We help IT Professionals succeed at work.

eigrp config

dgandy321123
dgandy321123 asked
on
850 Views
Last Modified: 2006-11-18
Hi,

I have to reconfigure our eigrp. currently we use the network statement: network 192.0.0.0

I need to be more specific to only advertise routes connected to each router.

I need advice on how to do this if I give and example of a simple router  can someone suggest the config:

sorry this is a real easy one but I want to be sure i doing it right.

for eg:

fastethernet 0/1
ip address 192.168.4.1 255.255.255.0

serial 0/0
ip address 202.32.115.129 255.255.255.252

serial 0/1
ip address 202.32.178.133 255.255.255.252

serial 1/1
ip address 202.32.155.50 255.255.255.252

What would the network statement be? I guess I am confused about adding the wan connections??
Cheers

Comment
Watch Question

Author

Commented:
My appologies:

this is a better example:

fastethernet 0/1
ip address 192.168.4.1 255.255.255.0

serial 0/0
ip address 192.0.1.50 255.255.255.252

serial 0/1
ip address 192.0.1.178 255.255.255.252

serial 1/1
ip address 192.0.5.50 255.255.255.252

Do I need to add the Wan networks in the network statement?
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
>Do I need to add the Wan networks in the network statement?
Absolutely, but only the classful network, i.e.

router eigrp 101
 network 192.0.1.0
 network 192.0.5.0
 redist connect  <== unless you have other routers on the LAN, you don't need the Ethernet to participate, but you do want to redistribute the LAN subnet to your neighbors

>I need to be more specific to only advertise routes connected to each router.
Then send summary routes instead..
 Serial 0/0
  ip eigrp summary route 0.0.0.0

What is your real goal here? To reduce the size of the route tables on the remote sites? Then don't use EIGRP without a summary. If your summary is 0.0.0.0 then why use a dynamic routing protocol anyway, why not just a default route on the remote site pointing back to you? Because your core router needs to learn about the remote site routes? Consider using ODR on the hub router and no routing protocol, just a static default route on remotes, but enable CDP between them. CDP carries network information that can be inserted into the route table of the hub router and even redistributed to other routers if needed.
Example hub router:
 router odr  <== that's it. The whole kit and kaboodle. This simple command listens to the CDP packets
 router eigrp 101  <== to communicate with other routers
   redistribute odr


Author

Commented:
Thanks for the info.
The reason for doing this is we use bgp into our international carrier. We also use IPSEC Vpn connections as backup connections and also for connecting some sites. If someone at a remote site connects the vpn back without removing the main connection we get into an issue with a routing loop when the main link comes back, the vpn link does not come down. Due to the size of the global network this can cause an issue anywere in the enterprise that uses 192.168.x.x because we are using network statement 192.0.0.0.

If we only advertised the routes we are using then at least the routing loop would be confined to networks we look after, when it does happen. I guess this is an interim measure until we find a permanet solution, but at least if we have an issue it will only effect our region.
does that makes sense?

Systems Architect
CERTIFIED EXPERT
Top Expert 2008
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks lrmoore,
Ok it is making more sense now, at the moment we don't use a netmask, only network 192.0.0.0. also auto-summary is disabled on all routers.
So the main point is to add the interface address into the network statement if you want is to participate in eigrp.

>If someone at a remote site connects the vpn back without removing the main connection we get into an issue with a routing loop when the main link comes back,
Is this a manual process to switch from one to the other? ?

Yes - it is the issue we have is if we have the 2 connected if the main link goes down, the backup works fine, but when the main link is restored the backup VPN link stays up. This causes routing loops, which has been seen to effect routing in other parts of the company across the other side of the world.

I am hoping that by allowing on the actual interface addresses to participate in EIGRP in our region if someone in a remote office does have the 2 connected at once it won;t effect other regions, only ours



Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
What kind of VPN setup do you have? If you're using Cisco product you should be able to use OSPF to dynamically change the routes and advertise internally.
I set up something very similar for a client. 12 sites around the world. Each site T1 or better to MPLS cloud using BGP. Each site had Independent internet access for VPN backup.
BGP advertises routes through mpls
OSPF advertises default
If a remote site network falls out of BGP tables, only route left is via default which dynamically establishes VPN tunnel. VPN server at HQ, using reverse route injection and OSPF, redistributes OSPF into BGP and tells the main site that network is available over VPN. It's all dynamic...
If the local site looses Internet connection, the default falls back to the BGP cloud and goes out the main site. Dual redundancy all automagic.


Author

Commented:
Yeah we are using Cisco VPN - IPSEC. We use independant ISP internet connection for these connections. They are using EIGRP also. We actually connect small sites permenantly like this and also use it for backup connections in some sites.

Sounds like your solution above is very similar to what we have, only we use EIGRP internally, is it a limitation of EIGRP in our case that this doesn't happen, would we be better using ospf internally to solve the issue we face?

You can probably tell this is a bit new to me so I think for all the info I have learned I should increase the points.
Cheers
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
The Cisco VPN products just don't support EIGRP, but they do support OSPF.
VPN3000, PIX FW and ASA5500 all support OSPF with reverse route injection.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.