Solved

eigrp config

Posted on 2006-06-22
9
787 Views
Last Modified: 2006-11-18
Hi,

I have to reconfigure our eigrp. currently we use the network statement: network 192.0.0.0

I need to be more specific to only advertise routes connected to each router.

I need advice on how to do this if I give and example of a simple router  can someone suggest the config:

sorry this is a real easy one but I want to be sure i doing it right.

for eg:

fastethernet 0/1
ip address 192.168.4.1 255.255.255.0

serial 0/0
ip address 202.32.115.129 255.255.255.252

serial 0/1
ip address 202.32.178.133 255.255.255.252

serial 1/1
ip address 202.32.155.50 255.255.255.252

What would the network statement be? I guess I am confused about adding the wan connections??
Cheers

0
Comment
Question by:dgandy321123
  • 4
  • 4
9 Comments
 

Author Comment

by:dgandy321123
Comment Utility
My appologies:

this is a better example:

fastethernet 0/1
ip address 192.168.4.1 255.255.255.0

serial 0/0
ip address 192.0.1.50 255.255.255.252

serial 0/1
ip address 192.0.1.178 255.255.255.252

serial 1/1
ip address 192.0.5.50 255.255.255.252

Do I need to add the Wan networks in the network statement?
0
 
LVL 30

Expert Comment

by:ded9
Comment Utility
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
>Do I need to add the Wan networks in the network statement?
Absolutely, but only the classful network, i.e.

router eigrp 101
 network 192.0.1.0
 network 192.0.5.0
 redist connect  <== unless you have other routers on the LAN, you don't need the Ethernet to participate, but you do want to redistribute the LAN subnet to your neighbors

>I need to be more specific to only advertise routes connected to each router.
Then send summary routes instead..
 Serial 0/0
  ip eigrp summary route 0.0.0.0

What is your real goal here? To reduce the size of the route tables on the remote sites? Then don't use EIGRP without a summary. If your summary is 0.0.0.0 then why use a dynamic routing protocol anyway, why not just a default route on the remote site pointing back to you? Because your core router needs to learn about the remote site routes? Consider using ODR on the hub router and no routing protocol, just a static default route on remotes, but enable CDP between them. CDP carries network information that can be inserted into the route table of the hub router and even redistributed to other routers if needed.
Example hub router:
 router odr  <== that's it. The whole kit and kaboodle. This simple command listens to the CDP packets
 router eigrp 101  <== to communicate with other routers
   redistribute odr


0
 

Author Comment

by:dgandy321123
Comment Utility
Thanks for the info.
The reason for doing this is we use bgp into our international carrier. We also use IPSEC Vpn connections as backup connections and also for connecting some sites. If someone at a remote site connects the vpn back without removing the main connection we get into an issue with a routing loop when the main link comes back, the vpn link does not come down. Due to the size of the global network this can cause an issue anywere in the enterprise that uses 192.168.x.x because we are using network statement 192.0.0.0.

If we only advertised the routes we are using then at least the routing loop would be confined to networks we look after, when it does happen. I guess this is an interim measure until we find a permanet solution, but at least if we have an issue it will only effect our region.
does that makes sense?

0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 79

Accepted Solution

by:
lrmoore earned 100 total points
Comment Utility
>we are using network statement 192.0.0.0.
The network statement in EIGRP does mean that subnet is broadcast. It simply means that these networks will participate in EIGRP. Do you use a netmask statement with that network? Typically EIGRP will only go to the classful boundary unless otherwise specified. Since 192.0.0.0 is a classful network 192.0.0.x/24 I wouldn't think that all of your links would be covered. For example using your posted example, I chose to use 2 network statements

>router eigrp 101
 network 192.0.1.0 <== without a mask this is classful and covers both serial interfaces 192.0.1.x
 network 192.0.5.0  <== serial 1/1 interface IP is not covered in the above

Again, the network statement determines which interfaces will participate, not which networks will be advertised.

Make sure none of your routers has auto-summary enabled.

>If someone at a remote site connects the vpn back without removing the main connection we get into an issue with a routing loop when the main link comes back,
Is this a manual process to switch from one to the other? ? ?

0
 

Author Comment

by:dgandy321123
Comment Utility
Thanks lrmoore,
Ok it is making more sense now, at the moment we don't use a netmask, only network 192.0.0.0. also auto-summary is disabled on all routers.
So the main point is to add the interface address into the network statement if you want is to participate in eigrp.

>If someone at a remote site connects the vpn back without removing the main connection we get into an issue with a routing loop when the main link comes back,
Is this a manual process to switch from one to the other? ?

Yes - it is the issue we have is if we have the 2 connected if the main link goes down, the backup works fine, but when the main link is restored the backup VPN link stays up. This causes routing loops, which has been seen to effect routing in other parts of the company across the other side of the world.

I am hoping that by allowing on the actual interface addresses to participate in EIGRP in our region if someone in a remote office does have the 2 connected at once it won;t effect other regions, only ours



0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
What kind of VPN setup do you have? If you're using Cisco product you should be able to use OSPF to dynamically change the routes and advertise internally.
I set up something very similar for a client. 12 sites around the world. Each site T1 or better to MPLS cloud using BGP. Each site had Independent internet access for VPN backup.
BGP advertises routes through mpls
OSPF advertises default
If a remote site network falls out of BGP tables, only route left is via default which dynamically establishes VPN tunnel. VPN server at HQ, using reverse route injection and OSPF, redistributes OSPF into BGP and tells the main site that network is available over VPN. It's all dynamic...
If the local site looses Internet connection, the default falls back to the BGP cloud and goes out the main site. Dual redundancy all automagic.


0
 

Author Comment

by:dgandy321123
Comment Utility
Yeah we are using Cisco VPN - IPSEC. We use independant ISP internet connection for these connections. They are using EIGRP also. We actually connect small sites permenantly like this and also use it for backup connections in some sites.

Sounds like your solution above is very similar to what we have, only we use EIGRP internally, is it a limitation of EIGRP in our case that this doesn't happen, would we be better using ospf internally to solve the issue we face?

You can probably tell this is a bit new to me so I think for all the info I have learned I should increase the points.
Cheers
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
The Cisco VPN products just don't support EIGRP, but they do support OSPF.
VPN3000, PIX FW and ASA5500 all support OSPF with reverse route injection.
0

Featured Post

NetScaler Deployment Guides and Resources

Citrix NetScaler is certified to support many of the most commonly deployed enterprise applications. Deployment guides provide in-depth recommendations on configuring NetScaler to meet specific application requirements.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
CCTV Installation - Networking 3 35
Wireshark 7 52
server plus 2 38
Adding a secondary DC Server 2008R2 10 39
I was recently sitting at a desk at work with one of my colleagues and needed some information on my home computer. He watched as I turned on my home computer, established a remote session into it, got the information I needed and then shut it down …
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now