Cisco WAN :: C2900 - Route Selection When Using EBGP And EIGRP
May 22, 2013
I have a mixed WAN environment with both eBGP and EIGRP routes. The BGP routes should always take precedence, when they exist. If no BGP routes exist I want the router to fail over to using the EIGRP routes. So far, this works fine.
The problem is, when the BGP route again becomes available (and the associated entry appears in the "sh ip bgp ... received-routes" output) the router is NOT relinquishing the EIGRP route. It remains in effect, showing as a "D" route int the route table even though there is a better ("B") route available. If I bounce EIGRP or the interface associated with it, the EIGRP route disappears and the BGP route reasserts itself, and everything will run correctly until the next time the BGP route disappears due to maintenance, line failure, etc.
My router is (C2900-UNIVERSALK9-M), Version 15.3(1)T
Here's the associated config
interface Tunnel101
description VPN backup WAN interface
bandwidth 7168
ip address 192.168.75.1 255.255.255.0
[code].....
View 7 Replies
ADVERTISEMENT
Apr 17, 2012
I have a setup where a router learns a subnet from both EIGRP process and a BGP process (EBGP peer). In the network's normal state, the EBGP path is preffered path (Primary Path). When the route to the subnet is lost in EBGP, then the router will install the EIGRP learn route into the routing table and use that as its path to get to subnet now (Backup path). This works as expected.
The problem is when the EBGP learn route comes back, the Router still holds on the EIGRP learned route in its routing table. I would think that since the Admin Distance (AD) of EIGRP (90) is higher then the EBGP AD (20) that once the EBGP route is learned again, that it would re-install itself back into the routing table (replacing the EIGRP learned route). But this is not happening.
Im not sure what Im missing here since I thought AD was highest considered attribute the routing table consider when install a route learned from 2 routing process.
The setup Im running is an Cisco 7206VXR (NPE-G2) processor (revision A) running IOS c7200p-spservicesk9-mz.124-15.T12.bin.
View 8 Replies
View Related
May 8, 2011
My 2811 is connected with two ISP,s as below and have VPN with Central branch.I want to set DSL as primary and WiMax as secondary but problem is that routes learned via BGP get precedence over default route as they are specific one.I think i may need to put all static specific routes of central branch over DSL along defautl but I want any idea if my default route stay active and when it down then BGP neighborship can be establish (like ip sla tracking.)
View 3 Replies
View Related
Sep 7, 2011
I have a router with 2 WAN (MPLS) connections to two different IPSs.One connection is a 3mbs MLPPP connection and the other is a 10mbs MetroEthernet connection.Both use BGP to peer up with the ISP with private AS numbers (65001, 65002, etc)I want the router to always prefer (use) the BGP connection through the 10mbs link, but here are my considerations:I can't change the prefix length for the peers. In other words, BGP 65001 is going to advertise 192.168.21.0 /24 to its peer, and BGP 65002 is going to advertise the same network with the same mask.What is the best way to make sure the 10mbs link is always preferred? Can I do local preference?
View 6 Replies
View Related
Oct 13, 2012
I config the routers with EIGRP and also write Static route between two PC before remove the link between router0 and router1 , destination is reachable , but when remove this connection , packet from pc1 to pc0 will drop in a loop and never reach to destination , is it possible to have a Link state routing protocol and static route at the same network like this scenario , how to prevent loop in this topology static route is configure as bellow :
router0 <==> router 1 <==> router2 <==> router3 <==> router <==>pc1
View 6 Replies
View Related
Aug 8, 2012
We have problem con EIGRP and two ASR 1001 in High Availability. ASR2 have received all route (100 route) from PE, but in ASR1 doesnt received all route (75 route) from PE or from other ASR02. All PE have all route. The ASR1 when modify or lost some route dont update to the ASA. see diagram.
View 5 Replies
View Related
Feb 26, 2012
I have an ASA 5520 connected to a Cisco 6509E, and we're turning up EIGRP between the two. The problem that I'm running into is that there a few static routes (including a 0.0.0.0) on the core that's being redistributed into the EIGRP AS, and I need to block this from being propagated to the ASA. The ASA only has the capability to use an ACL in conjunction with a distribute-list, and I can't find a way to filter the default route (0.0.0.0 /0), while allowing everything else.
View 3 Replies
View Related
May 9, 2012
I have a customer with a primary datacenter and DR datacenter, that has a P2P 100Mbps link connection between them. At the primary Datacenter there will be a Nexus 5596U with a L3 card running EIGRP, it will have three connections, one nothbound to the Internet not a problem, the other is north bound to an MPLS SP managed ISR router. Both datacenters will have MPLS SP managed ISR router, the MPLS service provider will be redistributing BGP into EIGRP from their ISR routers at both datacenters. This means we will learn external EIGRP routes with an AD of 170.
Connected to my 5596 southbound will be the SAN for the EMC storage traffic, the DR also has a SAN with EMC storage as well. The 100Mbps P2P link is primarily for replication traffic.
Since the Nexus 5596U with L3 module doesn't support PBR I have to figure a way for replication traffic to prefer the 100Mbps P2P link vs the MPLS cloud. I was thinking of running iBGP over the P2P link with the Nexus 5596 being a route reflector and it's iBGP peer which will be a Catalyst 3750X at the other end of the P2P link being the route-reflector client. That way both iBGP peers will exchanged learned routes.
I have to come up with a way for the replication traffic that comes sourced from the IP addresses of the EMC/storage to prefer the P2P link which will have an AD of 200 from iBGP in the routing table vs the external EIGRP traffic that has an AD of 170 in the routing table. All other traffic will route normally across the MPLS cloud. All other traffic will include client server traffic as there are application servers that sit south bound of the Nexus 5596, the client traffic will come inbound to the datacenter via the MPLS cloud.
I don't have a Nexus 5596 to do a mock lab. My thought is to redistributed connected with a route-map in EIGRP on the Nexus 5596 with a two match statements then set the IP next hop to the IP of the 3750X. I would need to select only replication traffic, so I was thinking if I can match on vlan and next-hop then my set command would be the next-hop of the 3750X.
View 2 Replies
View Related
Mar 11, 2012
In EIGRP, if a router loses the successor to a route, and it has no FS, it goes active (starts asking all neighbors if they have a successor for that route).But if the neighbor did have a successor, shouldn't they have pro-actively told us about it when they learned it (so we already have it as the Feasible Successor?).
View 6 Replies
View Related
Jun 20, 2012
I have a 3750 at a branch running EIGRP connected to two routers that both have configured:
access-list 1 deny 0.0.0.0
access-list 1 permit any
access-list 2 permit 0.0.0.0
access-list 2 deny any
router eigrp 1distribute-list 1 out FastEthernet0/0distribute-list 2 in FastEthernet0/0
Due to this recently applied config the switch become unreachable from the outside and cannot ping anything. Everything connected to it works fine. I was able to remote into it from a switch behind it and noticed that the 3750 has no default route in the routing table. I do see a default route in the eigrp topology table. How to make the switch learn a default route maintaining the existing configuration on the routers.
View 3 Replies
View Related
Apr 26, 2012
I'm trying to create a route-map for an EIGRP Distribute list on a N7K, the goal is to not advertise a 10.0.0.0/8 and 172.31.30.20/32 networks out a link to a remote site while permitting all other traffic to the internet (default). I configured the ACL/route-maps below and applied them outbound on the N7K interface but no subnets at all are being received on the remote site router.
ip access-list DENY_10.0.0.0
10 permit ip any 10.244.244.20/30 <<--WAN interface network
20 deny ip any 10.0.0.0/8
25 deny ip any 172.31.30.20/32
30 permit ip any any
[code]....
View 0 Replies
View Related
Feb 13, 2013
I'm attempting to redistribute a static route into EIGRP on a 3750 switch and pass it to an upstream router, sadly however this isn't working, or at least the route isn't being recieved on the upstream router. [code]
View 10 Replies
View Related
Mar 11, 2012
We are deploying a new office in the building next to our main office. The main office has a Cisco ASA 5510 behind that is a Cisco 3750 stack. In the new office we are deploying a new Cisco 3750, they will be connected via fiber cable. I have sliced off VLAN 800 as a transit link /30 with an address space of 10.249.249.1-4. The new 3750 only has two VLAN's 800 and 112 (10.112.0.0/24). VLAN 112 routes are advertised to the neighboring 3750 properly as seen in the routing tables of the 3750 stack:
D 10.112.0.0/24 [90/3072] via 10.249.249.2, 00:22:24, Vlan800
Traffic passes between all local VLANS with no issue. I found in order to get packets to pass between the ASA and the new 3750 I had to add a static route to the ASA:
S 10.112.0.0 255.255.255.0 [1/0] via 10.100.0.1, inside
My question is why is EIGRP not advertising the 10.112.0.0 network to the ASA. Here are EIGRP configs on the switches
Existing 3750 Stack
router eigrp 100
network 10.0.0.0
redistribute static
[code]....
View 9 Replies
View Related
Jun 8, 2011
Is it possible to track a IPSLA operation and if it goes down track a static route which will be removed from EIGRP process. I have read through documentation and have come stuck. I have the below configured and have shown the features installed. How would I go about getting the below static route injected into EIGRP only if the IPSLA operation in ok?
track RMB
type rtr 100 reachability
ipsla
[Code]....
View 2 Replies
View Related
Feb 19, 2013
I have an issue with my setup of a 6500 switch (12.2(33)SXI9).We have a 6500 switch with several VRF's. For a certain VRF I would like to redistribute a static route in EIGRP. After doing so I don't see the static route on my eigrp neighbor.
This is a overview of my config. I'm basically redistributing only my static route for this vrf in eigrp.
I found a similar case in which the solution was adding a metric to the static route. (eg. redistribute static route-map static-eigrp-pp metric 10000 100 255 1 1500). But the strange thing is that we don't have this issue on a similar machine (same IOS, same config setup). [code]
View 2 Replies
View Related
Dec 18, 2011
this is a Nexus 5596 L3 with the latest code:
It looks like the deny statement is not working as I can see all routes I am redistributing. I even did a deny on a specific route and I still see it in the routing table on another router in the autonomous system.The same below works fine on IOS platform. [code]
View 5 Replies
View Related
Jun 29, 2011
a customer of us asked if C2911 (to be bought) is ok for partial BGP routes.This is the situation: 2 cisco 2911, each peering with 3 other AS (AS1, AS2, AS3), and maybe, in the future, at a small IXP (AS4, AS5, AS6, AS7).They will accept defaults plus partial routes from upstream AS1, AS2, AS3.When deployed at the IXP they also will accept partial routes from AS4-7.So, is 2911 ok for that configuration?the default route is included in the first row of as-path, isn't it?I have no experience with partial routes, only with full (for our datacenter) and default only (for other customers).
View 5 Replies
View Related
Oct 10, 2012
I would like to know how long a route would maintain its community tag when it traverses ***?Basically, a route is tagged 100:1000 when exiting AS100, and then accepted into AS200. AS200 will not modify the tag. Would AS200 export the route to AS300 with the same 100:1000 tag?
View 2 Replies
View Related
Nov 11, 2012
I am imagining a smallish networking (AS1234) with say three full BGP table peers that provide transit to the network (just to keep the maths simple here); Lets say AS100 and AS200 are preferred transit providers with AS300 as a backup/least prefered (AS prepends or similar stop us from using this network by default). So in this scenario our little network gets two different paths across the Internet, as not to rely solely on one provided, with a backup provider to hand also.
How do you mange issues like packet loss somewhere in AS100's or AS200's network? So lets say a host on our AS1234 network is talking to host in AS888 and the preferred route is through AS100 but somewhere deep in AS100 a link is flapping (for example) and I can't get to AS888 reliably through there anymore, but I can through to other peers of AS100 OK. We can postulate that AS100 is the best path for 50% of the Internet and AS200 for the other 50% (this is a best case fictional scenario). I can't ping 50% of the internet via AS100 and then in the event a ping fails (or some other more reliable test) tear down the BGP session to use AS100 until it's fixed again, nor vice versa with AS200.
First of all, I asume you don't know about the issue between AS100 and AS888 until someome moans about it to you? Secondly, do you then some how modify the route(s) to AS888 that come from AS100 (route map for example to change the weight or preference) so AS200 is now preferred for AS888? Do you infact shut down the AS100 peering and now use AS200 & AS300? How do you rectify these situations that are beyond you control using what is in your control?
View 2 Replies
View Related
Mar 29, 2011
I have setup an eBGP session to a Cisco 2801 CE router. The BGP session establish, however, the session keeps resetting after 90 sec which is the BGP keepalive holdtime value.
On the PE router I found that the OutQ doesn't clear = 22 when doing a "sh ip bgp x.x.x.x summary" - Session reset at 1:30.When I filter the amount of routes advertized to the CE neighbor with the "neighbor x.x.x.x prefix-list out" - I see the OutQ clear = 0 and the BGP session remains up.
-Number of NRLI advertized without prefix filter = 172
-Number of NLRI after filter = 52
why the OutQ doesn't clear.
View 1 Replies
View Related
Apr 7, 2013
My client has MPLS network via eBGP to communicate with all the sites. Here is the basic config on the router.router eigrp 65210.neighbor 192.168.1.2 remote-as 13939
When they installed the internet on the local router, and added the static route on the router to hit the internet, they need to add the static route (2nd one) to communicate to the other sites.
ip route 0.0.0.0 0.0.0.0 75.75.75.1
ip route 192.168.0.0 255.255.0.0 192.168.1.2
ip route 172.20.0.0 255.255.0.0 192.168.1.2
They want to route all the traffic out thru the local intenet besides their private networks ( 192.168.0.0/16 and 172.20.0.0/16). Are there ways not to add last two static routes and communicate the other sites via eBGP?
View 5 Replies
View Related
Feb 23, 2012
We have a vpn L2L with an ASA and C2900 and always stopping to ping each other but the vpn still UP and can each the others devices behind the peers.
Everytime we have to issue on router "clear cry isa peer" or on asa "clear ipsec peer" to start to ping each other but after seconds it's stopping to ping again.Is there something to fix it permanently? We did some debug crypto on asa but no information was logged.
View 1 Replies
View Related
Jan 15, 2011
We want to upgrade the IOS from 15.0(1) to 15.1 for some reason. Here is the output of my router's "show ver":
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)
Technical Support: [URL]
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 28-Oct-10 18:32 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE
[code]....
We have enabled the technology package license "uc" in the previous version, would it be loss after the upgrade?
View 5 Replies
View Related
Nov 11, 2011
Previously posted as C2900 - inward NAT partial success...
Running C2900-UNIVERSALK8-M, Version 15.0(1)M3 RELEASE SOFTWARE (fc2)
I have several sets of inward NAT defined (51001-51007, 52001-52007. 53001-53007),all to various internal addresses. When I attempted to add another set, the new onesdo not work and get a "timeout" error.
When I tried port 51008, it gets a timeout. When I changed 51008 to 51010, the 51010 now gets a timeout, and 51008 now gets "connection refused" (which I expect).The original sets all work, the new ones (added at the end of the lists) do not.When I am on any of the internal machines, the target (192.168.1.21) works fine.When I am "in the router", I can connect via the ssh command, so I know that therouter can talk to 192.168.1.21 on port 22 as expected.
View 1 Replies
View Related
Mar 20, 2013
I'm configuring a new 2911 running c2900-universalk9-mz.SPA.151-4.M4. In the config by default is "line 2" its not a vty, aux or console line and I can't remove it.
View 1 Replies
View Related
Jan 19, 2012
I have 1 x C2900 router with 3 x ADSL WIC and UC500. I setup 3 x ADSL to access internet and UC500 is connected with 3 telephone lines (plugged into FXO ports). I have 2 x GE on my 2900. 1st GE is connected to switch and 2nd GE is connected to UC500.
I want to setup that traffic from UC500 (SIP) is going through 1 dedicated ADSL line and data (from computers & servers) is going through remaining 2 interfaces only. How I can set it up.
I would also like to know how I can load balance internet connection going through 2 dedicated data ADSL lines.
View 4 Replies
View Related
Jun 2, 2013
We are facing a strange issue with GRE tunnel. We are using this tunnel from a branch office to Hub office. All other tunnels terminated on Hub router are working fine. Issue with this tunnel is that whenever WAN connection goes down Line protocol on tunnel interface some times comes up and sometimes not (therefore we have to reset the tunnel interface and it comes up). IOS used on this router : c2900-universalk9-mz.SPA.152-1.T2
View 5 Replies
View Related
Aug 29, 2012
There is nice c2900PortNumberOfLearnedAddresses table in C2900-MIB, but it's outdated and not supported by modern switches.Is there similar table for modern switches? Most interested in Catalyst 2960 and 3750.
View 2 Replies
View Related
Oct 20, 2012
Imagine I am designing a small network with a C2900 router running OSPF and in the future BGP with service provider. Please see attached diagram.The router is connected to (2) C3750 Layer 3 distribution switches. Then one C3560 layer 2 switch to serve future IP phone users and desktops.
Question:
a)If I connect the router interface to the (2) 3750 switches, if I make the router interface fa0/0 and fa0/1 as a trunk to accomodate VLAN 200 and other future VLANs, don't I have a problem with overlapping networks between router interface fa0/0 and fa0/1?
b)Alternatively, I could make the Router1 fa0/0 and fa0/1 configured with IP addresses and advertised in OSPF. Then the SW1 fa0/24 and and SW2 fa0/24 I could make as 'no switchport and create a routed interface port' with IP addresses, also running OSPF. Question is, from a scalable design perspectie, would you create 2 management networks and use those when assigning the IP addresses for Router1 fa0/1 and fa0/2? Because again Router1 fa0/1 and fa0/2 obviously need to be placed on different networks to avoid overlapping. So my question is more about proper network planning design to make this scalable to accomodate future VLANs in the future.Using trunks between the Router1 and SW1 option:
Router1
int fa0/0
description connection to SW1
no ip add
int fa0/0.200
[code]....
View 3 Replies
View Related
Mar 19, 2013
I am having 2911 router running with C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(4)M5, RELEASE SOFTWARE (fc1)IOS and i have configured the following commands for eigrp
-router eigrp 100
-network 10.20.0.0
-no auto-summary
It takes all 3 commands but when i check through show run command i am not seeing no auto-summary command.
View 5 Replies
View Related
May 31, 2012
I am seeing SNMP coldstart traps that either are delayed by many hours or are false (e.g. right after receiving the coldstart trap a query to sysUptime shows the nodes been up for days).I seen this twice this week in a new network environment for me for two different C2900s running C2900-UNIVERSALK9-M Version 15.0(1)M3 Assuming the coldstart traps are coming from the actual source nodes, I am curious what could be going on here.
1) One guess I have is possibly the system clock changed could cause the SNMP agent to send a false cold start trap. Then my guess is in the device log I should see a system time change syslog message.
2) I recall hearing once that syslog and possible traps messages are held in configurable buffer who default value is 1 and if not sent are held and then suffer a delayed sent. Is it true for both traps and syslog ? In the past I assumed this was simply the logging history buffer and applicable to syslog traps only. My assumption in the past was that last trap or last syslog message is sometimes held on reload and sent immediately after restart regardless of device connectivity to the management target.
I always assumed coldstart traps are never delayed for any reason and that they were pretty accurate substitutes for system reload syslog messages. Does anyknow know any reason for false or delayed coldstart traps on a C2900 with IOS 15.0(1) ?
View 1 Replies
View Related
Jun 24, 2011
I've enabled antispoof on all interfaces on asa 5510.If you start a traceroute to a network on the default route, everything works, since replies comes to an interface with route 0.0.0.0/0 defined.If you start a tracer route to a network that is NOT on the default route (let's assume coporate MPLS), you only get response from first carrier router, the other are discarded because of anti spoof violation.
I have ICMP inspection and icmp-error inspection enabled.
View 1 Replies
View Related
Apr 26, 2013
I have sub-interfaces created on the switch and are in active(up/up) state,but these sub-interface not available for selection in the instance window while creating the poller, and am not able to monitor the traffic on these sub interface in the performance management.
LMS will not display the interfaces in the instance selection window if they are not active, but here the sub-interface are in active state but these are not available.
View 1 Replies
View Related
