vlan157 L 10.20.215.1/32 is directly connected, Vlan157 S 10.20.215.3/32 [1/0] via 10.20.215.2 #
Relevant routing configurations to compare between 10.20.211.0/24 and 10.20.215.0/24:
#show run | i 10.20.211 network 10.20.211.0 mask 255.255.255.0 ip route 10.20.211.0 255.255.255.0 12.34.56.78 ip route 10.20.211.0 255.255.255.0 Null0 254 #
#show run | i 10.20.215
ip address 10.20.215.1 255.255.255.252 secondary
network 10.20.215.0 mask 255.255.255.0
ip route 10.20.215.0 255.255.255.0 10.20.215.2
ip route 10.20.215.0 255.255.255.0 Null0 254
ip route 10.20.215.0 255.255.255.224 10.20.215.2
ip route 10.20.215.3 255.255.255.255 10.20.215.2
ATL1-CR01#
Example of different route table behavior for 10.20.211.0 with and without longer-prefixes option:
#show ip route 10.20.211.0 255.255.255.0 longer-prefixes Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override, p - overrides from PfR Gateway of last resort is 1.2.3.4 to network 0.0.0.0 10.20.0.0/16 is variably subnetted, 31 subnets, 5 masks S 10.20.211.0/24 is directly connected #show ip route 10.20.211.1 Routing entry for 10.20.211.0/24 Known via "static", distance 1, metric 0 (connected) Advertised by bgp 53889 Routing Descriptor Blocks: * 12.34.56.78 Route metric is 0, traffic share count is 1 #
Cisco hardware and IOS version in case it is version / HW related:
#show ver Cisco IOS Software, s2t54 Software (s2t54-ADVENTERPRISEK9-M), Version 15.5(1)SY, RELEASE SOFTWARE (fc6) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2017 by Cisco Systems, Inc. Compiled Sun 30-Apr-17 01:23 by prod_rel_team ROM: System Bootstrap, Version 12.2(50r)SYS2, RELEASE SOFTWARE (fc1) ROUTER uptime is 26 weeks, 6 days, 21 hours, 39 minutes Uptime for this control processor is 26 weeks, 6 days, 21 hours, 38 minutes System returned to ROM by power on System restarted at 19:39:11 UTC Wed Oct 30 2019 System image file is "bootdisk:s2t54-adventerprisek9-mz.SPA.155-1.SY.bin" Last reload reason: power-on This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. cisco WS-C6504-E (M8572) processor (revision ) with 3162112K/524288K bytes of memory. Processor board ID FOX1307G5RJ CPU: MPC8572_E, Version: 2.2, (0x80E80022) CORE: E500, Version: 3.0, (0x80210030) CPU:1500MHz, CCB:600MHz, DDR:600MHz L1: D-cache 32 kB enabled I-cache 32 kB enabled Last reset from power-on 42 Virtual Ethernet interfaces 6 Gigabit Ethernet interfaces 12 Ten Gigabit Ethernet interfaces 2543K bytes of non-volatile configuration memory. Configuration register is 0x2102 #
I would really like to understand why SOME static routes show the next-hop address (e.g. "a.b.c.d/n [1/0] ... via w.x.y.z") while others don't.
A solid explanation would be greatly appreciated.
kaavik
05-07-2020 12:30 AM
Hello @kaavik ,
this command has already created interesting discussion about its behaviour
see for example the following thread
https://community.cisco.com/t5/switching/show-ip-route-longer-prefixes/m-p/1782522
where strange results are achieved when using non-sense masks like 10.0.0.0.
Your issue is more specific and limited in impact.
From the configuration the installed static route should be the one with a specified next-hop for prefix 10.20.211.0/24 as the other static is a floating static route with AD 254.
As long as the show ip route 10.20.211.0/24 shows the correct next-hop we can say that there is no real impact and traffic for that destination is not black-holed to null0.
At this point you are likely facing a so called "cosmetic" bug in the output of show ip route ... longer-prefix and you need to take in account that the details of each route listed in the output of this command may be not accurate.
You could try to open a ticket with Cisco TAC but if there is no real impact they could answer you with the "cosmetic" bug with not further investigation.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide