09-18-2014 11:09 AM - edited 03-04-2019 11:47 PM
When I put a summary address in for the interface below my routes disappear on my far eigrp neighbor.
ip summary-address eigrp 8882 0.0.0.0 0.0.0.0
!
router eigrp 8882
!
address-family ipv4 vrf ######
network 10.9.2.0 0.0.0.255
autonomous-system 8882
exit-address-family
!
interface Tunnel0
bandwidth 1000
ip vrf forwarding #######
ip address 10.9.2.5 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication I#######
ip nhrp map multicast dynamic
ip nhrp network-id 100000
ip nhrp holdtime 360
ip tcp adjust-mss 1360
delay 1000
tunnel source GigabitEthernet0/0/3
tunnel mode gre multipoint
tunnel key 100000
tunnel path-mtu-discovery
tunnel vrf ####
tunnel protection ipsec profile ########
09-18-2014 11:51 AM
Hello,
This is interesting. Placing the summary address as shown on the Tunnel interface should cause this router to advertise only a default route to remote neighbors. They would in turn install that default route into their routing tables if they do not already have one with a better administrative distance. So are you saying that the far EIGRP neighbor stops seeing any EIGRP routes entirely? Not even the default route is present in the far EIGRP neighbor's VRF table? Does the EIGRP adjacency still exist after configuring the summarization?
Would it be possible for you to post the output of show ip eigrp topology command from the far end router after configuring the summarization?
Best regards,
Peter
09-18-2014 12:00 PM
Thanks for the reply. The neighbor drops after I add the summary-address. See below
Before adding
Router#sh ip eigrp n
EIGRP-IPv4 Neighbors for AS(8882)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.9.2.5 Tu0 12 00:00:07 35 210 0 187
EIGRP-IPv4 Neighbors for AS(1)
Router#sh ip eigrp topology
EIGRP-IPv4 Topology Table for AS(8882)/ID(192.168.192.168)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 10.9.2.0/24, 1 successors, FD is 505856
via Connected, Tunnel0
P 192.168.192.168/32, 1 successors, FD is 128256
via Redistributed (128256/0)
EIGRP-IPv4 Topology Table for AS(1)/ID(192.168.192.168)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 192.168.192.168/32, 1 successors, FD is 128256
via Connected, Loopback0
After adding
Router#sh ip eigrp n
EIGRP-IPv4 Neighbors for AS(8882)
EIGRP-IPv4 Neighbors for AS(1)
Router#sh ip eigrp topology
EIGRP-IPv4 Topology Table for AS(8882)/ID(192.168.192.168)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 10.9.2.0/24, 1 successors, FD is 505856
via Connected, Tunnel0
P 192.168.192.168/32, 1 successors, FD is 128256
via Redistributed (128256/0)
EIGRP-IPv4 Topology Table for AS(1)/ID(192.168.192.168)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 192.168.192.168/32, 1 successors, FD is 128256
via Connected, Loopback0
09-18-2014 12:10 PM
As a side note. I was able to distribute my default from ospf into the eigrp process using a route map. It still doesn't explain the original problem.
09-18-2014 12:30 PM
Hi,
Thank you for your response.
I am somewhat surprised that the topology table on the far end router does not contain any EIGRP routes even when no summarization is configured on your DMVPN hub. Why is that? Why are EIGRP routes missing from the far end router? Are there no routes to be advertised from the hub?
I see that on the DMVPN hub router where you configure the summarization, the Tunnel interface is configured both with a Front VRF (the tunnel vrf command), and with an Internal VRF (the ip vrf forwarding command). Are these two VRFs identical, or are they different?
In addition, I wonder - on the DMVPN hub router, is there any default route present both in its FVRF and IVRF? If so, where is the default route learned from and what is its administrative distance?
Lots of questions but there are lots of technical details necessary about your setup to diagnose the behavior better.
Best regards,
Peter
09-18-2014 12:44 PM
A lot of questions so I will try to answer them inline. Again. thanks for the response
Hi,
Thank you for your response.
I am somewhat surprised that the topology table on the far end router does not contain any EIGRP routes even when no summarization is configured on your DMVPN hub. Why is that? Why are EIGRP routes missing from the far end router? Are there no routes to be advertised from the hub?
I see that on the DMVPN hub router where you configure the summarization, the Tunnel interface is configured both with a Front VRF (the tunnel vrf command), and with an Internal VRF (the ip vrf forwarding command). Are these two VRFs identical, or are they different?
In addition, I wonder - on the DMVPN hub router, is there any default route present both in its FVRF and IVRF? If so, where is the default route learned from and what is its administrative distance?
Lots of questions but there are lots of technical details necessary about your setup to diagnose the behavior better.
Best regards,
Peter
09-18-2014 01:13 PM
Hi,
Yes they are identical and the public facing interface is also using the vrf. Everything is using the same vrf and not the global table. This was the only way I could get my tunnel to come and establish an eigrp neighbor. I am open to suggestions on how to change this.
It is possible for the tunnel endpoints to reside in one VRF (the FVRF) and the tunnel addresses, or better said - the link that the tunnel emulates - to reside in a different VRF (the IVRF), and in addition, either of these can be the global routing table. However, it depends on your requirements what kind of configuration would be most suitable to you. For now, let's not change it but if you are willing, try to explain why the tunnel is placed in a separate VRF, why do you believe that the FVRF and IVRF should be different, and whether any of these VRFs could be replaced by the global routing table.
Yes, there is a default route present in the vrf
You have omitted the most important information - where is it learned from currrently (what is the source routing protocol of this route), and what is its administrative distance?
I have a suspicion that either the discard route that is created on the DMVPN hub router as a result of performing the summarization, or the actually advertised default route to a far end router replace the existing default route that exists on these routers. When this happens, the DMVPN hub router and the far end router can no longer reach one another. If that happens on the DMVPN hub router, the far end router simply becomes unreachable because the discard route points to Null0. If the far end router replaces its existing default route with the EIGRP-learned default route, a recursive routing occurs in which the path to the tunnel endpoint is learned through that tunnel itself.
Would you mind trying configuring the summarization once again using the following command?
ip summary-address eigrp 8882 0.0.0.0 0.0.0.0 254
The 254 at the end of the command specifies the administrative distance of the discard route. If there is a default route already present (and is not learned via DHCP which is the only source having the AD of 254 by default), the discard route will hopefully not replace it this time.
Best regards,
Peter
09-18-2014 01:37 PM
This was the result of the command.
ip summary-address eigrp 8882 0.0.0.0 0.0.0.0 254
%EIGRP: summary-address accepted but distance option deprecated; use summary-metric command for distance.
The separate VRFs would be used to keep the public side separate from private. This would be the only reason that I would use different VRFs. It may not need to be covered in this discussion, I have an acl that is exclusive to my needs.
This is the result of
HUB#sh ip route vrf ####
Routing entry for 0.0.0.0/0, supernet
Known via "ospf 1", distance 110, metric 1, candidate default path
Tag 1, type extern 2, forward metric 1
09-18-2014 01:56 PM
Hi,
Okay, remove the ip summary-address eigrp command configured on the Tunnel0 interface if any, and instead add these commands please:
router eigrp 8882
address-family ipv4 vrf ...
summary-metric 0.0.0.0/0 distance 254
!
interface Tunnel0
ip summary-address eigrp 8882 0.0.0.0 0.0.0.0
You appear to be using a 15.x IOS that uses a different syntax.
Best regards,
Peter
09-21-2014 06:06 PM
router eigrp 8882
address-family ipv4 vrf ...
summary-metric 0.0.0.0/0 distance 254
!
interface Tunnel0
ip summary-address eigrp 8882 0.0.0.0 0.0.0.0
This was one the first thing I tried but it did not work. Thanks for all of your help but I had to move forward with using a route-map.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide