Solved: Re: EIGRP between routers and making one router preferred - Page 3

the_crooked_toe · ‎12-08-2008

4507 = Louisville core (192.168.187.1)

2851 = Louisville MPLS (192.168.187.252)

3660 = Louisville Point-to-Point (192.168.187.254)

2821 = Lexington MPLS (192.168.13.1)

3640 = Lexington Point-to-Point (192.168.13.3)

The MPLS connection is the primary connection. The Point-to-Point is the backup connection.

I have EIGRP 101 running on every single router, and BGP only running on the MPLS routers between cities.

The 4507 has both the 2851 and the 3660 plugged into it.

If I add a network to the 4507, both of the routers should say something like 'D 10.110.115.0/24 [90/3072] via 192.168.187.1' correct?

The problem I am receiving is that when I add a network to the 4507 router and do a 'sh ip route' on the 2851, the route says it's reachable via the MPLS. It is not saying it's connected to the 4507. It's actually going from the 2851 to the 2821, to 3640, to 3660, then to 4507.

How do i stop this loop? I would like to do this without setting a static ip route.

Also, If i unplug the 3660 and add the network, the 2851 finds the advertised route from the 4507 with no problems. When I plug the 3660 back in, the route starts going back to saying its reachable via the MPLS connection.

Any help or ideas are greatly appreciated.

Thanks

the_crooked_toe · ‎12-18-2008

1)

Louisville_P2P#sh run

hostname Louisville_P2P

no ip finger

no ip domain-lookup

!

ipx routing 0004.c14b.e490

call rsvp-sync

!

controller T1 2/2

framing esf

linecode b8zs

channel-group 1 timeslots 10-24 speed 64

description Connection to Frankfort

!

controller T1 2/3

framing esf

linecode b8zs

tdm-group 1 timeslots 1-13 type e&m

!

interface FastEthernet0/0

description CONNECTION TO 187 NETWORK

ip address 192.168.187.254 255.255.255.0

no ip mroute-cache

speed 100

full-duplex

ipx network 187

!

interface Serial1/0

description Connection to Cincinnati

ip address 192.168.128.1 255.255.255.0

!

interface Serial1/1

description Connection to Covington

ip address 192.168.118.1 255.255.255.0

!

interface Serial1/3

description Connection to Lexington

ip address 192.168.113.1 255.255.255.0

!

interface Serial2/2:1

description Connection to Frankfort

ip address 10.150.5.1 255.255.255.0

!

router eigrp 101

passive-interface FastEthernet0/1

passive-interface Loopback0

passive-interface Tunnel0

network 10.150.0.0 0.0.255.255

network 192.168.113.0

network 192.168.118.0

network 192.168.128.0

network 192.168.187.0

no auto-summary

no eigrp log-neighbor-changes

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.187.1

ip route 192.168.13.0 255.255.255.0 192.168.187.252

ip route 192.168.13.0 255.255.255.0 192.168.113.2

ip route 192.168.18.0 255.255.255.0 192.168.187.252

ip route 192.168.18.0 255.255.255.0 192.168.118.2

ip route 192.168.28.0 255.255.255.0 192.168.187.252

ip route 192.168.198.0 255.255.255.0 192.168.187.1

2)

GDM-4507R#sh run

!

hostname GDM-4507R

ip subnet-zero

ip domain-name greenebaum.com

!

cluster run

!

power redundancy-mode redundant

!

spanning-tree mode rapid-pvst

spanning-tree extend system-id

spanning-tree vlan 1-1000 priority 4096

!

redundancy

mode sso

!

vlan internal allocation policy ascending

!

interface GigabitEthernet1/1

..............

router eigrp 101

network 10.0.0.0

network 192.168.15.0

network 192.168.32.0

network 192.168.33.0

network 192.168.34.0

network 192.168.35.0

network 192.168.36.0

network 192.168.50.0

network 192.168.52.0

network 192.168.187.0

no eigrp log-neighbor-changes

no auto-summary

!

ip route 0.0.0.0 0.0.0.0 192.168.187.99

ip route 192.168.187.0 255.255.255.0 192.168.187.99

ip route 192.168.198.0 255.255.255.0 192.168.187.99

ip route 192.168.199.0 255.255.255.0 192.168.187.99

3)

Lexington_P2P#sh run

!

hostname Lexington_P2P

!

controller T1 0/0

framing esf

linecode b8zs

channel-group 0 timeslots 14-24 speed 64

tdm-group 1 timeslots 1-13 type e&m

description Connection to Telco

!

controller T1 0/1

framing esf

linecode b8zs

tdm-group 1 timeslots 1-13 type e&m

description Connection to PBX

!

interface FastEthernet0/0

description Inside Ethernet segment

ip address 192.168.13.3 255.255.255.0

duplex auto

speed auto

!

interface Serial0/0:0

description Point-to-Point to Louisville

ip address 192.168.113.2 255.255.255.0

ip mroute-cache

!

router eigrp 101

passive-interface FastEthernet1/0

passive-interface Loopback0

passive-interface Tunnel0

network 192.168.13.0

network 192.168.113.0

no auto-summary

no eigrp log-neighbor-changes

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.113.1

ip route 192.168.198.0 255.255.255.0 192.168.113.1

4)

Louisville_P2P#sh ip eigrp neigh

IP-EIGRP neighbors for process 101

H Address Interface Hold Uptime SRTT RTO Q Seq Type

(sec) (ms) Cnt Num

1 192.168.187.252 Fa0/0 12 1w0d 4 200 0 18156

2 192.168.128.2 Se1/0 12 1w1d 10 200 0 15527

0 192.168.187.1 Fa0/0 12 1w2d 1 200 0 18136

5 10.150.5.2 Se2/2:1 12 2w1d 10 200 0 193

4 192.168.118.2 Se1/1 13 6w0d 14 200 0 20459

3 192.168.113.2 Se1/3 12 6w0d 22 200 0 1142

Let me know if there is anything else you may need.

Jon Marshall · ‎12-18-2008

Sorry yes.

1) "sh ip route" from P2P Louisville

2) "sh ip route" from P2P lexington

Jon

the_crooked_toe · ‎12-18-2008

1)

Louisville_P2P#sh ip rou

Gateway of last resort is 192.168.187.1 to network 0.0.0.0

S 192.168.28.0/24 [1/0] via 192.168.187.252

S 192.168.13.0/24 [1/0] via 192.168.187.252

[1/0] via 192.168.113.2

D 192.168.15.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

64.0.0.0/30 is subnetted, 4 subnets

D EX 64.129.251.56 [170/1766912] via 192.168.113.2, 1w0d, Serial1/3

D EX 64.129.251.60 [170/261120] via 192.168.187.252, 1w0d, FastEthernet0/0

D EX 64.129.251.72 [170/261120] via 192.168.187.252, 1w0d, FastEthernet0/0

D EX 64.129.251.76 [170/261120] via 192.168.187.252, 1w0d, FastEthernet0/0

C 192.168.128.0/24 is directly connected, Serial1/0

S 192.168.198.0/24 [1/0] via 192.168.187.1

10.0.0.0/8 is variably subnetted, 19 subnets, 2 masks

D 10.110.100.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.110.101.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.110.115.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.150.213.0/24 [90/3181056] via 10.150.5.2, 1w2d, Serial2/2:1

D 10.150.201.0/24 [90/3181056] via 10.150.5.2, 1w2d, Serial2/2:1

D 10.110.5.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.110.2.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

S 10.120.0.0/16 [1/0] via 192.168.187.252

[1/0] via 192.168.113.2

D 10.150.10.0/24 [90/3181056] via 10.150.5.2, 1w2d, Serial2/2:1

C 10.150.5.0/24 is directly connected, Serial2/2:1

D 10.150.2.0/24 [90/3181056] via 10.150.5.2, 1w2d, Serial2/2:1

D 10.110.201.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.110.213.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.120.201.0/24 [90/1764608] via 192.168.113.2, 04:27:12, Serial1/3

D 10.110.187.0/24 [90/28416] via 192.168.187.1, 4d22h, FastEthernet0/0

D 10.110.132.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.110.133.0/24 [90/28416] via 192.168.187.1, 1w0d, FastEthernet0/0

D 10.150.110.0/24 [90/3181056] via 10.150.5.2, 1w2d, Serial2/2:1

D 10.150.100.0/24 [90/3181056] via 10.150.5.2, 1w2d, Serial2/2:1

C 192.168.113.0/24 is directly connected, Serial1/3

D 192.168.36.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

D 192.168.52.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

C 192.168.187.0/24 is directly connected, FastEthernet0/0

D 192.168.34.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

D 192.168.50.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

D 192.168.35.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

C 192.168.118.0/24 is directly connected, Serial1/1

D EX 192.168.253.0/24 [170/261120] via 192.168.187.252, 1w0d, FastEthernet0/0

D 192.168.32.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

S 192.168.18.0/24 [1/0] via 192.168.187.252

[1/0] via 192.168.118.2

D 192.168.33.0/24 [90/28416] via 192.168.187.1, 1w2d, FastEthernet0/0

D 209.PUBLIC.222.0/24 [90/1766912] via 192.168.113.2, 1w0d, Serial1/3

S* 0.0.0.0/0 [1/0] via 192.168.187.1

the_crooked_toe · ‎12-18-2008

Lexington_P2P#sh ip rou

Gateway of last resort is 192.168.113.1 to network 0.0.0.0

D EX 192.168.28.0/24 [170/261120] via 192.168.13.1, 1w0d, FastEthernet0/0

C 192.168.13.0/24 is directly connected, FastEthernet0/0

D 192.168.15.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

64.0.0.0/30 is subnetted, 4 subnets

D EX 64.129.251.56 [170/261120] via 192.168.13.1, 1w0d, FastEthernet0/0

D EX 64.129.251.60 [170/261120] via 192.168.13.1, 1w0d, FastEthernet0/0

D EX 64.129.251.72 [170/261120] via 192.168.13.1, 1w0d, FastEthernet0/0

D EX 64.129.251.76 [170/261120] via 192.168.13.1, 1w0d, FastEthernet0/0

D 192.168.128.0/24 [90/4660224] via 192.168.113.1, 1w0d, Serial0/0:0

S 192.168.198.0/24 [1/0] via 192.168.113.1

10.0.0.0/24 is subnetted, 18 subnets

D 10.110.100.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.101.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.115.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.213.0 [90/4662784] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.201.0 [90/4662784] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.5.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.2.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.10.0 [90/4662784] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.5.0 [90/4660224] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.2.0 [90/4662784] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.201.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.213.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.120.201.0 [90/28416] via 192.168.13.204, 04:29:16, FastEthernet0/0

D 10.110.187.0 [90/4151040] via 192.168.113.1, 4d22h, Serial0/0:0

D 10.110.132.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.110.133.0 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.110.0 [90/4662784] via 192.168.113.1, 1w0d, Serial0/0:0

D 10.150.100.0 [90/4662784] via 192.168.113.1, 1w0d, Serial0/0:0

C 192.168.113.0/24 is directly connected, Serial0/0:0

D 192.168.36.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 192.168.52.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 192.168.187.0/24 [90/4150784] via 192.168.113.1, 1w0d, Serial0/0:0

D 192.168.34.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 192.168.50.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 192.168.35.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 192.168.118.0/24 [90/4660224] via 192.168.113.1, 1w0d, Serial0/0:0

D EX 192.168.253.0/24 [170/28416] via 192.168.13.1, 1w0d, FastEthernet0/0

D 192.168.32.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D EX 192.168.18.0/24 [170/261120] via 192.168.13.1, 1w0d, FastEthernet0/0

D 192.168.33.0/24 [90/4151040] via 192.168.113.1, 1w0d, Serial0/0:0

D 209.PUBLIC.222.0/24 [90/30720] via 192.168.13.253, 1w0d, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 192.168.113.1

the_crooked_toe · ‎12-18-2008

Jon,

the only thing I don't understand is that I am putting in new networks and in the 'show run' i'm not seeing anything different than what is already there.

I don't understand how the person before me was able to add the network for 192.168.13.0 on the Lexington MPLS and the Lexington P2P, and still have the Core router in Louisville look to AD 170 instead of AD 90. It just doesn't make any sense because the core router is probably doing what its supposed to do. I just dont see how the person before me set it up.

Thanks again for all your help

Jon Marshall · ‎12-18-2008

Kenny

Apologies for missing this.

192.168.253.0 is in Lexington P2P routing table and so is advertised to Louisville P2P.

D EX 192.168.253.0/24 [170/28416] via 192.168.13.1, 1w0d, FastEthernet0/0

Note it is AD 170. So Louisville P2P does receive this route from Lexington and sends it to 4500. But 4500 also receives the same route with AD 170 from 2851 MPLS router. So i suspect on the 4500 that the metric of the router received from 2851 is better than the metric received from Louisville P2P.

Told you it was confusing !

Jon

Jon Marshall · ‎12-18-2008

Okay, where to start !

There doesn't seem to be any consistency in the way routes have been advertised. Note that this is not a criticism of you as i appreciate you have picked this up. It is also not a criticism of the previous netadmin because

a) it might have evolved under him too

b) he may be a much better network designer than me and i just can't see the logic !

Lets explain 192.168.13.0 and 192.168.253.0

Both these networks routes via MPLS but for completely different reasons.

1) 192.168.13.0. There are 2 static entries on P2P Louisville for this

ip route 192.168.13.0 255.255.255.0 192.168.187.252

ip route 192.168.13.0 255.255.255.0 192.168.113.2

On Lexington P2P there is an entry for this network under the router eigrp config

router eigrp 101

passive-interface FastEthernet1/0

passive-interface Loopback0

passive-interface Tunnel0

network 192.168.13.0

And Louisville 4500 is using this route

D EX 192.168.13.0/24 [170/258816] via 192.168.187.252, 1w2d, Vlan1

ie. the 2851 MPLS router. Notice that the 4500 is using a router with an AD of 170.

So Lexington P2P advertises 192.168.13.0/24 to Louisville P2P. If the statics were not on Louisville P2P for 192.168.13.0/24 then Louisville would use the route advertised from Lexington. If this was the case then Louisville P2P would advertise the route to Louisville 4500 with AD 90 and all traffic for 192.168.13.x would go via the backup link.

But because Louisville P2P has statics they have better AD than route for 192.168.13.0 received from Lexington so they get installed in the routing table. So it is the statics on Louisville P2P that make the 4500 choose the MPLS route.

Confusing isn't it :-)

2) 192.168.253.0 - this is a lot simpler. Lexington P2P doesn't advertise this network to Louisville P2P and Louisville P2P doesn't have any statics for it. So the 4500 only knows how to get to this via MPLS. This network exists on the ASA but under your ASA config you only have

router eigrp 101

192.168.13.0

209.PUBLIC.220.0

This is what i meant about inconsistency.

** Edit - see previous post for explanation of 192.168.253.0/24 **

As for 209.PUBLIC.220.0. This is being advertised into EIGRP internally within Lexington. The Lexington P2P router receives this from EIGRP and then advertises it across to Louisville P2P. From Louisville P2P

209.PUBLIC.222.0/24 [90/1766912] via 192.168.113.2, 1w0d, Serial1/3

Louisville P2P then advertises this to Louisville 4500 and because the AD is 90 it is better than the 209.PUBLIC.222.0 advertisement the 4500 receives from the 2851 because the 4500 sees this as AD 170.

So how do you stop this. Well for consistency just add a static route on Louisville P2P for 209.PUBLIC.222.0/24 pointing to Lexington P2P. But obviously this is not a good solution.

I'm not trying to depress you :-), but hopefully you can see that the routing is not very predictable at the moment and we have only looked at Louisville/Lexington.

As i say there are ways to fix this but it could involve a lot of work and possible outages.

Jon

the_crooked_toe · ‎12-18-2008

Jon,

I guess i'm in deeper *ish* than I thought...I actually just got a hold of the guy who set this up a few months ago and told him to explain how he set this all up. So we will see what sprouts from al this or what tricks he used to get this to work.

I tried adding

ip route 10.120.0.0 255.255.0.0 192.168.187.252

ip route 10.120.0.0 255.255.0.0 192.168.113.2

and still didn't have any effect on the Core router

Thanks for all your help and I'll post any findings that happen along the way

Jon Marshall · ‎12-18-2008

Kenny

"I tried adding

ip route 10.120.0.0 255.255.0.0 192.168.187.252

ip route 10.120.0.0 255.255.0.0 192.168.113.2

and still didn't have any effect on the Core router"

Is the network you are trying to advertise 10.120.201.0/24 ?

If so you need to add that exact route onto Louisville P2P. Because a router will always choose the most specific route. So Louisville P2P gets an advertisement from Lexington P2P for 10.120.201.0/24 but you have added statics for 10.120.0.0/16 so Louisville P2P will use the 10.120.201.0/24 route.

Try adding to Louisville P2P

ip route 10.120.201.0 255.255.255.0 192.168.187.252

ip route 10.120.201.0 255.255.255.0 192.168.113.2

Jon

the_crooked_toe · ‎12-18-2008

yep that did the trick...so whenever I need to add a new subnet to ANY remote city I have to add this static route...This is going to be a major PITA.

I might have to get the original network designer to come back in and re-think this out because I don't think this is very efficient.

Do you have any other suggestions?

Thanks for helping out once again.

Jon Marshall · ‎12-18-2008

Yes, that really is a very short term solution. And it still really doesn't address how the rest of the network is routing. The key thing is at the moment it is not predictable and if you lost connectivity and had to troubleshoot it would be very difficult.

It took me a while to work out what was going on, i really wouldn't want to be trying to do that with a site down. So it does need some work.

One of the key things that could really help here is summarisation. If you could get to the stage where each site had one summarisable network range (apart from the public range) then it would be a lot easier to configure. Because you are dealing in individual subnets it does mean each time you are going to have to add something somewhere. Even if we used a different method than the statics, and i don't think the statics are a good solution, without summarisation an additional subnet requires a lot more work than it should do.

What you want is a range per site and enough room for growth in that range so that once it is advertised out as a summary you can happily add more subnets and they would fall in the same range.

Have a chat with the original network designer and see what he says and then feel free to come back and discuss further.

Jon

Jon Marshall · ‎12-10-2008

Kendrik

In your topology map it shows the correct config under router bgp 64803 on the Lexington 2821 and yet the config you posted shows EIGRP redistribution.

Why is that ?

Jon

the_crooked_toe · ‎12-10-2008

because i screwed up on making my visio diagram. I apologize for creating more confusion.

Giuseppe Larosa · ‎12-08-2008

Hello Kendrick,

this is the same network of the other thread, isn't it ?

As Jon has explained you are facing the problem of comparing routes with different AD:

c2851 will prefer routes over eBGP session for its AD 20 < 90, at the same time routes redistributed by C2851 into EIGRP are not preferred becuase flagged as external routes D EX with AD 170, so your backup path can become the primary.

You should be able to take advantage of EIGRP capability to summarize out a specific interface: on the other side of the backup link you should summarize with the summary-address eigrp eigrp-as command: you can even make use more then one statement if necessary.

In this way, the most specific route should be used that is the one coming from eBGP on primary link and redistributed into EIGRP as D EX.

Also the site router connecting to the backup link has to summarize the site specific routes so that this link is used from the other side.

Hope to help

Giuseppe

the_crooked_toe · ‎12-09-2008

Guiseppe, yes this is the same network. I also contacted my ISP for MPLS connection and they said nothing was abnormal. So of course it's on my end and my configuration just isn't correct.

If i understand this correctly,

I need to run the command:

summary-address eigrp eigrp-as

on each Point-to-Point router?

I'm not finding that command when I do:

conf t

router eigrp 101

summa ? - command not recognized

Attached is a network topology with all routing protocols if that helps.

Thanks again for your help