Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
333
Views
0
Helpful
3
Replies

How can I tell if a configured IP route is actively being used within a 6509?

ttrevino1
Level 1
Level 1

‎04-01-2014 12:33 PM - edited ‎03-07-2019 06:57 PM

I need to clean up some old routes entered from a previous project and need to confirm there isn't any traffic routing across these ip routes. Can someone tell me how to confirm they are not actively being used?

 

ip route 10.x.2.0 255.255.255.0 10.x.1.50

Labels:
0 Helpful
3 Replies 3

Reza Sharifi
Hall of Fame
Hall of Fame

‎04-01-2014 01:17 PM

One easy way is to ping the next hop:

for example (ping 10.x.1.50)

If there is no response than the route can be removed. Just make sure the next hop router is not blocking ICMP.

Also, look at the routing table, if  the command is in the config and not in the routing table, usually next hop is not there any more.

Be careful make sure you copy and paste the commands somewhere in case you need to put it back.

HTH

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Reza Sharifi

‎04-01-2014 01:33 PM

This is an interesting question. I think that Reza's suggestion is safe and would be a good first step - if the next hop is no longer valid then it should be safe to remove the static route (though I guess you also need to be careful that the situation with the next hop address is not a temporary issue in the network). But ultimately I think the original poster is looking for something different. I think the issue that he is trying to solve is how to identify destination addresses to which they are no longer sending traffic (perhaps some examples might be an address that used to be a business partner but is no longer in that relationship, or an address of a remote site for VPN but the addressing at the remote site changed, or things like that). My suggestion is that if the original poster is running NetFlow and is sending NetFlow records to a device which receives, stores, and can search the records then you could look in the NetFlow records for the destination addresses in the static routes.

 

HTH

 

Rick

HTH

Rick
0 Helpful

ttrevino1
Level 1
Level 1
In response to Reza Sharifi

‎04-01-2014 01:43 PM

Hi Reza, thank you for the response. This was for some old NAC servers that we powered down a week or so ago, so I'm removing the routes that were supposed to point traffic to them. The original vlanx11 is still active, however, there are no ports assigned within that vlan, so it would appear there is no way traffic could be generated from that vlan, to these routes?

ip route 10.x.2.0 255.255.255.0 10.x.1.50
ip route 10.19.2.0 255.255.255.0 10.x.1.48 name NAC_VPN_POOL_FIREWALL1
ip route 10.19.4.0 255.255.255.0 10.x.1.48 name NAC_VPN_POOL_FIREWALL2
!
interface Vlanx11
 ip address 10.x.1.1 255.255.255.0
!
interface Vlanx12
 no ip address

I'm assuming deleting these shouldn't affect anything, but wanted to confirm with others.

I'm not running Netflow, so can't look at traffic that way. Thank you also for the response Richard. :o)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card