Solved

redistributing BGP route into EIGRP

Posted on 2006-06-25
18
883 Views
Last Modified: 2008-01-09
I am trying to redistribute bgp route to our internal network that runs EIGRP. Recently, our vendor requested that we use BGP to connect to their network. We are unable ping the range that they give us 10.2.67.0. I wonder if it is because they are advertising 10.2.0.0/16 and we have a 10.2.1.0/24 inside our network.

configuration:
 linecode ami
!
controller T1 1/1
 framing sf
 linecode ami
!
controller T3 2/0
!
!
crypto isakmp policy 3
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp client configuration group nychh3xx
 key ctcMetro88-88
 dns 10.1.1.1
 domain nyc.chicagotrading.com
 pool ippool
!
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!
crypto dynamic-map dynmap 10
 set transform-set myset
!
!
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
!
!
!
!
interface Loopback0
 ip address 10.127.3.1 255.255.255.255
!
interface Loopback100
 ip address 10.16.5.62 255.255.255.192
 ip nat outside
!
interface FastEthernet0/0
  ip address 10.1.3.1 255.255.255.0
 ip helper-address 10.1.1.1
 ip nat inside
 duplex auto
 speed auto
 no cdp enable
 crypto map clientmap
!
interface Serial0/0:0
 description open interface
 no ip address
 shutdown
!
interface FastEthernet0/1
 bandwidth 100000
 ip address 10.100.8.218 255.255.255.252
 speed 100
 full-duplex
!
interface Serial0/1:0
 no ip address
 shutdown
!
interface Serial0/1:0.2
 shutdown
!
interface FastEthernet1/0
  bandwidth 10000
 ip address 10.69.71.3 255.255.255.0
 ip nat inside
 speed 100
 full-duplex
!
interface FastEthernet1/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial2/0
  bandwidth 10000
 ip address 10.1.13.2 255.255.255.252
 ip nat inside
 dsu bandwidth 10000
!
router eigrp 200
 redistribute connected
 redistribute static
 redistribute bgp 65117 route-map from-test
 network 10.1.3.0 0.0.0.255
 network 10.1.11.0 0.0.0.255
 network 10.1.13.0 0.0.0.3
 network 10.1.33.0 0.0.0.31
 network 10.69.71.0 0.0.0.255
 no auto-summary
!
router bgp 65117
 no synchronization
 bgp log-neighbor-changes
 bgp redistribute-internal
 network 10.16.5.0 mask 255.255.255.192
 neighbor 10.100.8.217 remote-as 36822
 neighbor 10.100.8.217 version 4
 neighbor 10.100.8.217 route-map from-test in
 neighbor 10.100.8.217 route-map to-test out
 no auto-summary
!
ip local pool ippool 10.1.33.1 10.1.33.30
ip nat inside source static 10.0.3.24 10.16.5.1
ip nat inside source static 10.0.3.198 10.16.5.2
ip nat inside source static 10.0.3.196 10.16.5.3
ip nat inside source static 10.0.3.6 10.16.5.4
ip nat inside source static 10.0.1.200 10.16.5.5
ip nat inside source static 10.0.3.23 10.16.5.6
ip nat inside source static 10.0.3.66 10.16.5.7
ip nat inside source static 10.0.3.22 10.16.5.8
ip nat inside source static 10.75.225.23 10.16.5.9
ip nat inside source static 10.0.3.220 10.16.5.10
ip nat inside source static 10.75.225.5 10.16.5.11
ip nat inside source static 10.1.1.1 10.16.5.12
ip nat inside source static 10.1.1.5 10.16.5.13
ip nat inside source static 10.1.1.4 10.16.5.14
ip nat inside source static 10.1.1.6 10.16.5.15
ip nat inside source static 10.1.1.7 10.16.5.16
ip nat inside source static 10.0.1.102 10.16.5.17
ip nat inside source static 10.0.3.197 10.16.5.18
ip nat inside source static 10.75.225.75 10.16.5.19
ip nat inside source static 10.0.3.50 10.16.5.20
ip nat inside source static 10.1.1.12 10.16.5.21
ip nat inside source static 10.0.3.63 10.16.5.22
ip nat inside source static 10.1.2.100 10.16.5.24
ip nat inside source static 10.1.7.5 10.16.5.25
ip nat inside source static 10.1.1.100 10.16.5.26
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.13.1
ip route 10.1.33.0 255.255.255.224 10.1.3.4
ip route 172.28.16.0 255.255.254.0 10.1.3.4
ip route 172.28.18.0 255.255.254.0 10.1.3.4
!
no ip http server
ip http secure-server
!
!
ip prefix-list test seq 5 permit 10.16.5.0/26
!
ip prefix-list testwireless seq 10 permit 10.2.67.0/27
logging trap warnings
logging 10.75.225.97
access-list 1 permit 10.1.1.7
access-list 1 permit 10.0.0.56
access-list 1 permit 10.0.0.57
access-list 1 permit 10.0.0.94
access-list 1 permit 10.0.0.95
access-list 1 permit 10.0.0.98
access-list 1 permit 10.0.0.96
access-list 1 permit 10.0.0.97
access-list 1 permit 10.75.225.56
access-list 1 permit 10.75.225.57
access-list 1 permit 10.75.225.58
access-list 1 permit 10.75.225.11
access-list 1 permit 10.75.225.96
access-list 1 permit 10.75.225.97
access-list 10 permit 10.1.7.0 0.0.0.255
!
route-map to-test permit 10
 match ip address prefix-list test
!
route-map from-test permit 10
 match ip address prefix-list testwireless
!
!
!

!
!
!
!
!
banner exec ^CC
THIS IS A PRODUCTION ROUTER!

Follow our policy and, moreover, use your COMMON SENSE!

Did I say WAKE UP?! Don't do anything stupid or from the hip.

^C
banner motd ^CC
This computing system is for authorized official use only!

Unauthorized use or use for other than official business by the owner of
this computing system is a violation of state and federal law.
^C
!
line con 0
 password 7 03174A1E0F1D3349425141
 transport preferred all
 transport output all
line aux 0
 password 7 03174A1E0F1D3349425141
 transport preferred all
 transport output all
line vty 0 4
 access-class 1 in
 exec-timeout 5 0
 password 7 03174A1E0F1D3349425141
 transport preferred all
 transport input all
 transport output all
!
ntp clock-period 17180454
ntp server 10.127.0.1
end


output of show ip bgp

BGP table version is 162, local router ID is 10.127.3.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.2.0.0/16      10.100.8.217                           0 36822 i
*> 10.16.5.0/26     0.0.0.0                  0         32768 i

output of show ip route:

B       10.2.0.0/16 [20/0] via 10.100.8.217, 00:14:32
D       10.2.1.0/24 [90/271872] via 10.69.71.1, 2d20h, FastEthernet1/0

When I do "show ip route 10.2.67.0" from another router that is directly connected to this one, it says that the subnet is not in the route table. I wonder if I should tell the vendor to 10.2.67.0/27 in lieu of 10.2.0.0/16
0
Comment
Question by:tshi5791
18 Comments
 
LVL 30

Expert Comment

by:ded9
ID: 16978616
http://www.netcraftsmen.net/welcher/papers/bgp2.htm

Check the above link might help

Reps

0
 
LVL 10

Expert Comment

by:naveedb
ID: 16978877
Are you able to ping vendor from the router itself?

Also;

ip prefix-list test seq 5 permit 10.16.5.0/26
!
ip prefix-list testwireless seq 10 permit 10.2.67.0/27

You are using above in route-maps; and they are /26 and /27, why do you have them this way? Are you trying to filter the routing updates?
0
 

Author Comment

by:tshi5791
ID: 16978994
my apologies, the ip prefix-list is:

ip prefix-list testwireless seq 10 permit 10.2.0.0/27

The vendor gave us the following subnet to use
10.2.67.0/27 that is supposed to be coming from their bgp advertisement

and 10.16.5.0/26 that we are supposed to send to them.
0
 

Author Comment

by:tshi5791
ID: 16979014
Yes, I am able to ping 10.2.67.2 which is the network that we suppose to hit.
0
 
LVL 10

Expert Comment

by:naveedb
ID: 16979442
can you post show ip route from the other router. I am assuming that router has 10.16.5.0/26 connected directly to it?
0
 

Author Comment

by:tshi5791
ID: 16979702
We used a loopback address on this router and gave it a 10.16.5.62 IP address as you can see in the posted configuration.  The problem is from our internal network behind the EIGRP config to get to 10..2.67.0/27. We have two WAN connections to this router. Here is the show ip route from one of the router connected to this one.

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.1.1.12 to network 0.0.0.0

     170.137.0.0/16 is variably subnetted, 21 subnets, 5 masks
D EX    170.137.230.192/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.254.196/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.7.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.5.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.4.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.230.237/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.9.0/30 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.254.155/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.254.154/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.112.0/20 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.240.163/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.80.0/22 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.230.188/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.95.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.254.163/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.93.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.239.0/30 [170/514816] via 10.1.1.13, 1d05h, GigabitEthernet0/0
D EX    170.137.230.21/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.230.22/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    170.137.196.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    170.137.212.0/24 [170/514816] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     198.235.27.0/32 is subnetted, 5 subnets
D EX    198.235.27.71 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    198.235.27.182 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    198.235.27.185 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    198.235.27.195 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    198.235.27.192 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 198.140.57.0/24 [170/1737728] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     209.140.121.0/27 is subnetted, 2 subnets
D EX    209.140.121.64 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    209.140.121.160 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     198.235.25.0/32 is subnetted, 1 subnets
D EX    198.235.25.26 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     155.195.0.0/32 is subnetted, 7 subnets
D EX    155.195.43.49 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    155.195.43.48 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    155.195.43.3 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    155.195.43.2 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    155.195.43.7 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    155.195.43.9 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    155.195.43.8 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     192.168.110.0/30 is subnetted, 2 subnets
D EX    192.168.110.104 [170/67328] via 10.1.11.1, 3d02h, Serial1/0
D EX    192.168.110.220 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     38.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
D EX    38.139.6.0/24 [170/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX    38.139.0.0/21 [170/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX    38.139.2.0/24 [170/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX 209.224.162.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     65.0.0.0/24 is subnetted, 1 subnets
D EX    65.164.7.0 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 198.160.150.0/24 [170/1737728] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     209.254.197.0/30 is subnetted, 1 subnets
D EX    209.254.197.12 [170/2183936] via 10.1.1.13, 3d03h, GigabitEthernet0/0
     156.48.0.0/16 is variably subnetted, 15 subnets, 6 masks
D EX    156.48.14.128/25 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.18.128/26 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.254.17/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.1.216/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.36/31 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.8/29 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.106/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.104/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.110/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.111/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.108/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.109/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.112/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    156.48.14.113/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     198.235.29.0/32 is subnetted, 3 subnets
D EX    198.235.29.24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    198.235.29.74 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    198.235.29.153 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 208.134.161.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     172.21.0.0/30 is subnetted, 2 subnets
D       172.21.23.248 [90/25863680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       172.21.23.244 [90/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     172.20.0.0/26 is subnetted, 1 subnets
D EX    172.20.4.0 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     172.28.0.0/23 is subnetted, 2 subnets
D EX    172.28.16.0 [170/263680] via 10.1.13.2, 2d19h, Serial4/0
                    [170/263680] via 10.1.1.13, 2d19h, GigabitEthernet0/0
D EX    172.28.18.0 [170/263680] via 10.1.13.2, 2d19h, Serial4/0
                    [170/263680] via 10.1.1.13, 2d19h, GigabitEthernet0/0
     206.190.99.0/32 is subnetted, 5 subnets
D EX    206.190.99.63 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    206.190.99.62 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    206.190.99.66 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    206.190.99.65 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    206.190.99.64 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 198.212.155.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 205.183.246.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     192.168.174.0/29 is subnetted, 1 subnets
D EX    192.168.174.0 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 204.167.179.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     162.68.0.0/22 is subnetted, 1 subnets
D EX    162.68.28.0 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX 198.148.168.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     162.168.0.0/22 is subnetted, 1 subnets
D EX    162.168.28.0 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     92.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
D EX    92.41.82.45/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    92.41.82.23/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    92.41.82.22/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    92.41.82.21/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    92.41.82.24/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    92.1.9.0/24 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    92.2.9.0/24 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     10.0.0.0/8 is variably subnetted, 55 subnets, 8 masks
C       10.1.11.0/24 is directly connected, Serial1/0
D       10.0.8.0/22 [90/64768] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.1.14.0/24 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
C       10.1.13.0/30 is directly connected, Serial4/0
D       10.0.12.0/22 [90/64768] via 10.1.11.1, 3d03h, Serial1/0
D       10.1.12.0/30 [90/25863424] via 10.1.1.13, 3d02h, GigabitEthernet0/0
C       10.1.12.0/24 is directly connected, Serial3/0
D       10.69.71.0/24 [90/261120] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       10.1.3.0/24 [90/263680] via 10.1.13.2, 3d02h, Serial4/0
                    [90/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       10.69.70.0/29 [90/261120] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       10.2.1.0/24 [90/69888] via 10.1.11.1, 3d02h, Serial1/0
D       10.1.2.0/24 [90/25861120] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       10.0.3.0/24 [90/67072] via 10.1.11.1, 3d03h, Serial1/0
C       10.1.1.0/24 is directly connected, GigabitEthernet0/0
D       10.0.0.0/22 [90/64512] via 10.1.11.1, 3d03h, Serial1/0
D       10.0.4.0/22 [90/64768] via 10.1.11.1, 3d03h, Serial1/0
D       10.1.4.0/24 [90/30720] via 10.1.1.13, 1w0d, GigabitEthernet0/0
D EX    10.31.15.0/24 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    10.1.16.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D       10.69.81.0/24 [90/266752] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       10.69.80.0/24 [90/67328] via 10.1.11.1, 3d02h, Serial1/0
D EX    10.16.5.0/26 [170/389120] via 10.1.13.2, 1d22h, Serial4/0
                     [170/389120] via 10.1.1.13, 1d22h, GigabitEthernet0/0
D EX    10.1.44.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.1.33.0/27 [170/263680] via 10.1.13.2, 2d19h, Serial4/0
                     [170/263680] via 10.1.1.13, 2d19h, GigabitEthernet0/0
D EX    10.1.56.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.127.0.65/32 [170/192512] via 10.1.11.1, 3d02h, Serial1/0
D       10.10.48.4/30 [90/2175232] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D EX    10.1.63.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.127.0.66/32 [170/192512] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.1.54.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.127.48.1/32 [170/2303232] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D EX    10.77.0.0/24 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
D       10.127.229.200/32 [90/192768] via 10.1.11.1, 3d02h, Serial1/0
D       10.75.48.0/20 [90/2177792] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D EX    10.127.0.7/32 [170/189952] via 10.1.11.1, 1w0d, Serial1/0
D       10.127.0.1/32 [90/192512] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.127.2.2/32 [170/389120] via 10.1.1.13, 3d02h, GigabitEthernet0/0
C       10.127.1.1/32 is directly connected, Loopback0
D EX    10.127.2.1/32 [170/25989120] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    10.127.3.1/32 [170/389120] via 10.1.13.2, 3d02h, Serial4/0
                      [170/389120] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D       10.127.0.12/32 [90/192512] via 10.1.11.1, 3d02h, Serial1/0
D EX    10.127.0.14/32 [170/192512] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.127.228.5/32 [170/192768] via 10.1.11.1, 3d02h, Serial1/0
D EX    10.127.228.4/32 [170/192768] via 10.1.11.1, 3d02h, Serial1/0
D EX    10.132.58.40/30 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D       10.75.225.0/24 [90/64768] via 10.1.11.1, 3d03h, Serial1/0
D       10.75.224.0/24 [90/64768] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.140.10.40/30 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D       10.75.229.0/24 [90/67328] via 10.1.11.1, 3d02h, Serial1/0
D       10.75.228.0/24 [90/65024] via 10.1.11.1, 3d02h, Serial1/0
D       10.75.232.0/24 [90/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX    10.247.19.64/26 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    10.127.200.1/32 [170/197888] via 10.1.11.1, 3d02h, Serial1/0
D EX    10.100.8.216/30 [170/263680] via 10.1.13.2, 3d02h, Serial4/0
                        [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
D EX    10.127.200.2/32 [170/195328] via 10.1.11.1, 3d02h, Serial1/0
     192.168.6.0/28 is subnetted, 1 subnets
D       192.168.6.96 [90/65024] via 10.1.11.1, 3d02h, Serial1/0
     216.164.74.0/30 is subnetted, 1 subnets
D EX    216.164.74.184 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
D    192.168.97.0/24 [90/67072] via 10.1.11.1, 3d03h, Serial1/0
     12.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D EX    12.41.5.0/24 [170/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX    12.165.139.0/24 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX    12.168.143.0/24 [170/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX    12.168.136.100/30 [170/69888] via 10.1.11.1, 3d02h, Serial1/0
D EX    12.168.137.100/30 [170/72448] via 10.1.11.1, 3d02h, Serial1/0
     63.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D EX    63.65.17.177/32 [170/67072] via 10.1.11.1, 1w0d, Serial1/0
D EX    63.65.17.176/30 [170/67072] via 10.1.11.1, 1w0d, Serial1/0
D EX 192.168.186.0/24 [170/263680] via 10.1.1.13, 3d02h, GigabitEthernet0/0
     167.204.0.0/16 is variably subnetted, 13 subnets, 5 masks
D EX    167.204.77.32/28 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.122.0/24 [170/64768] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.121.0/24
           [170/2203392] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D EX    167.204.97.23/32 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.77.0/24 [170/64768] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.124.32/29 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.83.0/24 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.144.77/32 [170/64768] via 10.1.11.1, 3d03h, Serial1/0
D EX    167.204.139.32/29 [170/64768] via 10.1.11.1, 3d02h, Serial1/0
D EX    167.204.168.0/21
           [170/2200832] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D EX    167.204.160.0/21
           [170/2200832] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D       167.204.232.88/29
           [90/2200832] via 10.1.1.13, 3d03h, GigabitEthernet0/0
D EX    167.204.145.6/32 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
     207.96.47.0/26 is subnetted, 1 subnets
D EX    207.96.47.64 [170/67072] via 10.1.11.1, 3d02h, Serial1/0
S*   0.0.0.0/0 [1/0] via 10.1.1.12
D EX 199.105.176.0/21 [170/67072] via 10.1.11.1, 3d03h, Serial1/0
D EX 199.105.184.0/23 [170/67072] via 10.1.11.1, 3d03h, Serial1/0

0
 
LVL 10

Expert Comment

by:naveedb
ID: 16981385
We used a loopback address on this router and gave it a 10.16.5.62 IP address as you can see in the posted configuration.  The problem is from our internal network behind the EIGRP config to get to 10..2.67.0/27

Two things here. You are only advertising (trying to) 10.16.5.0/26 subnet, howevr this is configured on your loopback. Are you trying to do NAT?
0
 

Author Comment

by:tshi5791
ID: 16983407
Yes the vendor wants us to come as 10.16.5.0/26. So we NAT our internal network to this range of addresses.
The vendor supposed to be sending us 10.2.67.0/27. Friday, the vendor was able to ping the NATTED IP addresses but we could not ping their side.

output of show ip bgp

BGP table version is 162, local router ID is 10.127.3.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.2.0.0/16      10.100.8.217                           0 36822 i
*> 10.16.5.0/26     0.0.0.0                  0         32768 i

output of show ip route:

B       10.2.0.0/16 [20/0] via 10.100.8.217, 00:14:32
D       10.2.1.0/24 [90/271872] via 10.69.71.1, 2d20h, FastEthernet1/0

When I do "show ip route 10.2.67.0" from another router that is directly connected to this one, it says that the subnet is not in the route table. I wonder if I should tell the vendor to 10.2.67.0/27 in lieu of 10.2.0.0/16
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 10

Expert Comment

by:naveedb
ID: 16983672
If you are doing NAT, you don't need to see the NATTED addresses on the other router. They way you have configured NAT, is by having this router setup as default-route will allow other devices to get out to 10.2.67.0/27 subnet.

The issue with Vendor is also valid; if they only want 10.2.67.0/27 then they should not advertise 10.2.0.0/16 to you.

If you do show ip nat tra on your router, what is the output?
0
 

Author Comment

by:tshi5791
ID: 16984793
I don't need to see the natted addresses from my connected router. I only want to hit 10.2.67.0/27. I was able to hit by adding static IP route from the routers that connect directly to the edge router connected to the vendor. But the problem now arises if I reditribute the static router under my eigrp process. This causes a loop because the edge router also has eigrp process running and it also redistribute static route.
0
 

Author Comment

by:tshi5791
ID: 16984842
plus the vendor just told me that they use 10.2.0.0/16 as a summary for all the firms.
0
 
LVL 10

Expert Comment

by:naveedb
ID: 16984846
Lets try to address one issue at a time.

You do not have any issued with connectivity, you are able to access all the devices on Vendor Network from your internal network with static routes?
0
 

Author Comment

by:tshi5791
ID: 16985040
only from directly connected networks to the edge router. Once we tried to advertise this new routes under the eigrp process, it causes a loop.
0
 

Author Comment

by:tshi5791
ID: 16985673
Well we somewhat fixed the problem by adding a static route on the router connecting to the vendor.

ip route 10.2.67.0 255.255.255.224 10.100.8.217

this was the only way around without modifying our entire network configuration. This also could have been avoided if the vendor did not use 10.2.0.0/16 for all its clients.

Thanks all for suggestions.

0
 
LVL 10

Expert Comment

by:naveedb
ID: 16987347
It is really complicated configurion that you have deployed, but I guess you don't have a choice.
0
 

Author Comment

by:tshi5791
ID: 16987365
It is and I wish I had a choice but the network was already in place and I have to work what I have. Thanks.
0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 17364782
PAQed with points refunded (250)

DarthMod
Community Support Moderator
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Let’s list some of the technologies that enable smooth teleworking. 
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now