Re: static routes up to the WAN router

Amafsha1 · ‎03-09-2018

Hello, please forgive me if this is not in the right discussion category.

I have 2 core routers that connect with routed interfaces directly to our wan bpg mpls router(10.0.0.32) that takes us outside to the internet, other branches etc..

Please look at my attached topology.

when doing a show ip route from the cores to 10.0.0.32(wan router), on CORE2 I get the 2 ways out to the wan router with static routes and the CORE1, I only get 1 way out with a static route.

CORE1# sh ip route 10.0.0.32
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.0.0.32/32, ubest/mbest: 1/0
*via 172.31.255.1, [1/0], 1y44w, static

CORE2# sh ip route 10.0.0.32
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.0.0.32/32, ubest/mbest: 2/0
*via 172.31.255.1, [1/0], 50w2d, static
*via 172.31.255.5, [1/0], 1y44w, static

Does this mean that core 2 loadbalances with the 2 asterisk static routes? If it does, I don't understand how...does it go through the VPC link to do so? There is only 1 interface for each core to connect up to the wan router. Should I configure that 2nd static route on CORE1 just to keep both cores unison in configuration? Does it help at all? I honestly don't know if VPC even plays any part in this whole thing..

chrihussey · ‎03-09-2018

So if core2 has two static routes to 10.0.0.32 configured and core1 only has one, this would be the expected result.

Unless you weight the static routes on core2, they will be equal cost paths and both would be used. I doubt the vpc configuration comes into play at all here.

If you want consistency and redundancy then you probably would want the same configuration on both.

Finally, I think it would be more important to determine how each of the cores are showing how to route to the other branches and Internet through the MPLS router. If you are running a routing protocol and the routes are consistent with each core's primary route being the next hop to the MPLS router and then the other core as the backup then I would expect that to be the primary goal.

As far as getting to and from the one hop to the MPLS router, the question would be is it indicative of how ALL the routing is working, or just this one instance.

Hope that makes sense and helps.

Amafsha1 · ‎03-09-2018

I believe it's how all the routing works. If I was to compare the 2 routing tables between the 2 cores they are exactly identical, EXCEPT for this static route I showed you, that's why it seemed bizarre to me. The cores each only have 1 single physical routed interface which is configured like this up the wan router on both nexus:

interface Ethernet1/1
description L3 to WAN
no switchport
ip address 172.31.255.6/30
ip router eigrp 1
no shutdown

The only other routing we have is all our SVIs that are on the core switches that are HSRPd between eachother.

Reza Sharifi · ‎03-09-2018

I think the issue is that you don't have a routed link between the 2 Nexus switches, and so since you have 2 static routes on core2, you see one direct and one going through the vPC link (which is layer2 only). In order for vPC to work correctly, you need to have a separate routed link or using an SVI (depending on the platform) between the Nexus and have the second static route with higher AD to point to the peer Nexus.

HTH

Amafsha1 · ‎03-09-2018

You're right, the VPC peer-link between the 2 N9ks is not routed; it's just a trunk. I think if I did that, it would create a L3 loop though and EIGRP would shut down the link, right? But the 2 static routes I have I feel are useless. Core 1 and Core 2 only have one way of getting to the WAN router and that is their routed interfaces I show in the drawing. I guess my problem is I don't understand the 2nd static route..

Reza Sharifi · ‎03-09-2018

If you create a layer-3 routed link between the 2 Nexus and add it to EIGRP (I thought you are using static) then it should work fine. Form each core the shortest path to MPLS device will be directly connected link and the second path through the peer link. So, whether you use a routing protocol or static, it should work without any loop. I personally prefer using a none propriety routing protocol like OSPF especially since you are peering with providers. If the provider does not want to do IGP with you, then static route should work.

HTH

Georg Pauwen · ‎03-09-2018

Hello,

the odd thing is that on Core2, the route via Core1 seems to have been put in there about 50 weeks later than the original static route. I guess it would help if you can post the configs of Core1 and Core2...