Solved: Re: EIGRP Neighbor Not On Common Subnet Issue

ruesch-eng · ‎08-02-2007

I encountered the strangest issue the other day. I have a 4510R switch that is talking EIGRP with 2 WAN routers. The routers and vlan 2 on the switch are in the 10.25.4.0 subnet. We connected two DL585 G2 servers to the switch and put those switch ports in vlan 6 which is the 10.26.1.0 subnet. The servers had not yet been configured with an IP address.

All of a sudden, the switch lost all connectivity to my other sites. In the log, I saw these error messages:

Jul 31 15:52:13.154: IP-EIGRP(Default-IP-Routing-Table:10): Neighbor 10.25.4.7

not on common subnet for Vlan6

.Jul 31 15:52:25.178: IP-EIGRP(Default-IP-Routing-Table:10): Neighbor 10.25.4.6

not on common subnet for Vlan6

Neighbors 10.25.4.6 and 10.25.4.6 are my WAN routers.

As soon as we configured the servers with IP addresses (in the 10.26.1.0 subnet/vlan 6), the problem resolved.

I have never seen this before with any other servers. We have connected servers to the switch and put them in a different vlan prior to assigning an IP plenty of times without any issues. This is the first time we have used the DL585s. Any ideas about what might have been going on? Thanks.

Edison Ortiz · ‎08-02-2007

Now it makes sense, the server bridged the Vlans since they didn't have an IP.

While the Vlans were bridged, multicast leaked over to Vlan6 and the routers saw each other via that interface.

You had a loop and I'm glad the routers reported the error, it may have been worse.

View solution in original post

srue · ‎08-02-2007

EIGRP uses multicast, which is independent of normal network addressing. Even if the two network devices have two network addresses in different subnets, they will still hear one another's eigrp announcements if they are running an eigrp process.

start there. i'm more of a security person.

ruesch-eng · ‎08-02-2007

Thanks. Yes, I know eigrp uses multicast to 224.0.0.10 for hellos. But, why would these servers be sending multicasts to the well-known eigrp address?

Edison Ortiz · ‎08-02-2007

As you mentioned, the routers belong to Vlan2 yet they received multicast packets from Vlan6. It sounds like the servers bridged the 2 Vlans.

Very strange ...

ruesch-eng · ‎08-02-2007

Yes, it is very strange. I don't understand why these servers would be sending multicast traffic at that point to start with and why they would send multicasts that eigrp would regard as hellos.

Edison Ortiz · ‎08-02-2007

The servers did not send anything. They simply bridged the two networks. Do the servers have 2 NICs and you plugged these NICs onto 2 different ports ? If so, those ports where on Vlan2 and Vlan6 ?

Were 10.25.4.7 and 10.25.4.6 the servers ? I thought those IPs were the routers'.

ruesch-eng · ‎08-02-2007

Ok. I asked my server guy and he confirmed that he did have both NICs connected. One was in vlan 2 and one was in vlan 6. Yes, 10.25.4.7 and 10.25.4.6 are the routers. The servers did not have any ip addresses at the time. Thanks.

Edison Ortiz · ‎08-02-2007

Now it makes sense, the server bridged the Vlans since they didn't have an IP.

While the Vlans were bridged, multicast leaked over to Vlan6 and the routers saw each other via that interface.

You had a loop and I'm glad the routers reported the error, it may have been worse.

ruesch-eng · ‎08-02-2007

Thank you very much. That makes perfect sense to me.