cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
881
Views
0
Helpful
9
Replies

Possible defunct EIGRP AS

Jim Mueller
Level 1
Level 1

We recently had our VAR perform a network assessment and they noticed we had a second EIGRP AS. They said that while there are cases where multiple AS within an IGP are appropriate, we feel it is possible this is extra configuration remaining from a previous deployment. How can we determine whether EIGRP 222 is still in use?

router eigrp 111

network 0.0.0.0

redistribute eigrp 222 metric 50000 2000 255 1 1400 route-map eigrp-111-redis-rm

passive-interface default

no passive-interface Vlan246

no passive-interface GigabitEthernet2/0/48

eigrp router-id 172.16.13.2

!

router eigrp 222

network 172.16.13.0 0.0.0.15

network 172.18.255.0 0.0.0.3

network 192.168.0.0

passive-interface default

no passive-interface Tunnel173

no passive-interface Vlan246

eigrp router-id 172.16.13.2

!

 

1 Accepted Solution

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

There are several things that you can do to determine whether AS 222 is in use.

The most simple thing is to look in the routing table and see if there are redistributed routes from AS 222. If there are redistributed routes from AS 222 then you know it is still in use. But not having redistributed routes does not necessarily mean it is not in use. It only means that AS 222 has not learned any unique routes.

So if there are not any redistributed routes then another thing that you can do is to look to see if there are any EIGRP neighbors for AS 222. If there is an EIGRP neighbor on Tunnel173 then clearly AS 222 is in use since that interface is passive in AS 111. If there is a neighbor on vlan 246 then you need to check whether the neighbor is for 222 or for 111 since that interface is active in both AS.

The most comprehensive and conclusive thing to do is to show ip eigrp topology all and then look for anything generated for AS 222.

HTH

Rick

HTH

Rick

View solution in original post

9 Replies 9

AllertGen
Level 3
Level 3

Hello.

You can try to use a "sh ip eigrp <AS> topology" to see if AS has any route in it. And by a "sh ip eigrp <AS> neighbors" command you can find other devices that use the same AS.

Best Regards.

That's what we're trying to determine, what the results will be of removing AS 222. Results of the various referenced commands:

---

DS-ORL-CORE#sh ip eigrp top

EIGRP-IPv4 Topology Table for AS(222)/ID(172.16.13.2)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 172.16.13.0/28, 1 successors, FD is 281600
        via Connected, Vlan246
P 172.16.2.0/23, 1 successors, FD is 1282816
        via 172.18.255.2 (1282816/2816), Tunnel173
P 192.168.0.0/24, 1 successors, FD is 2816
        via Connected, Vlan10
P 172.16.0.0/16, 1 successors, FD is 281600
        via Summary (281600/0), Null0
P 172.18.255.0/30, 1 successors, FD is 1282560
        via Connected, Tunnel173
P 172.16.254.0/24, 1 successors, FD is 26112256
        via 172.16.13.10 (26112256/25856256), Vlan246
P 172.16.13.252/30, 0 successors, FD is Inaccessible
        via 172.16.13.10 (26112000/25856000), Vlan246

DS-ORL-CORE#sh ip rou eigrp 222
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 172.16.13.8 to network 0.0.0.0

      172.16.0.0/16 is variably subnetted, 20 subnets, 6 masks
D        172.16.0.0/16 is a summary, 7w0d, Null0
D        172.16.2.0/23 [90/1282816] via 172.18.255.2, 3w4d, Tunnel173
D        172.16.254.0/24 [90/26112256] via 172.16.13.10, 4w4d, Vlan246
DS-ORL-CORE#sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(111)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
3   172.16.13.7             Vl246             13 4w5d        5   200  0  226208
4   172.16.13.5             Vl246             12 5w4d       28   200  0  1423932
5   172.16.200.2            Gi2/0/48          11 9w0d        1   200  0  108296
2   172.16.13.8             Vl246             13 12w0d       4   200  0  322242
1   172.16.13.10            Vl246             13 1y28w       1   200  0  21621340
0   172.16.13.4             Vl246             10 1y28w      20   200  0  20815111
EIGRP-IPv4 Neighbors for AS(222)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
1   172.18.255.2            Tu173             13 3w4d       35   210  0  927
0   172.16.13.10            Vl246             10 42w2d       1   200  0  1212
DS-ORL-CORE#

DS-ORL-CORE#sh ip eigrp 222 top
EIGRP-IPv4 Topology Table for AS(222)/ID(172.16.13.2)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 172.16.13.0/28, 1 successors, FD is 281600
        via Connected, Vlan246
P 172.16.2.0/23, 1 successors, FD is 1282816
        via 172.18.255.2 (1282816/2816), Tunnel173
P 192.168.0.0/24, 1 successors, FD is 2816
        via Connected, Vlan10
P 172.16.0.0/16, 1 successors, FD is 281600
        via Summary (281600/0), Null0
P 172.18.255.0/30, 1 successors, FD is 1282560
        via Connected, Tunnel173
P 172.16.254.0/24, 1 successors, FD is 26112256
        via 172.16.13.10 (26112256/25856256), Vlan246
P 172.16.13.252/30, 0 successors, FD is Inaccessible
        via 172.16.13.10 (26112000/25856000), Vlan246

DS-ORL-CORE#sh ip eigrp 222 neighbors
EIGRP-IPv4 Neighbors for AS(222)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
1   172.18.255.2            Tu173             11 3w4d       35   210  0  927
0   172.16.13.10            Vl246             14 42w2d       1   200  0  1212
DS-ORL-CORE#

---

You are definitely learning some routes only with EIGRP AS 222 ie. via the tunnel interface.

If you remove it you lose those routes.

It is however not possible to say whether or not you need both AS's in your environment because we do not have a full picture. You usually don't need multiple AS's but perhaps you do for your network.

As Rick has pointed out simply allocating the tunnel interface to AS 111 could change the behaviour of the routing and I agree with him when he says you have to evaluate exactly what is happening on all your routers before you can decide whether to remove AS 222.

It would be irresponsible of us to simply suggest removing it (after adding the tunnel interface to AS 111) because we do not know if there was a good reason to set it up like that.

What I can say though is that someone has gone to the trouble of creating a second AS and redistributing EIGRP routes so I would assume there is a good reason unless you can prove otherwise.

Jon

The question in the original post was whether AS 222 was defunct. Clearly it is not. So the original question is answered.

So now there is a new question: do you need AS 222? We do not have enough information about your environment to be able to supply good answers to that. Since we have not seen your route map we are not sure whether all of the routes learned from 222 are redistributed into 111. You need to evaluate that. We see that at least one route is learned via vlan 10 in 111. Clearly that is not currently advertised to 222. You need to evaluate the potential impact if that route is advertised.

As I said and as Jon has reinforced the separate AS was created for a purpose. And removing the second AS will change some behaviors. Only the original poster knows enough about the relationships between the parts of this network to be able to determine whether the original purpose is still valid and should be maintained. Or if that original purpose has become unnecessary.

HTH

Rick

HTH

Rick

Unless of course your VAR has done a full assessment in which case I would have thought they could tell you what configuration changes you needed.

Jon

rickardkorkko
Level 1
Level 1

Verify if you have any active neighbors for AS 222. If not then the config can be removed.
#show ip eigrp neighbors

If you have neighbors, check the EIGRP topology for the AS as well
#show ip eigrp topology

If you learn the same routes through both ASs with the same FD I would say it's safe to remove the configuration for AS 222.

If you have some that are unique and only learned via AS 222 (i.e via Tunnel173) you will loose reachability to those networks when removing the config if you're not enabling it for AS 111 as well. 

While it is certainly possible to enable  Tunnel 173 for AS 111 be aware that this will change a behavior. With redistribution some routes learned from AS 222 will be advertised to AS 111, depending on what is permitted in the route map.  And there may be routes learned from AS 222 that are not redistributed, depending on what is permitted in the route map. And you are currently not necessarily advertising all AS 111 routes to AS 222. Any route learned via interface Gig2/0/48 are not advertised. Enabling Tunnel 173 in AS 111 will mean that all routes currently learned from 222 will be advertised to 111. And all routes learned from 111 will be advertised to what is now 222.

It may be that the second AS was set up for a reason. And if it is active then you should evaluate the results of removing it.

HTH

Rick 

HTH

Rick

Richard Burts
Hall of Fame
Hall of Fame

There are several things that you can do to determine whether AS 222 is in use.

The most simple thing is to look in the routing table and see if there are redistributed routes from AS 222. If there are redistributed routes from AS 222 then you know it is still in use. But not having redistributed routes does not necessarily mean it is not in use. It only means that AS 222 has not learned any unique routes.

So if there are not any redistributed routes then another thing that you can do is to look to see if there are any EIGRP neighbors for AS 222. If there is an EIGRP neighbor on Tunnel173 then clearly AS 222 is in use since that interface is passive in AS 111. If there is a neighbor on vlan 246 then you need to check whether the neighbor is for 222 or for 111 since that interface is active in both AS.

The most comprehensive and conclusive thing to do is to show ip eigrp topology all and then look for anything generated for AS 222.

HTH

Rick

HTH

Rick

The first question of whether the AS is defunct was straightforward. I am glad that our suggestions were helpful in answering it. Thank you for using the rating system to mark this question as answered. The second question about whether you still need the second AS is more complex and needs an understanding of the relationships between the various parts of the network. We can help identify what would change if you remove AS 222 and put everything into AS 111. But we do not have enough information to assess the impact of doing this.

HTH

Rick

HTH

Rick
Review Cisco Networking for a $25 gift card