Solved: Re: Using EIGRP to route to vlans on a layer 3 switch

Sen85850 · ‎04-07-2021

I have been trying to configure EIGRP to advertise VLANs networks on a L3 Switch. Say we had one more L3 Switch connected to Default Router. Those L3 switches have their own DHCP servers and their own VLANs. Each Layer 3 switch represents a different branch. What I would like to do is to advertise these vlans so that each branch network can reach each other because, they will want to use internal resources. But these L3 Switched branches will get out to internet from the Default Router.

Run eigrp for all vlans

router eigrp 1
 network 0.0.0.0

L3-Core-1#sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   172.19.0.253            Vl19                     12 00:00:48    1  5000  1  2910
1   192.168.2.252           Vl1                      12 12:01:14   18   108  0  154
13  172.16.28.253           Vl28                     11 12:58:41    8   100  0  24
12  172.16.26.253           Vl26                     13 1d02h       9   100  0  19
11  192.168.2.174           Vl1                      14 1d02h       7   100  0  12
8   192.168.3.2             Vl999                    10 1d02h       3   100  0  11
10  192.168.5.7             Vl777                    13 1d11h       1   100  0  1742
9   172.16.38.253           Vl38                     14 1d11h       1   100  0  1741
7   172.18.14.253           Vl18                     11 1d11h       1   100  0  1740
6   172.17.14.253           Vl17                     11 1d11h       1   100  0  1739
5   172.16.17.253           Vl4                      10 1d11h       1   100  0  1737
4   172.16.16.253           Vl3                      14 1d11h       1   100  0  1738
3   172.16.14.253           Vl2                      13 1d11h       1   100  0  1743
2   192.168.2.253           Vl1                      10 1d11h       1   100  0  1736

Here: Interface Vl28 and Vl26 are learned from the other L3 switch L3-Core-2. Is this the correct behavior, not being able to see Physical interfaces but vlan interfaces?

Giuseppe Larosa · ‎04-08-2021

Hello @Sen85850,

be aware that in this case you are looking for the MAC address of SVI Vlan 28 on the local device this is explained by the static type of learning.

Another sign that this is a locally defined IP is the fact the ARP entry never expires the "-" in the show ip arp means this.

Core-65#sh ip arp 172.16.28.253
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.28.253 - 501c.b0cd.2fd9 ARPA Vlan28

In this case no physical port is found and the MAC address is that of the SVI interface Vlan 28. This is correct.

You need to check the same on the EIGRP neighbor of this Cat6500 and you will see a Dynamic entry (learned by ARP) and then using

show mac address-table address 501c.b0cd.2fd9 you will see a L2 physical port.

To be noted a device can see another SVI as an EIIGRP neighbor of itself if:

a) that SVI is associated to a VRF and not to the global routing table

b) that SVI has a modified MAC address so that it does not overlaps with the MAC address of the SVI in GRT or other VRF. (by default all SVIs use the same MAC address)

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎04-08-2021

Hello @Sen85850,

the show ip eigrp neighbors does not show the IP prefixes learned via EIGRP it shows the EIGRP neighbors that are the routers that have established an EIGRP neighbor relationship with the local device ( because they share the same EIGRP AS number their primary IP address is in the same IP subnet , the authentication parameters match and the K values match)

The interfaces listed in show ip eigrp neighbors are L3 interfaces so it is normal for a multilayer switch that only SVI VLAN interfaces to appear here.

To see the routes learned by EIGRP and installed in the local routing table you can use

show ip route eigrp

To see the prefixes learned in EIGRP and their state ( Passive means prefix stable) you can use

show ip eigrp topology

Going back on how to trace an EIGRP neighbor we can take as example VLAN 28

The neighbor is

172.16.28.253

Now if you issue

show ip arp 172.16.28.253 you will find a MAC address

then

if you issue

show mac address-table address <MAC-address>

in aaaa.bbbb.cccc format as given in show ip arp you wlll find out the physical L2 interface in VLAN28 you are using to communicate with the neighbor.

Hope to help

Giuseppe

Sen85850 · ‎04-08-2021

Core-65#sh ip arp 172.16.28.253
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.28.253 - 501c.b0cd.2fd9 ARPA Vlan28
Core-65#sh mac address-table address 501c.b0cd.2fd9
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
28 501c.b0cd.2fd9 STATIC Vl28
Total Mac Addresses for this criterion: 1

Actually by neighbors that was what I meant 🤦🏻‍

Tracking through Mac address still shows a vlan port though. Is this a correct behavior?

Giuseppe Larosa · ‎04-08-2021

Hello @Sen85850,

be aware that in this case you are looking for the MAC address of SVI Vlan 28 on the local device this is explained by the static type of learning.

Another sign that this is a locally defined IP is the fact the ARP entry never expires the "-" in the show ip arp means this.

Core-65#sh ip arp 172.16.28.253
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.28.253 - 501c.b0cd.2fd9 ARPA Vlan28

In this case no physical port is found and the MAC address is that of the SVI interface Vlan 28. This is correct.

You need to check the same on the EIGRP neighbor of this Cat6500 and you will see a Dynamic entry (learned by ARP) and then using

show mac address-table address 501c.b0cd.2fd9 you will see a L2 physical port.

To be noted a device can see another SVI as an EIIGRP neighbor of itself if:

a) that SVI is associated to a VRF and not to the global routing table

b) that SVI has a modified MAC address so that it does not overlaps with the MAC address of the SVI in GRT or other VRF. (by default all SVIs use the same MAC address)

Hope to help

Giuseppe

Joseph W. Doherty · ‎04-08-2021

(Overlapping with what Giusppe has already described.)

Understand with dynamic routing protocols, such routing protocols make a distinction between the other routers (or L3 forwarding devices running the same routing protocol) and the topology of the network. The latter, would normally contain all the networks "known" to the routing protocol and possibly also contain a default route for all other "unknown" networks. The latter can be a bit tricky as a default route might be known, as defined by/on the router itself, and/or also carried within the routing protocol. A default route, being carried within the routing protocol is generally optional, much like insuring any other network is known to the routing protocol. (I recall there might be a dynamic routing protocol that doesn't support carrying the default route.)

In a situation like yours, generally the router with the direct/last connection to the Internet has a default (static) route defined on it, and if the routing protocol supports it, that default route will be "injected" into the dynamic routing protocol. This way, all other routers will direct "unknown" destinations toward that router, and it will send them out the interface that supports its default (static) route.

Sen85850 · ‎04-08-2021

if default route is injected with the EIGRP, can we then get rid of all the neigborships on these SVIs?