Re: 3550 Routing between Vlans - Page 2

the_crooked_toe · ‎10-10-2008

I am having difficulty routing between vlans 192.168.13.0/24 and 10.20.201/24. I have read some cisco pages on correct configuration but I can't route between the two. Any help is greatly appreciated. Attached below is the config

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log datetime

no service password-encryption

service sequence-numbers

!

hostname LexSwitch_0.13-2

!

enable secret xxxx

!

ip subnet-zero

ip routing

!

spanning-tree extend system-id

!

interface GigabitEthernet0/1

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/2

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/3

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/4

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/5

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/6

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/7

description ============ 3640 Router to P2P =============

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/8

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/9

description ============ 2821 Router to TWT ==============

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/10

no ip address

spanning-tree portfast

!

interface GigabitEthernet0/11

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/12

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface Vlan1

ip address 192.168.13.204 255.255.255.0

!

interface Vlan201

ip address 10.20.201.1 255.255.255.0

!

ip classless

ip http server

!

line con 0

line vty 0 4

password removed

login

line vty 5 15

password removed

login

!

end

the_crooked_toe · ‎10-10-2008

VLAN 201 is coming into the switch on trunk Gi0/11.

Gi0/12 is trunked to another 3550 switch and a 2950 switch.

i have vlan 1 for the network, 520 for the DMZ, and adding 201 for VideoConferencing.

the 2821 router is the MPLS router that goes between offices and out onto the internet

the 3640 router is a Point-To-Point router that is connected to the main P2P router in Louisville that connectes to every city. We are trying to route vlan 201 over the P2P router and run videoconferencing over that

these two vlans should be able to talk to the whole network, not segregated

Richard Burts · ‎10-11-2008

Kendrick

If you get EIGRP running on the switch as discussed with Jon, and if it has network statements that include both VLANs on the switch, and if it is appropriately configured on both routers and includes the proper interfaces on the router, then all devices connected on the switch should be able to communicate with the entire network.

HTH

Rick

HTH

Rick

the_crooked_toe · ‎10-11-2008

ok i've got EIGRP running on both routers and the switch. It's working which is great, but there is still one small caveat.

both of those routers are broadcasting 192.168.13.0 withing EIGRP. the problem is that when i do a "sh ip route" on the 3550, its showing EIGRP is sending internal network traffic over the 3640 which is the backup router and not the MPLS (2821).

how do i specify on the 3550 to use the 2821's EIGRP table over the 3640's?

the_crooked_toe · ‎10-11-2008

for some reason the 2821 is not broadcasting its EIGRP

2821:

router eigrp 102

redistribute bgp 64803

no auto-summary

!

3550:

router eigrp 101

network 10.0.0.0

network 192.168.13.0

no auto-summary

no eigrp log-neighbor-changes

!

when I do a 'sh ip route' on the 3550:

Gateway of last resort is not set

C 192.168.13.0/24 is directly connected, Vlan1

10.0.0.0/24 is subnetted, 1 subnets

C 10.20.201.0 is directly connected, Vlan201

I believe my problem exists because I am not doing the correct syntax trying to redistribute my bgp on the 2821 to eigrp 101

the_crooked_toe · ‎10-11-2008

ok i've got BGP functioning properly, but the 3550 is still reverting to the 3640 instead of the 2821 for routes

reference:

13.1 = 2821

13.3 = 3640

how can i get the 3550 to route all that traffic over the 2821?

here is the 'sh ip route' form the 3550:

Gateway of last resort is 192.168.13.1 to network 0.0.0.0

192.168.107.0/30 is subnetted, 1 subnets

D 192.168.107.0 [90/4660480] via 192.168.13.3, 00:02:37, Vlan1

D EX 192.168.28.0/24 [170/28416] via 192.168.13.1, 00:00:18, Vlan1

C 192.168.13.0/24 is directly connected, Vlan1

D 192.168.15.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

64.0.0.0/30 is subnetted, 4 subnets

D EX 64.REMOVE [170/28416] via 192.168.13.1, 00:00:18, Vlan1

D EX 64.REMOVE [170/281856] via 192.168.13.1, 00:05:37, Vlan1

D 192.168.128.0/24 [90/4660480] via 192.168.13.3, 00:02:37, Vlan1

D EX 192.168.198.0/24 [170/28416] via 192.168.13.1, 00:00:18, Vlan1

10.0.0.0/24 is subnetted, 2 subnets

D 10.10.201.0 [90/4151296] via 192.168.13.3, 00:02:34, Vlan1

C 10.20.201.0 is directly connected, Vlan201

D 192.168.113.0/24 [90/4148480] via 192.168.13.3, 00:05:39, Vlan1

D 192.168.36.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

D 192.168.187.0/24 [90/4151040] via 192.168.13.3, 00:00:18, Vlan1

D 192.168.34.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

D 192.168.50.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

D 192.168.35.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

D 192.168.118.0/24 [90/4660480] via 192.168.13.3, 00:02:37, Vlan1

D EX 192.168.253.0/24 [170/3072] via 192.168.13.1, 00:03:39, Vlan1

D 192.168.32.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

D EX 192.168.18.0/24 [170/28416] via 192.168.13.1, 00:00:18, Vlan1

D 192.168.33.0/24 [90/4151296] via 192.168.13.3, 00:00:18, Vlan1

D*EX 0.0.0.0/0 [170/3072] via 192.168.13.1, 00:03:39, Vlan1

Richard Burts · ‎10-11-2008

Kendrick

I am not clear whether you may have already addressed this in the changes that you are making. But in your post about EIGRP configuration I see a problem. You have this:

2821:

router eigrp 102

!

3550:

router eigrp 101

If the EIGRP AS numbers do not match then the devices will not become EIGRP neighbors.

Perhaps it would be helpful if you would post the output of show ip eigrp neighbor from the switch.

HTH

Rick

HTH

Rick

the_crooked_toe · ‎10-13-2008

hey rick,

I have all 3 devices broadcasting 'EIGRP 101' and all of them are able to talk now. so that issue has been addressed. here is what i'm currently dealing with.

I've got BGP advertising its routes through EIGRP on the 2821.

all the routers and the 3550 are now able to see each others EIGRP. so it's good in that sense. here is where the problem lies.

As I said before, the 2821 should be the primary production router (MPLS), and the 3640 should be the backup router (Point-to-Point connection). If I do a 'sh ip route' on the 2821 and the 3640, they both see the entire network, which is correct. If I do a 'sh ip route' on the 3550 it sees the whole network, but it wants to forward packets to the 3640. Excuse me if my lingo is wrong, but I suppose the metric is lower on the 3640 because the 2821 is redistributing BGP from the rest of the network while the 3640 is 'logically connected' to the main network.

How do I get EIGRP to move packets to the 2821 instead of the 3640? I want to do this without setting static routes because if the MPLS router fails, it will automatically start sending traffic over the 3640 (Point-to-Point connection).

Is there a way on the 2821 to set a lower metric so the 3550 sees that as the 'better path'?

thanks guys for all your assistance so far!

Jon Marshall · ‎10-13-2008

Do you still want to route 10.20.201.0/24 network via the 3640 rather than the 2821.

Routes redistirbuted into EIGRP will have AD of 170 whereas internal EIGRP routes will have AD 90 and lower AD is always used.

Now we have the full requirements you would be better off not running EIGRP on the switch. You only have 2 networks on the switch 192.168.13.x which is common to the 2821 and the 3640 so they already know about this network and 10.20.201.x. So

on the 3550 switch

ip route 0.0.0.0 0.0.0.0 <3640 192.168.13.x address>

ip route 0.0.0.0 0.0.0.0 <2821 192.168.13.x adddess> 250

The second static route has an AD of 250 at the end so it will not be used unless the 3640 router goes down and then this second route will kick in and traffic will be sent to the 2821.

You will then need to add the same route on both the 2821 and the 3640

ip route 10.20.201.0 255.255.255.0 192.168.13.204

Of course if you have a lot more subnets on the switch then this is not very scalable but if that is the full switch config it may well be the easiest thing to do.

Jon

Giuseppe Larosa · ‎10-13-2008

Hello Jon,

this time I didn't see your answer.

I didn't see there was already a second page.

Best Regards

Giuseppe

Jon Marshall · ‎10-13-2008

Guiseppe

No problem at all and you provided a different solution. I did think of changing AD but i thought as there was only one vlan on switch.

Then again it would negate the need to add static routes to the 2821 and 3640 router so it could well be the better solution :)

Jon

Giuseppe Larosa · ‎10-13-2008

Hello Kendrick,

you have managed with the great help of Jon and Rick to build EIGRP adjacencies in vlan1 between c2821 (13.1) , c3640 (13.3) and the c3550.

You would like to have the C3640 used only for routing to the HQ from net 10.20.201.0/24 vlan201.( I suppose to net 10.10.201.0/24 but I'm not sure)

Now, from the routing table on C3550 we can see that:

C3640 is preferred because it is advertising a lot of prefixes as internal EIGRP routes symbol D AD 90 [90, xxx].

C2821 that you would like to be preferred is not preferred because it hasn't a direct EIGRP connection to HQ but all of the routes it learns comes from an eBGP session with PE router.

So its EIGRP routes are external as a result of BGP redistribution into EIGRP at the C2821.

D EX routes like 192.168.198.0/24 have a greater AD 170 [170/28416] via 192.168.13.1

So in every case when an internal EIGRP route with AD 90 is compared to an external EIGRP route D EX with AD 170 the internal route is installed.

So to go on in your project and have C2821 preferred by the C3550 you can:

C3550

router eigrp 101

distance eigrp 90 85

!

so that D EX routes are preferred to internal D eigrp routes locally on C3550

so the EIGRP routes from C3640 will be used only for backup

Verify that the remote videoconference network is not preferred via C2821 otherwise another step of tuning is needed

that could be a static route to c3640 next-hop.

Or to be more specific a PBR routing packets with source 10.20.201.0/24 to the specific destination via next-hop 13.3

final note:

I would use two different vlans where to place the two routers, this could give more space to adjust routing in different ways.

Hope to help

Giuseppe