If a router receives EIGRP (AD90) routes, and is configured to redistribute thoes routes into BGP(AD20), why does the RIB show only the incoming EIGRP routes and not the redistributed bgp routes? Are redistributed routes considered for RIB entry in the router that is doing the redistribution
View 2 RepliesOn 3750 switch with IOS c3750-ipbasek9-mz.122-55.SE4.bin "eigrp stub static redistributed" command will be executable ?
View 1 Replies View RelatedIs it possible to issue eigrp leaking routes on catalyst 6500 running IOS 12.2-33SXI9 on gigabitethernet interfaces? or is there another way to acomplish this?
View 10 Replies View RelatedI have a 3560 with IP base that is acting as a true EIGRP stub router today. It advertises local routes to the upstream service provider router and receives a default route.
Now I want to connect a 3900 ISR as a voice gateway. The 3560 does not seem to be advertising any routes to the 3900. Ok the EIGRP stub doc says this:
Only specified routes are propagated from the remote (stub) router. The router responds to queries for summaries, connected routes, redistributed static routes, external routes, and internal routes with the message "inaccessible." A router that is configured as a stub will send a special peer information packet to all neighboring routers to report its status as a stub router.
# Any neighbor that receives a packet informing it of the stub status will not query the stub router for any routes, and a router that has a stub peer will not query that peer. The stub router will depend on the distribution router to send the proper updates to all peers.
I guess I don't understand why the stub advertises local routes to the upstream ISP router but does not seem to advertise routes to the 3900. Does the stub identify the ISP router as the distribution router somehow, thus differentiating it from the 3900? If so, how is this done?
show ip eigrp neighbor detail on the 3900:
EIGRP-IPv4 Neighbors for AS(100)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
[Code].....
Is there a way in EIGRP to prefer external routes versus internal routes. EIGRP always picks up internal routes as long as they are available, no matter if external routes have better metric. Our Scenario is that we have DMVPN hub and spoke topology running EIGRP 101. The Core routers also on EIGRP 101 prefer EIGRP 101 routes. We have the new MPLS network running BGP and redistributing these BGP routes into EIGRP 101. The core routers prefer EIGRP 101 routes (internal) to redistributed BGP (external) routes.
View 9 Replies View RelatedOn one of our routers (running bgp and ospf), we are redistributing ospf to bgp. This router has a loopback interface which is advertised in ospf.
Router#sh ip route 10.22.0.24
Routing entry for 10.22.0.24/32
Known via "connected", distance 0, metric 0 (connected, via interface)
Redistributing via bgp 64999
Routing Descriptor Blocks:
* directly connected, via Loopback11
Route metric is 0, traffic share count is 1
I am confused about "Redistributing via bgp 64999" part.....Under router bgp, we are redist only ospf and static routes, but using route-maps like this:
redistribute static route-map STATIC2BGP
redistribute ospf 1 route-map OSPF2BGP
Obviously it won't match redistribute static because it is not static, but connected interface...And 10.22.0.24 does not appear in match statement in route-map OSPF2BGP, how is it still shown as "Redistributing via bgp 64999"?
i have a problem in my eigrp configuration that the other branch only see the network that i am advertised in eigrp and can't see the the redistibuted static route inside eigrp .. i dunno why is thatand that's my running.
View 16 Replies View RelatedI have a 3825 running c3825-advipservicesk9-mz.124-24.T8. It is configured as an eigrp stub advertising only its connected and static routes. There are three WAN connections using a metro ethernet service. Two are data, one for voice traffic. The primary data connections run to two WAN edge ASR1002 routers.
The primary data connection (Gi0/1.943) is 20 Megs, the secondary data connection (Gi0/1.944) is only 15 Megs. Before the secondary connection was in place I only had routes to our backbone via Gi0/1.943 and everything was working great. Some time after the secondary data connection was turned up the routes to the backbone through Gi0/1.943 disappeared from the eigrp topology table causing all data traffic to flow through the less desirable secondary Gi0/1.944 interface to our backbone.
There is a good eigrp neighbor relationship between the 3825 and the ASR connected to Gi0/1.943, but if I show ip protocols it does not list the ASR as a data source. I know that the ASR is advertising its routes because I can see the updates coming from it if I debug ip eigrp. For some reason they are just not being added to the topology table by the 3825, not even as a feasible successor.
I have shut/no shut the interface multiple times at both ends during troubleshooting and I also reloaded and upgraded the code on the 3825 from 12.4(24)T to 12.4(24)T8. We also contacted the metro ethernet carrier to see if they had a policy that could potentially be blocking the traffic (no). My colleagues and I are just not seeing any feasible reason why these routes are not being added.
We've put in a 3750 at our corp hq (Detroit). We did this to break up the current flat 172.16.0.0 /16 network into separate VLAN's for various purposes. We plan on doing that at another site (Farmington), which will become a DR site. We are running EIGRP throughout the organization over an OPTEMAN netowrk and also sending routes to a managed MPLS network which uses BGP. BGP redistributes into EIGRP and vice versa. I've attached a pdf of the network. The 3750 core at the corp hq is a temp core, hopefully upgrading to Nexus within a year or two. This problem didn't exist until the 3750 was introduced and became the gateway for the site. The OPTEMAN router was the gateway and was on the same VLAN as the MPLS router.
So, in detroit we have an Detroit-MPLS router, Detroit-3750, and Detroit-OPTEMAN. What I'm seeing is that the routers I'm getting from the MPLS router make it to the 3750. The 3750 advertises those routes to the Detroit-OPTEMAN router. However, the OPTEMAN router doesn't advertise these routes any further..
In Farmington, it is currently set up like Detroit used to be set up. There is a flat network and both routers are on the same VLAN, no L3 core switch. Routes come in from the MPLS, get advertised to the Farmington-OPTEMAN router, distributes the routes out to all OPTEMAN connected routers, including Detroit. However, Detroit is not passing that route to the 3750.
When we made the 3750 stack the core, we didn't change anything else, except for some IP changes. Why these routes aren't fully redistributing?
Detroit-3750 Stack
WS-C3750G-24TS-S <-Stack master running c3750-ipservicesk9-mz.122-55.SE7.bin
WS-C3750X-12S-E <-Running c3750e-universalk9-mz.122-55.SE7
show sdm prefer
The current template is "desktop routing" template.
[Code]...
We have a site and on that site we have a server which is down form last two days. However , to manage these devices we are not using any tools. We are not able to find this server that where it is located and on which switch it is connected to.
I want to know that the timer for mac address is 5 minutes and arp timeout is 4 hours . Is there any way to find out the mac address of the server . I feel like this can we done with cef ? Is it true or not I am not sure. I am running 3750 stacks and 2811 routers. 3750 stacks are working as layer 3 devices. They are also running the pretty new IOS 12.2(53)SE.
According to my understanding now a days CEF entry does not expire if we are not using them. They remain in cache as we are running with destination base CEF.
We have a pair of 6509's with duplicate ACL lists & entries.
1 = Version 12.2(33)SXI4a
2 = Version 12.2(18)SXF15a
I wanted to remove some logging that was on an entry on one of our extended ACL's. On 1 this worked fine with the no 400
400 <acl rule without log>
However on 2 it lets me carry out the no 400 command but when i go to add the 400 <acl rule without log> i get the error % Duplicate sequence number.sure enough when i perform the 'Show access-lists <Name>' it is still there!
I have tried the following:
Adding a duplicate ACL entry before it (399) without log and i still get hits on line 400Adding and removing the duplicate created line 399 (without logging) with no issues.Adding and removing a dupliacte ACL (without Logging) after (line 401) with no issues
It looks like it is just this line it seems to think it has removed but hasn't?!
I understand an option is to duplicate the ACL in a text editor remove line, delete the ACL and put the edit back in .....however i wondered if this is something known (bug).
Does PBR with deny ACL entries on a 3750 are still punted to the CPU? I found this article: URL
High CPU Due to Policy Based RoutingPolicy Based Routing (PBR) implementation in Cisco Catalyst 3750 switches has some limitations. If these restrictions are not followed, it can cause high CPU utilization. You can enable PBR on a routed port or an SVI. The switch does not support route-map deny statements for PBR. Multicast traffic is not policy-routed. PBR applies only to unicast traffic. Do not match ACLs that permit packets destined for a local address. PBR forwards these packets, which can cause ping or Telnet failure or route protocol flapping.
Do not match ACLs with deny ACEs. Packets that match a deny ACE are sent to the CPU, which can cause high CPU utilization.
In order to use PBR, you must first enable the routing template with the sdm prefer routing global configuration command. PBR is not supported with the VLAN or default template
I checked the latest config guide, and those same guidelines are still listed. If that limitation is still there, are those packets switched at the process level (ip_input) or the interrupt level?
I plugged an IP device into a 2960 Catalyst switch. The port is up, but there is no MAC address learned on it:
TNSWAGCS01002(config-if)#do sh mac add int fa0/16
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
TNSWAGCS01002(config-if)#
TNSWAGCS01002(config-if)#do sh int fa0/16
FastEthernet0/16 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0064.40ee.f510 (bia 0064.40ee.f510)
Description: --- STC ---
[code]....
I read that it may be a L1/L2 issue. We tried with another ethernet cable. We also tried with another IP device of the same model. That did not solve the issue.
I have some error messages in the Nexus 7000 log, after searching i cannot find an adequate explanation, pretty much the only thing i can find is below and i don’t think it is very relevant to my situation. The device is in production and so reloading and pulling card willy nilly is the last resort.
Device = Nexus 7018
IOS version = 5.1(2)
Log messages=
2011 Dec 2 14:52:35 IAS01LVSWIPC01 %OC_USD-SLOT8-2-RF_CRC: OC2 received packets with CRC error from MOD 6 through XBAR slot 1/inst 1 and slot 2/inst 1 and slot 3/inst 1
[code]....
I have configured a new switch 3560 switch and connected to 4500 switch and formed a trunk connectivity.Now the issue i am facing is when i do a SH CDP NEIGHBOUR from 3560 switch i am able so see 4500 swries switch but at the same time when i do SH CDP NEIGHBOUR form 4500 series switch i am not able to see the entry for 3560 switch.But i am able to telnet the new switch with out any issues
View 11 Replies View RelatedI have a 1941 router configured for Policy based routing with two ISPs.Two static default routes configured to point the gateways of respoective ISPs with same metric.But the problem is, packets are going throug the one ISP only while doing traceroute.
N/W connectivity:
ISP1-----> <----------------------> LAN1
| Router |
ISP-------> <----------------------> LAN 2
Below is my configuration :
Current configuration : 5958 bytes
!
! Last configuration change at 05:18:56 UTC Mon Jun 25 2012
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
[code]....
Is there any way to clear a single ARP cache entry on the 6500 switch ?
View 8 Replies View RelatedI have seen other discussions regarding Static MAC address entries on IPv4, but what of IPv6?We have MS NLB solutions and they are working fine. We have Cisco 6509/6504, Version 12.2(33)SXI5
But then we have a new one for a new ActiveDirectory solution, and on those networks we have implemented IPv6.
How is Static MAC address entries and MS NLB solved in IPv6 (i.e arp ip.ip.ip.ip mac.mac.mac ARPA gi1/1). I can't seem to find much examples or documentation on this? Is it replaced with another function?The reason I ask is twofold.
1. I really want to know
2. The NLB cluster seem to drop IPv6 traffic at even intervals, witch seems to correspond with NLB transition.
The issue is occuring on our local LAN where my ARP requests are being modified after a period of time by the router for one host. I'm finding that the host will work fine with the correct MAC IP pairing for a period of time and then about 15-30 minutes later, the arp table is changing so the associated mac/IP address is now the mac address of the router interface.
The FastEthernet 0/1 port has no ip proxy-arp enabled and is set with ip nat inside.This only started happening after restarting the router, however the running config was saved as the startup config prior to the restart.I've tried hard-coding the entry with the command arp 10.15.4.190 c82a.1459.0579 ARPA however that is not working as expected.
The device is an 1841 ISR with the advanced IP Services bundle loaded. Is there some way that the router is viewing my host (provides DNS, Directory Services) as a intrustion attempt and somehow rejecting the packets?
We have small which I'm looking to implement and have built this on GNS3.
We have:
Router A in site 1
Router B in site 2
Router C in site 3
Router A and B are connection via a point to point 100M link and from Router C we have a 2 point to point one of which is 5Mpbs and going to Router A and Router B.
For Router C to reach Router A network it will go via Router B and these are 100M connection. When the link between Router A and B goes down. Router C should update and start using the 5m route.
For some reson, the routes are not updating. I have to do 'clea ip eigrp ne' for the routes to update and if I reload the routers all works well, it seems the problem is intermittent.
In my lab, there are some machines that are connected using Cisco 2950 switches. Those machines belong to a VLAN.Now I need to modify the VLAN settings of the machines and as such I also need to modify the VLAN settings on the ports on the Cisco switches.
In order to do this, first I need to login to those switches, but due to a lack of knowledge transfer, I don't have the password. Is the some generic password?Second I will need to modify the VLAN settings on each individual port. How can I do this?
I need a switch to configure a static ARP entry for a MS NLB multicast.
Could answer me if I can do with the SRW2024-K9-BR?
Aug 24 11:32:16.275 AEST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan21, changed state to down
Aug 24 11:32:36.827 AEST: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan21, changed state to up
Aug 24 11:35:23.854 AEST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1/2, changed state to down
Aug 24 11:35:24.854 AEST: %LINK-3-UPDOWN: Interface FastEthernet0/1/2, changed state to downesw_mrvl_vlan_port_remove : Unable to find entry for VLAN(1) dbnum(1)
esw_mrvl_vlan_port_remove : Unable to find entry for VLAN(1) dbnum(1)(code)
When the above problem happens, as work-around, we delete VLAN.DAT file on the Compact Flash of this 2811 router and recopy the VLAN>DAT file back to teh Compact Flash.
Then it runs for a few weeks and the same problem happened.
Then we put a new Compact Flash and recopied VLAN.DAT to new CF and it ran for 3 weeks and same problem started again.
Could be 2811 router motherboard? This customer has thousands of these 2811 routers in identical setups and this is the only router that is having this problem.
Does 800 series routers support OSPF or EIGRP? Command for EIGRP is available but when you try to run it, you get that "protocol is not available in the image". Is there a specific image that I can get that will support either of these two on a Cisco 851 or 861?
View 4 Replies View RelatedI have a pair of N5K's, down stream from them are from Fabric Interconnects and a UCS chassis. Upstream is a stack of 3750's then ASA5510's.
I am trying to backup the config to our TFTP server and I am getting 'no route to host'.. I tried to add a route, and found that N5K uses VRF's for routing?? .. After some looking I see there are two base VRF's 'management' and 'default'.. the management VRF has a default gateway entry and a single interface member (mgmt0).. when I look at the default VRF .. there are no interface members or routing entries.. Ok, I can handle that just add some interfaces and add a default gateway. Then I get lost:
I'm able to access the UCS manager..... so how the heck is that even possible if there's no gateway defined anywhere (or maybe I'm missing something?). My theory was: add all other ports but mgmt0 to the default VRF, and have the default gateway point out of the uplinks (a vPC).. but wasn't sure how that would affect anything and mainly just wanted to know how I was able to access the UCS manager in light of the fact that there is no default gateway anywhere that I could see...
We have a need to track specifc subnets on our two 6509s, running IOS version 12.2(18)SXF16. Basically, we want to do this:
track 1 192.168.0.0 255.255.255.252 reachability
track 2 192.168.1.0 255.255.255.252 reachability
However, the 6509 IOS only provides the option to track an interface. Is this a feature that's available in later IOS versions?
Is there another way to track these routes? The subnets are used for WAN links at a HQ and DR site and we are doing a specific PBR (sending all http/https traffic) using these subnets. If that WAN link goes down, we want to be able to utilize a backup WAN link to support that traffic.
I would like to configure few routings on my Cisco router 871 in order to allow my employees to have access only to specific websites.However, since some websites have dynamic IPs propably the route that I will create will not work.
My question is, can I configure a route or is there any other way to configure this permission based on the hostname/domain? For example, if I want to permit access to this website www.surveymonkey.com (75.98.93.51) instead of configuring:
ip route 75.98.93.51 255.255.255.255 192.168.10.250
is there any way to configure based on the url.. in order to be able to recognise this host correctly??
Im new to cisco routes, Im traing to configure a 1711 routes with a dsl 2wire routes, my problem is that Im able to ping anywhere in the routes, but when Im on my computer I can only ping the interfaces on the router but no the 2wire route that gives me access to the internet.
Cisco 1711 2wire
f0 192.168.200.1(Inside NAT) e0 192.168.1.76( 2wire Nat) 192.168.1.254 (Internet)
My computer is getting ip addres 192.168.200.100 when I ping th 192.168.1.76 is fine, but when I try to ping the 192.168.1.254 does not work, Im assuming the cisco has activated a dinamic route from .76 to .254, but it is not working, why?
Here is the router configuration
Router#show runBuilding configuration...
Current configuration : 1183 bytes!version 12.3service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Router!boot-start-markerboot-end-marker!!no aaa new-model!resource policy!memory-size iomem 25ip subnet-zero!!no ip dhcp [Code]....
I am having two small issues....First on my 3745 i get the following message:
*Mar 2 12:13:13.615: IP-EIGRP(Default-IP-Routing-Table:1): Neighbor 192.168.3.1 not on common subnet for FastEthernet0/1
*Mar 2 12:13:25.811: IP-EIGRP(Default-IP-Routing-Table:1): Neighbor 192.168.2.1 not on common subnet for FastEthernet0/1
Second problem is that I have my internet connection going to the 3640 on FE0/0 and it works just fine....I want to change over and have the 3745 be the internet router, but when I configure it, I get no connection.
3745 -
Current configuration : 1624 bytes
!
version 12.4
service timestamps debug datetime msec
LD version 0x10
GIO ASIC version 0x127
[Code]...
We recently perchaced 4503 switch with Sub Engine 7L. It has universal IOS. We are unable to run EIGRP and HSRP protocol and the switch came with temporal license.how to proceed further to get EIGRP and HSRP enabled on the 4503 switch.
View 8 Replies View Related6500 - version (s72033_rp-ENTSERVICESK9_WAN-M), Version 12.2(18)SXF17a.I have two ISP's. I have created two defaults as follow & secondary route does not work. [code] After disabling the interface to ISP1, backup routes does not work. [code]
View 2 Replies View RelatedI have a scenario which is fairly common - certain servers are accessed from the internet via a Load Balancer, and since seeing true client IP is a requirement, the return traffic path must go back through the load balancer. However, I do not want to route all traffic via the load balancer for obvious performance reasons. Internal traffic should be routed directly by the Layer 3 switch, which has a default route of a Firewall.
My plan is to use a VRF for the load balancer and any applicable servers, which works fine. But now I need to join the VRF's routing table with the switch's GRT (global routing table) so that internal traffic works. What is the best way to do this? For scalability reasons I'd like to avoid static routes and I see many examples using BGP, but in this case it seems overkill since everything is on a single logical switch. Can I use OSPF instead? Or a different method? The Supervisors will be 2Ts, so IOS 15.0 will likely be running.
I am trying to configure EIGRP on my ASA DMZ Interface - topology as follows: [code] The ASA is currently configured for EIGRP with the inside 3560x switch and passing routing updates properly.However, the ASA will not send/receive routing updates to/from the DMZ 3560x switch - the two devices do establish eigrp neighbor relationship. [code]
View 4 Replies View Related