1. Home
  2. Cisco Systems
  3. eigrp issue

eigrp issue

hi,

we have a 2 layers network with 6 backbone multilayer switches 6500 (at the distribution layer). there are two internet lines. from different routers. As we decided to share the load, we (rouglhy) implemented like this

on 6500-router-1.

ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

on 6500-Router-2 :

ip static routes to 2nd.internet.line.router # so according to destination network the traffic goes to one or another router

ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

I think this last command would give me failover in case 1st default route would go down. but in practice it was not.

in my test, I shutdown 6500-router-1, but there were no defaut route any longer.. i could not go to interent, except static route of course.

I checked in the eigrp guide, but i couldn't find easy implementation. what could be the solution if

we dont want to load balance. the two line are on different routers, I mean there are no common enterprise edge block.. the goal is to have a backup route.

thank you

Reply to
nini
Loading thread data ...

What was your eigrp config on each?

Reply to
Trendkill

the 1st router i shut down had the following.

#just the default route ip route 0.0.0.0 0.0.0.0 its_gateway tag 1

router eigrp 1 traffic-share min across-interfaces redistribute static route-map static-into-eigrp1 passive-interface default no passive-interface GigabitEthernet1/1 no passive-interface GigabitEthernet1/2 no passive-interface GigabitEthernet3/16 no passive-interface Port-channel41 ...network commands... no auto-summary eigrp router-id 10.0.1.3 eigrp log-neighbor-changes

the second which was suppose to failover the default route has the following

ip route 0.0.0.0 0.0.0.0 its_gateway 255 tag 1 ip static route to its_gateway

router eigrp 1 traffic-share min across-interfaces redistribute static route-map static-into-eigrp1 passive-interface default no passive-interface GigabitEthernet1/1 no passive-interface GigabitEthernet1/2 no passive-interface GigabitEthernet6/16 no passive-interface Port-channel173 ...network command... auto-summary eigrp log-neighbor-changes

thanks

Reply to
nini

the 1st router i shut down had the following.

#just the default route ip route 0.0.0.0 0.0.0.0 its_gateway tag 1

router eigrp 1 traffic-share min across-interfaces redistribute static route-map static-into-eigrp1 passive-interface default no passive-interface GigabitEthernet1/1 no passive-interface GigabitEthernet1/2 no passive-interface GigabitEthernet3/16 no passive-interface Port-channel41 ...network commands... no auto-summary eigrp router-id 10.0.1.3 eigrp log-neighbor-changes

the second which was suppose to failover the default route has the following

ip route 0.0.0.0 0.0.0.0 its_gateway 255 tag 1 ip static route to its_gateway

router eigrp 1 traffic-share min across-interfaces redistribute static route-map static-into-eigrp1 passive-interface default no passive-interface GigabitEthernet1/1 no passive-interface GigabitEthernet1/2 no passive-interface GigabitEthernet6/16 no passive-interface Port-channel173 ...network command... auto-summary eigrp log-neighbor-changes

thanks

Reply to
nini

I *think* I have an idea of what you're doing, but more info would be helpful. I'll make a couple of assumptions and scenarios...

First, I assume you're multihomed? If so, and a 100,000 foot level, your two routers have an iBGP session between them with an IGP providing the routes for the peering. I assume that you're taking default routes from the providers. You could set an inbound BGP route preference for a provider and set up EIGRP peering to your Cats. Advertise a default network from your border routers (EIGRP) to the Cats.

Second, if not multihomed (no BGP), do something similar to above. Setup EIGRP peering between the border routers and the Cats. Advertise a default network from both border routers. You can tweak the metrics on the border routers if you prefer one provider.

Third, implement HSRP/GLBP and point your default gateway to the virtual address that is shared between the two border routers.

I'm kinda throwing stuff out there to see what sticks. I'm wondering about your perimeter are firewalls and such in the mix? I'd love to hear more about these two providers, and how your network is viewed by the public Internet. Anyway, these are musings from a guy with limited knowledge. :-)

Reply to
fugettaboutit

it is nothing about all this.

we have 6 core routers which forms our network. one of them is connected to the internet, it points to one nokia checkpoint firewall, which is connected to an isp another core routers in another building, 5km away, has a connection to another checkpoint firewall, which is connected to the same isp. The external interfaces of both firewall (isp side) are probably in the same segment and probaly can play bith bgp. but we are not awre of this. but, in our lan they are on different segment, one is 10.2.1.0/24, the other 10.1.3.0/24. hsrp cannot play here. because, as i mentionned, there are no enterpise edge block, no layer 2 in our core network. so the defaut route point to 10.2.1.200 some large internet segment are routed trough 10.1.3.200.

I dont understand why, when the checkpoint, or the core routers of the

1st internet line goes down, there are no takeover.

I tought that eigrp could deal with such scenario, which is not unusual. but i ve not yet found any doc introducing backup features..

Reply to
nini

it is nothing about all this.

we have 6 core routers which forms our network. one of them is connected to the internet, it points to one nokia checkpoint firewall, which is connected to an isp another core routers in another building, 5km away, has a connection to another checkpoint firewall, which is connected to the same isp. The external interfaces of both firewall (isp side) are probably in the same segment and probaly can play bith bgp. but we are not awre of this. but, in our lan they are on different segment, one is 10.2.1.0/24, the other 10.1.3.0/24. hsrp cannot play here. because, as i mentionned, there are no enterpise edge block, no layer 2 in our core network. so the defaut route point to 10.2.1.200 some large internet segment are routed trough 10.1.3.200.

I dont understand why, when the checkpoint, or the core routers of the

1st internet line goes down, there are no takeover.

I tought that eigrp could deal with such scenario, which is not unusual. but i ve not yet found any doc introducing backup features..

Reply to
nini

So when it drops (the internet router), the 0.0.0.0 route to that hop will not clear out of the table unless the core that has the static route drops. Are you saying that core drops, and the route stays? What does show ip route 0.0.0.0 show on the other cores when that core goes down? By going down, do you mean the router is fully down, or just the link to the internet, which would not do anything since the static route is still in?

Overall, I would recommend doing a default route with tracking which pings the upstream internet router, or even next hop beyond that. If that ping fails, the route will disappear from the routing table. Also, what does your route map do?

All in all, if you turn up a routing protocol between the internet router and the core, redistribute it into EIGRP, then if that connection goes down, the route goes away. At that point, and having the second internet connection configured in the same way, it would failover. I would also just let 0.0.0.0 in from the internet router and not the whole internet routing table.

Reply to
Trendkill

pr=E9c=E9dents -

I understand that if the checkpoint firewall fail, the route is not automatically updated. but in my case, it is the core router who fails there are no route map, nothing.

in the "backup" core, I changed the following line

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 255 tag 1

to

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 171 tag 1

now it failover, but doenst failback..

Reply to
nini

pr=E9c=E9dents -

I understand that if the checkpoint firewall fail, the route is not automatically updated. but in my case, it is the core router who fails there are no route map, nothing.

in the "backup" core, I changed the following line

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 255 tag 1

to

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 171 tag 1

now it failover, but doenst failback..

Reply to
nini

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.