Hi Francesco,

ht513067625 · ‎06-29-2017

Hi guys.

I am currently having an EIGRP issue. I will make long story short.

Topology is simple, an ASA firewall connect to a Cisco switch, and running Eigrp. My question is from switch i show ip eigrp neighbor detail:

209-Remote#show ip eigrp neighbors detail

EIGRP-IPv4 Neighbors for AS(10)

H Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num

0 10.209.130.1 Vl2130 14 00:01:13 1 5000 1 0

Version 9.8/3.0, Retrans: 15, Retries: 15, Waiting for Init, Waiting for Init Ack

Topology-ids from peer - 0

UPDATE seq 4289 ser 0-0 Sent 73630 Init Sequenced

Then i try do "debug eigrp packet" from firwall, I get following:

EIGRP: Sending HELLO on INSIDE

AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 2046/2047 iidbQ un/rely 0/0

EIGRP: received packet with MD5 authentication, key id = 1

EIGRP: Received UPDATE on INSIDE nbr 10.209.130.254

AS 10, Flags 0x1:(), Seq 4282/0 interfaceQ 2043/2047

EIGRP: Neighbor(10.209.130.254) not yet found

EIGRP: Sending HELLO on INSIDE

AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 2041/2047 iidbQ un/rely 0/0

I find out ASA receive updates, but neighbor not yet found. Then I try ping 224.0.0.10,

Switch can get reply from the other 2 neighbors, but ASA get nothing.

I stuck at here and don't know what to do now.

This network worked well before. this morning I find out I cant ping ASA from my monitor system.

Any help will be appreciated.

Many thanks in advance!!

Tian

Francesco Molino · ‎06-29-2017

Hi

This issue means that asa doesn't receive any multicast traffic.

Stupid question but you can ping asa and switch from their connected subnet?

Can you check on asa if you get some multicast drop traffic?

Just to be sure that there isn't any other thing impacting the peering (acl or whatever), can you issue there command neighbor on both sides (asa and switch) to see if the peering is coming back UP.

Thanks

PS: Please don't forget to rate and mark as correct answer if this answered your question

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

ht513067625 · ‎06-29-2017

Hi Francesco,

thank you for your reply!

connected subnets are pingable, also there is no drop packets.

Nothing changed and no ACL.

Francesco Molino · ‎06-29-2017

Ok this is weird that you face the bug without doing anything while the everything was up and running before.

can you setup the neighbor command in both side to check if owing is back up?

Can you share some outputs like:

Sh ip protocol, eigrp config, timeout of eigrp on both side?

Thanks

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

ht513067625 · ‎06-30-2017

issue was resolved. But I am still confused.

so what I did is I remove the network statement under asa EIGRP process, and put it back, then it works.

I tried the same way on the switch, but didnt work.

I really want to figure out the issue. One of our senior engineer told me he saw this happen before when there was asa failover, but I did the same thing to other clients network, there is no such issue.

anyway, thank you for your help!

Tian

Need Help for Eigrp neighbor issue.