This document describes the problem faced by an user where EIGRP and OSPF neighbors flap over GRE Tunnel.
What is EIGRP?
EIGRP stands for Enhanced Interior Gateway Routing Protocol which is a Cisco-proprietary routing protocol. It falls under classless routing protocol which means: subnet mask of the interfaces is sent in routing updates, which is calculated by complex metric based on bandwidth and delay.
EIGRP is also known as a hybrid routing protocol because it inherits characteristics of both distance-vector and link-state protocols.Term “hybrid” mislead because EIGRP is not a hybrid between distance vector and link-state routing protocols. It is a distance vector routing protocol with enhanced features.
EIGRP has proved itself as a powerful routing protocol and it standout from its ancestor IGRP. Some characteristics of EIGRP are mentioned below:
Supports VLSM and discontiguous networks
It uses Reliable Transport Protocol (RTP) for delivery and reception of EIGRP packets
It uses the best path selected by the help of Diffusing Update Algorithm (DUAL), guarantees loop-free paths and backup paths throughout the routing domain
It discover neighboring devices by sending Hello messages periodicaly in order to discover and monitor connection status with its neighbors
It exchanges the full routing table at the time of startup and send partial triggered updates.The triggered updates are sent only to those routers who need the information.
For example, EIGRP will send updates when a new link comes up or a link goes down.
It supports multiple protocols. EIGRP is capable of exchanging routes for IPv4, IPv6, AppleTalk and IPX/SPX networks
Load balancing: EIGRP enables the user with unequal metric load balancing, which allows user distribute traffic flow in a better manner.
What is OSPF?
OSPF stands for Open-Shortest-Path-First (OSPF). OSPF is the most widely used interior gateway routing protocol because it is non-proprietary routing protocol, where as EIGRP is a Cisco proprietary protocol.It falls under class of complex link-state routing protocol. It is known so beacuse it generates routing updates when a change is detected in the topology.
For eg. When a link state changes, the neighboring device who detects the change sends a link-state advertisement (LSA) concerning the mentioned link and LSA is spread to all neighboring devices with the help of a special multicast address. The routing device notes a copy of the LSA and updates its link-state database (LSDB), and then the LSA is forwarded to remaining neighboring devices.
Note:OSPF routers use LSA (Link State Advertisement) to register there link state.All LSA's are stored in LSDB.
Five types of OSPF Link-State Packets (LSPs).
Hello: They help in establishing and maintaining adjacency with other OSPF routers. They also help in the process of electing the Designated Router (DR) and Backup Designated Router (BDR) on multiaccess networks.
Database Description (DBD or DD): They consist of a list of router’s link-state database and is utilized by neighboring routers to verify against the local link-state database
Link-State Request (LSR): It is used by the receiving routers to seek detailed information about any entry in the DBD
Link-State Update (LSU): It is used to reply to LSRs and to announce any new information. LSUs consists of seven different types of Link-State Advertisements (LSAs)
Link-State Acknowledgement (LSAck): It is sent as a confirmation receipt of LSU message.
The %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing error message means that the Generic Routing Encapsulation (GRE) tunnel router has discovered a recursive routing problem.
Symptoms of this issue include continuously flapping tunnel interfaces, as well as flapping Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) neighbors when the neighbors are over a GRE tunnel.
When you route a payload protocol over a carrier protocol (like tunneling IP over IP), it is possible to misconfigure your network and try to route to the tunnel destination address through the tunnel. This condition is usually caused by a misconfiguration of the tunnel or a temporary instability caused by a route flapping elsewhere in your network. Ensure that the routing information between the carrier networks and the payload networks is not allowed to mix. If the router discovers a recursive routing problem, it shuts down the tunnel interface for a few minutes so that the situation causing this problem can resolve itself as routing protocols converge. If the problem is caused by misconfiguration, the link may oscillate indefinitely.
To resolve this issue, configure the static route for the tunnel destination.
Hi all,I think i have a simple question but i have no solution for it. Imagine the following topology:I've left out all the unimportant stuff.Now basically what my question is: is there any way i can make SERVER01 ingress at Gi0/1 (Customer interface) wit...
Hi,I have a site-to-site VPN with one of our vendor. Since they have similar n/w with our internal network, we are using NAT in ASA. Now the vendor is moving to Azure and using the same network (local). They are replicating their servers from on premise t...
Hi guys, I setup a simpleLAB with ESAv and SMAv. I already configure the ESAv with the following configuration: From VirtualBOX I setup 3 virtual Adapters on Vmnet1 (192.168.202.0/24), Vmnet2 (172.16.0.0/24) and Vmnet3 (172.16.1.0/24).&nbs...
I can however login SSH with the same credentials with no problem. auacs1/admin# show application status acsACS role: PRIMARYProcess 'database' runningProcess 'management' runningProcess 'runtime' runningProcess 'adclient' runningProcess 'view-databa...
I patched our FMC from 184.108.40.206 to 220.127.116.11. I am receiving a warning that states " Successfully connected to cloud, Number of files detected in traffic exceeds module threshold." Is this something that will clear itself up in time? This warning ...