06-23-2017 02:42 PM - edited 03-08-2019 11:05 AM
All,
I'm having an issue with eigrp across one of our remote sites and was hoping someone could help me figure out what I am doing wrong. As you can see in the attached diagram, we have three separate buildings with access switches - Admin, Ops, and Fleet. Each building has five local vlans - 500, 800, 810, 820, and 830. Each access layer switch is routed to the distribution layer switch at the Nexus building via an etherchannel. The Nexus building has a trunk port connection via an EP-LAN from a local ISP to a 6509E switch at our main office. The EP-LAN connection is strictly a trunk port passing all vlan tags and cannot be configured as a routed port.
At the main site with the 6509E, we have a vlan 4 configured that is for server management. Server-1 in the diagram is configured with an ip address in vlan 4 of 192.168.4.200. We would like to be able to use the same IP scope for servers located at the Nexus building as well - for example, Server-2 in the diagram is configured with an ip address of 192.168.4.201. We have added the network 192.168.4.0 0.0.0.255 to the EIGRP configuration on both the Nexus campus switch as well as the 6509E, but we are unable to ping or access Server-1 from the Nexus switch, Ops switch, Admin Switch, or Fleet Switch. However, from the 6509E I am able to ping Server-2 just fine.
The goal is for all subnets to be reachable from all locations - for example, the 6509E should be able to access all hosts on each of the five subnets at the Admin building, Ops Building, Fleet Building and the same should be possible in reverse where each of the buildings should be able to access the subnets on the 6509E. The same is true for Server-1 and Server-2 - they should be reachable from all locations.
I'm not sure what we have done wrong in regards to our EIGRP configuration, and we have tried various combinations without success. Below are the outputs of the ip route and ip eigrp neighbors from each location, along with the corresponding switch configurations.
Any help would be greatly appreciated!
Thanks,
Bob
ADMIN:
C3850X_Admin#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.27.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.27.132.192/26 is directly connected, Vlan500
L 172.27.132.194/32 is directly connected, Vlan500
D 172.27.133.0/26 [90/3072] via 172.27.132.193, 00:41:03, Vlan500
D 172.27.133.64/26 [90/3072] via 172.27.132.193, 00:41:03, Vlan500
172.28.0.0/24 is subnetted, 1 subnets
D 172.28.0.0 [90/3072] via 172.27.132.193, 00:41:03, Vlan500
D 192.168.4.0/24 [90/3328] via 172.27.132.193, 00:41:02, Vlan500
C3850X_Admin#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.27.132.193 Vl500 14 01:07:31 5 100 0 394
C3850X_Admin#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Vl800 0 0/0 0/0 0 0/0 0 0
Vl810 0 0/0 0/0 0 0/0 0 0
Vl820 0 0/0 0/0 0 0/0 0 0
Vl830 0 0/0 0/0 0 0/0 0 0
Vl500 1 0/0 0/0 5 0/0 50 0
C3850X_Admin#
OPS:
C3850X_Ops#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.27.0.0/16 is variably subnetted, 4 subnets, 2 masks
D 172.27.132.192/26 [90/3072] via 172.27.133.1, 01:09:25, Vlan500
C 172.27.133.0/26 is directly connected, Vlan500
L 172.27.133.2/32 is directly connected, Vlan500
D 172.27.133.64/26 [90/3072] via 172.27.133.1, 01:09:25, Vlan500
172.28.0.0/24 is subnetted, 1 subnets
D 172.28.0.0 [90/3072] via 172.27.133.1, 01:09:25, Vlan500
D 192.168.4.0/24 [90/3328] via 172.27.133.1, 01:09:24, Vlan500
C3850X_Ops#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.27.133.1 Vl500 11 01:09:30 4 100 0 395
C3850X_Ops#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Vl800 0 0/0 0/0 0 0/0 0 0
Vl810 0 0/0 0/0 0 0/0 0 0
Vl820 0 0/0 0/0 0 0/0 0 0
Vl830 0 0/0 0/0 0 0/0 0 0
Vl500 1 0/0 0/0 4 0/0 50 0
C3850X_Ops#
Fleet:
C3850X_Fleet#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.27.0.0/16 is variably subnetted, 4 subnets, 2 masks
D 172.27.132.192/26 [90/3072] via 172.27.133.65, 01:11:33, Vlan500
D 172.27.133.0/26 [90/3072] via 172.27.133.65, 01:11:33, Vlan500
C 172.27.133.64/26 is directly connected, Vlan500
L 172.27.133.66/32 is directly connected, Vlan500
172.28.0.0/24 is subnetted, 1 subnets
D 172.28.0.0 [90/3072] via 172.27.133.65, 01:11:33, Vlan500
D 192.168.4.0/24 [90/3328] via 172.27.133.65, 01:11:33, Vlan500
C3850X_Fleet#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.27.133.65 Vl500 10 01:11:40 7 100 0 392
C3850X_Fleet#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Vl800 0 0/0 0/0 0 0/0 0 0
Vl810 0 0/0 0/0 0 0/0 0 0
Vl820 0 0/0 0/0 0 0/0 0 0
Vl830 0 0/0 0/0 0 0/0 0 0
Vl500 1 0/0 0/0 7 0/0 50 0
C3850X_Fleet#
NEXUS BUILDING:
Nexus#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.27.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.27.132.192/26 is directly connected, Port-channel1
L 172.27.132.193/32 is directly connected, Port-channel1
C 172.27.133.0/26 is directly connected, Port-channel2
L 172.27.133.1/32 is directly connected, Port-channel2
C 172.27.133.64/26 is directly connected, Port-channel3
L 172.27.133.65/32 is directly connected, Port-channel3
172.28.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.28.0.0/24 is directly connected, Vlan600
L 172.28.0.2/32 is directly connected, Vlan600
D 192.168.4.0/24 [90/3072] via 172.28.0.1, 01:12:26, Vlan600
Nexus#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
3 172.27.133.66 Po3 12 01:12:34 1600 5000 0 102
2 172.28.0.1 Vl600 11 01:12:34 4 100 0 117
1 172.27.133.2 Po2 11 01:12:35 5 100 0 102
0 172.27.132.194 Po1 12 01:12:35 5 100 0 104
Nexus#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Po3 1 0/0 0/0 1600 0/0 7992 0
Po2 1 0/0 0/0 5 0/0 50 0
Po1 1 0/0 0/0 5 0/0 50 0
Vl600 1 0/0 0/0 4 0/0 50 0
Nexus#
6509E Site:
6509E_Core#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.24.0/21 is directly connected, Vlan1
L 172.16.24.1/32 is directly connected, Vlan1
172.27.0.0/26 is subnetted, 3 subnets
D 172.27.132.192 [90/3072] via 172.28.0.2, 01:13:42, Vlan600
D 172.27.133.0 [90/3072] via 172.28.0.2, 01:13:42, Vlan600
D 172.27.133.64 [90/3072] via 172.28.0.2, 01:13:42, Vlan600
172.28.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.28.0.0/24 is directly connected, Vlan600
L 172.28.0.1/32 is directly connected, Vlan600
192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.4.0/24 is directly connected, Vlan4
L 192.168.4.254/32 is directly connected, Vlan4
6509E_Core#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.28.0.2 Vl600 14 01:13:48 6 100 0 396
6509E_Core#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Vl600 1 0/0 0/0 6 0/0 50 0
Vl4 0 0/0 0/0 0 0/0 556 0
6509E_Core#
Admin Config:
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
hostname C3850X_Admin
boot-start-marker
boot-end-marker
no aaa new-model
vtp mode transparent
ip dhcp excluded-address 172.27.132.193 172.27.132.200
ip dhcp excluded-address 172.27.80.1 172.27.80.247
ip dhcp excluded-address 172.27.81.1 172.27.81.247
ip dhcp excluded-address 172.27.82.1 172.27.82.31
ip dhcp excluded-address 172.27.83.1 172.27.83.31
!
ip dhcp pool WAN_VLAN_Pool
network 172.27.132.192 255.255.255.192
default-router 172.27.132.193
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Management
network 172.27.80.0 255.255.255.0
default-router 172.27.80.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Video
network 172.27.81.0 255.255.255.0
default-router 172.27.81.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Voice
network 172.27.82.0 255.255.255.0
default-router 172.27.82.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
option 150 ip 172.20.0.2
!
ip dhcp pool Data
network 172.27.83.0 255.255.255.0
default-router 172.27.83.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip cef
no ipv6 cef
!
errdisable recovery cause bpduguard
errdisable recovery cause link-flap
errdisable recovery cause psecure-violation
errdisable recovery interval 600
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 500
name WAN_VLAN
!
vlan 800
name Management
!
vlan 810
name Video
!
vlan 820
name Voice
!
vlan 830
name Data
!
interface Port-channel1
switchport access vlan 500
!
interface GigabitEthernet0/0
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
switchport access vlan 500
media-type rj45
negotiation auto
channel-group 1 mode on
!
interface GigabitEthernet0/2
switchport access vlan 500
media-type rj45
negotiation auto
channel-group 1 mode on
!
interface Vlan500
ip address 172.27.132.194 255.255.255.192
!
interface Vlan800
ip address 172.27.80.1 255.255.255.0
!
interface Vlan810
ip address 172.27.81.1 255.255.255.0
!
interface Vlan820
ip address 172.27.82.1 255.255.255.0
!
interface Vlan830
ip address 172.27.83.1 255.255.255.0
!
router eigrp 1
network 172.27.80.0 0.0.0.255
network 172.27.81.0 0.0.0.255
network 172.27.82.0 0.0.0.255
network 172.27.83.0 0.0.0.255
network 172.27.132.192 0.0.0.63
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
logging origin-id string Switchsyslog
logging host 172.20.0.2
!
control-plane
!
OPS Config:
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname C3850X_Ops
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
vtp mode transparent
!
ip dhcp excluded-address 172.27.133.1 172.27.133.8
ip dhcp excluded-address 172.27.84.1 172.27.84.247
ip dhcp excluded-address 172.27.85.1 172.27.85.247
ip dhcp excluded-address 172.27.86.1 172.27.86.31
ip dhcp excluded-address 172.27.87.1 172.27.87.31
!
ip dhcp pool WAN_VLAN_Pool
network 172.27.133.0 255.255.255.192
default-router 172.27.133.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Management
network 172.27.84.0 255.255.255.0
default-router 172.27.84.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Video
network 172.27.85.0 255.255.255.0
default-router 172.27.85.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Voice
network 172.27.86.0 255.255.255.0
default-router 172.27.86.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
option 150 ip 172.20.0.2
!
ip dhcp pool Data
network 172.27.87.0 255.255.255.0
default-router 172.27.87.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip cef
no ipv6 cef
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 500
name WAN_VLAN
!
vlan 800
name Management
!
vlan 810
name Video
!
vlan 820
name Voice
!
vlan 830
name Data
!
interface Port-channel2
switchport access vlan 500
!
interface GigabitEthernet0/0
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description Uplink to Nexus
switchport access vlan 500
media-type rj45
negotiation auto
channel-group 2 mode on
!
interface GigabitEthernet0/2
description Uplink to Nexus
switchport access vlan 500
media-type rj45
negotiation auto
channel-group 2 mode on
!
interface Vlan500
ip address 172.27.133.2 255.255.255.192
!
interface Vlan800
ip address 172.27.84.1 255.255.255.0
!
interface Vlan810
ip address 172.27.85.1 255.255.255.0
!
interface Vlan820
ip address 172.27.86.1 255.255.255.0
!
interface Vlan830
ip address 172.27.87.1 255.255.255.0
!
!
router eigrp 1
network 172.27.84.0 0.0.0.255
network 172.27.85.0 0.0.0.255
network 172.27.86.0 0.0.0.255
network 172.27.87.0 0.0.0.255
network 172.27.133.0 0.0.0.63
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
logging origin-id string Switchsyslog
logging host 172.20.0.2
!
!
!
control-plane
!
Fleet Config:
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname C3850X_Fleet
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
vtp mode transparent
!
ip dhcp excluded-address 172.27.133.65 172.27.133.72
ip dhcp excluded-address 172.27.88.1 172.27.88.247
ip dhcp excluded-address 172.27.89.1 172.27.89.247
ip dhcp excluded-address 172.27.90.1 172.27.90.31
ip dhcp excluded-address 172.27.91.1 172.27.91.31
!
ip dhcp pool WAN_VLAN_Pool
network 172.27.133.64 255.255.255.192
default-router 172.27.133.65
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Management
network 172.27.88.0 255.255.255.0
default-router 172.27.88.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Video
network 172.27.89.0 255.255.255.0
default-router 172.27.89.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip dhcp pool Voice
network 172.27.90.0 255.255.255.0
default-router 172.27.90.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
option 150 ip 172.20.0.2
!
ip dhcp pool Data
network 172.27.91.0 255.255.255.0
default-router 172.27.91.1
dns-server 172.16.24.8 172.16.24.42
domain-name site.local
!
ip cef
no ipv6 cef
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 500
name WAN_VLAN
!
vlan 800
name Management
!
vlan 810
name Video
!
vlan 820
name Voice
!
vlan 830
name Data
!
interface Port-channel3
switchport access vlan 500
!
interface GigabitEthernet0/0
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description Uplink to Nexus
switchport access vlan 500
media-type rj45
negotiation auto
channel-group 3 mode on
!
interface GigabitEthernet0/2
description Uplink to Nexus
switchport access vlan 500
media-type rj45
negotiation auto
channel-group 3 mode on
!
interface Vlan500
ip address 172.27.133.66 255.255.255.192
!
interface Vlan800
ip address 172.27.88.1 255.255.255.0
!
interface Vlan810
ip address 172.27.89.1 255.255.255.0
!
interface Vlan820
ip address 172.27.90.1 255.255.255.0
!
interface Vlan830
ip address 172.27.91.1 255.255.255.0
!
router eigrp 1
network 172.27.88.0 0.0.0.255
network 172.27.89.0 0.0.0.255
network 172.27.90.0 0.0.0.255
network 172.27.91.0 0.0.0.255
network 172.27.133.64 0.0.0.63
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
logging origin-id string Switchsyslog
logging host 172.20.0.2
!
control-plane
!
Nexus Config:
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname Nexus
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
vtp mode transparent
!
ip cef
no ipv6 cef
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 4
name HW_Mgmt
!
vlan 600
name Uplink_To_Core
!
interface Port-channel1
no switchport
ip address 172.27.132.193 255.255.255.192
spanning-tree portfast edge
spanning-tree link-type point-to-point
!
interface Port-channel2
no switchport
ip address 172.27.133.1 255.255.255.192
spanning-tree portfast edge
spanning-tree link-type point-to-point
!
interface Port-channel3
no switchport
ip address 172.27.133.65 255.255.255.192
spanning-tree portfast edge
spanning-tree link-type point-to-point
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description Uplink to Admin
no switchport
no ip address
negotiation auto
channel-group 1 mode on
!
interface GigabitEthernet0/2
description Uplink to Admin
no switchport
no ip address
negotiation auto
channel-group 1 mode on
!
interface GigabitEthernet0/3
description Uplink to Ops
no switchport
no ip address
negotiation auto
channel-group 2 mode on
!
interface GigabitEthernet1/0
description Uplink to Ops
no switchport
no ip address
negotiation auto
channel-group 2 mode on
!
interface GigabitEthernet1/1
description Uplink to Fleet
no switchport
no ip address
negotiation auto
channel-group 3 mode on
!
interface GigabitEthernet1/2
description Uplink to Fleet
no switchport
no ip address
negotiation auto
channel-group 3 mode on
!
interface GigabitEthernet1/3
description Uplink to 6509E
switchport trunk encapsulation dot1q
switchport trunk native vlan 600
switchport mode trunk
media-type rj45
negotiation auto
!
interface GigabitEthernet2/0
description Server 2
switchport access vlan 4
media-type rj45
negotiation auto
!
interface Vlan600
ip address 172.28.0.2 255.255.255.0
!
router eigrp 1
network 172.27.80.0 0.0.0.255
network 172.27.81.0 0.0.0.255
network 172.27.82.0 0.0.0.255
network 172.27.83.0 0.0.0.255
network 172.27.84.0 0.0.0.255
network 172.27.85.0 0.0.0.255
network 172.27.86.0 0.0.0.255
network 172.27.87.0 0.0.0.255
network 172.27.88.0 0.0.0.255
network 172.27.89.0 0.0.0.255
network 172.27.90.0 0.0.0.255
network 172.27.91.0 0.0.0.255
network 172.27.132.192 0.0.0.63
network 172.27.133.0 0.0.0.63
network 172.27.133.64 0.0.0.63
network 172.28.0.0 0.0.0.255
network 192.168.4.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
control-plane
!
6509E Config:
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname 6509E_Core
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
vtp mode transparent
!
ip cef
no ipv6 cef
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 4
name HW_Mgmt
!
vlan 600
name ISP_EPLAN_Uplink
!
interface GigabitEthernet0/0
shutdown
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description ISP EP-LAN Uplink
switchport trunk encapsulation dot1q
switchport trunk native vlan 600
switchport mode trunk
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
switchport access vlan 4
media-type rj45
negotiation auto
!
interface Vlan1
ip address 172.16.24.1 255.255.248.0
!
interface Vlan4
description ***VM-MNGT***
ip address 192.168.4.254 255.255.255.0
!
interface Vlan600
ip address 172.28.0.1 255.255.255.0
!
!
router eigrp 1
network 172.28.0.0 0.0.0.255
network 192.168.4.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
control-plane
06-23-2017 03:19 PM
Your EIGRP configuration on the Nexus is wrong.
If you are routing between the Admin, Ops and Fleet sites to the Nexus then you do not have network statements under the EIGRP configuration for the subnets local to each remote site.
The same applies to the 192.168.4.0/24 subnet ie. you do not have an SVI on the Nexus for this, it is routed on the 6500 so you don't need a network statement for that either.
So on the Nexus you only need network statements for the port channel subnets connecting to the remote sites and for the vlan 600 subnet connecting to the 6500 switch.
I am not sure that is your problem but can you tidy all that up first and then it may be easier to troubleshoot.
Jon
06-24-2017 08:23 AM
Jon,
I cleaned up the Nexus site eigrp configuration and I am still unable to ping the Server-1 host from any site. EIGRP configuration on the Nexus site is now as follows:
Nexus#sh run | beg router eigrp
router eigrp 1
network 172.27.132.192 0.0.0.63
network 172.27.133.0 0.0.0.63
network 172.27.133.64 0.0.0.63
network 172.28.0.0 0.0.0.255
Nexus#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.27.0.0/16 is variably subnetted, 6 subnets, 2 masks
C 172.27.132.192/26 is directly connected, Port-channel1
L 172.27.132.193/32 is directly connected, Port-channel1
C 172.27.133.0/26 is directly connected, Port-channel2
L 172.27.133.1/32 is directly connected, Port-channel2
C 172.27.133.64/26 is directly connected, Port-channel3
L 172.27.133.65/32 is directly connected, Port-channel3
172.28.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.28.0.0/24 is directly connected, Vlan600
L 172.28.0.2/32 is directly connected, Vlan600
D 192.168.4.0/24 [90/3072] via 172.28.0.1, 00:01:57, Vlan600
Nexus#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
3 172.27.133.2 Po2 11 00:02:10 11 100 0 128
2 172.27.132.194 Po1 11 00:02:10 10 100 0 129
1 172.27.133.66 Po3 11 00:02:10 12 100 0 128
0 172.28.0.1 Vl600 10 00:02:10 1593 5000 0 146
Nexus#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Po3 1 0/0 0/0 12 0/0 50 0
Po2 1 0/0 0/0 11 0/0 50 0
Po1 1 0/0 0/0 10 0/0 50 0
Vl600 1 0/0 0/0 1593 0/0 7960 0
Nexus#
Nexus#ping 192.168.4.200
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.200, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Nexus#traceroute ip 192.168.4.200
Type escape sequence to abort.
Tracing the route to 192.168.4.200
VRF info: (vrf in name/id, vrf out name/id)
1 172.28.0.1 2 msec 3 msec 2 msec
2 * * *
3 * * *
4 * * *
5 *
Nexus#
Not only can I not access the Server-1 (192.168.4.200) from the Nexus campus, but I cannot access it from any other site. Below is from the Admin site:
C3850X_Admin#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.27.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.27.132.192/26 is directly connected, Vlan500
L 172.27.132.194/32 is directly connected, Vlan500
D 172.27.133.0/26 [90/3072] via 172.27.132.193, 00:04:30, Vlan500
D 172.27.133.64/26 [90/3072] via 172.27.132.193, 00:04:30, Vlan500
172.28.0.0/24 is subnetted, 1 subnets
D 172.28.0.0 [90/3072] via 172.27.132.193, 00:04:30, Vlan500
D 192.168.4.0/24 [90/3328] via 172.27.132.193, 00:04:30, Vlan500
C3850X_Admin#sh ip eigrp nei
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.27.132.193 Vl500 11 00:04:39 18 108 0 496
C3850X_Admin#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(1)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Vl800 0 0/0 0/0 0 0/0 0 0
Vl810 0 0/0 0/0 0 0/0 0 0
Vl820 0 0/0 0/0 0 0/0 0 0
Vl830 0 0/0 0/0 0 0/0 0 0
Vl500 1 0/0 0/0 18 0/1 76 0
C3850X_Admin#traceroute ip 192.168.4.200
Type escape sequence to abort.
Tracing the route to 192.168.4.200
VRF info: (vrf in name/id, vrf out name/id)
1 172.27.132.193 3 msec 3 msec 3 msec
2 172.28.0.1 4 msec 6 msec 6 msec
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 *
C3850X_Admin#
Thanks,
Bob
06-24-2017 09:49 AM
Bob
Presumably the 6500 can ping the server ?
If so then can you check the default gateway on the server to make sure it is correct.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide