Accepted Solutions
I did lab this up for you and came up with the same result.
R1 cannot ping its locally connected interface due to the longest match rule:
R1(config-router)#do sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.13.0.0/24 is subnetted, 1 subnets
C 172.13.0.0 is directly connected, FastEthernet0/1
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O 10.12.0.0/24 [110/30] via 172.13.0.3, 01:42:38, FastEthernet0/1
C 10.12.0.0/16 is directly connected, FastEthernet0/0
O 10.23.0.0/24 [110/20] via 172.13.0.3, 01:42:48, FastEthernet0/1
R1(config-router)#do ping 10.12.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.12.0.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Italicized is the locally 10.12.0.0/16 subnet with R1 at 10.12.0.1/16. R2 has 10.12.0.2/24. When you ping 10.12.0.1, the router looks at the routing table and notices that 10.12.0.0/24 is the more specific match and tries to send it out Fa0/1 to R2.
Also, being that you're using OSPF, the neighbor's masks have to match. You'll probably notice that the interface that you're trying to ping doesn't have an adjacency with the neighbor on the other side. So, the route that should be connected is actually being learned from another interface due to the mismatched mask and no adjacency on this interface.
On R1 debug ip packet:
*Mar 1 02:53:33.951: IP: tableid=0, s=172.13.0.1 (FastEthernet0/0), d=10.12.0.1 (FastEthernet0/1), routed via RIB
*Mar 1 02:53:33.951: IP: s=172.13.0.1 (FastEthernet0/0), d=10.12.0.1 (FastEthernet0/1), g=172.13.0.3, len 100, forward
*Mar 1 02:53:33.955: ICMP type=8, code=0
I've attached my topology for you to see. Here are my adjacencies:
R1:
Neighbor ID Pri State Dead Time Address Interface
172.13.0.3 1 FULL/DR 00:00:34 172.13.0.3 FastEthernet0/1
R2:
Neighbor ID Pri State Dead Time Address Interface
172.13.0.3 1 FULL/DR 00:00:32 10.23.0.3 FastEthernet0/1
R3:
Neighbor ID Pri State Dead Time Address Interface
10.23.0.2 1 FULL/BDR 00:00:33 10.23.0.2 FastEthernet0/1
172.13.0.1 1 FULL/BDR 00:00:39 172.13.0.1 FastEthernet0/0
So what I did was create a static route for 10.12.0.1/32 pointing to fa0/1 (172.13.0.1) on R3. I then created a static route on R2 pointing 10.12.0.1/32 to R3. I was able to ping at that point:
R2#trace 10.12.0.1
Type escape sequence to abort.
Tracing the route to 10.12.0.1
1 10.23.0.3 48 msec 36 msec 24 msec
2 172.13.0.1 84 msec * 52 msec
R2#
Before doing this, I wasn't able to ping from R2 to 10.12.0.1/32. The reason was once it hit R3, R3 had a route for 10.12.0.0/24 from R2 and was sending it back to R2 creating a loop.
Now I can ping R1, but why? R1 still sends the packet to R3, but R3 now tells R1 to go back to itself on 172.13.0.1:
R1#ping 10.12.0.1 rep 2
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 10.12.0.1, timeout is 2 seconds:
!!
Success rate is 100 percent (2/2), round-trip min/avg/max = 28/48/68 ms
R1#
R3#
*Mar 1 03:08:14.523: ICMP: redirect sent to 172.13.0.1 for dest 10.12.0.1, use gw 172.13.0.1
R3#
So, it's definitely the longest match rule. You could try this to fix yours although I definitely wouldn't do it in production because theirs no reason really. Put a static route on the host that would be your next hop for the longest subnet (whatever host is on f0/1). You can put a static on that host for 172.28.38.1/32 pointing to it's next hop to get back to this router. Once you do that, R3 will send a packet out and it will get returned back with a response. This is only a lab thing though
HTH,
John
*** Please rate all useful posts ***
