Solved

Routing problems after changes of providers

Posted on 2013-06-11
29
311 Views
Last Modified: 2013-06-21
Dear Experts,

I am in need to make this network from office B 172.16.8.0 ping to this management network in office A 172.16.102.0.

 We can ping from office A 172.16.100.0 to  office B 172.16.8.0 native data.

We have a new IP Flex Fiber network with AT&T that the voice gateway is working fine. The voice gateway came from a MPLS  T1 and is now on the IP flex.

On the same IP flex network we are not able to route data correctly. The Data network came from ISPs across VPN tunnels not a T1. We need to know what changes to make on our routers to get the DATA to flow over the IP Flex.

Our routers currently have separate interfaces for voice and data. Data is our problem right now.
ExpertsOKC.txt
0
Comment
Question by:marceloNYC
  • 18
  • 11
29 Comments
 
LVL 11

Expert Comment

by:naderz
ID: 39238849
I don't see a route for 172.16.102.0 pointing to office office A. Are you getting 172.16.102.0 via EIGRP from office A?

Can you post show ip route for both routers?
0
 

Author Comment

by:marceloNYC
ID: 39239266
Here you go: Router office A:

#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.102.5 to network 0.0.0.0

     98.0.0.0/32 is subnetted, 1 subnets
S       98.xx.yy.77 [1/0] via 173.11.153.22
C    192.168.10.0/24 is directly connected, FastEthernet1.700
     172.16.0.0/16 is variably subnetted, 13 subnets, 4 masks
D EX    172.16.253.0/24 [170/2315264] via 10.255.255.10, 02:40:33, Tunnel50
D       172.16.16.0/23 [90/2036224] via 10.255.255.10, 02:40:33, Tunnel50
D       172.16.19.0/24 [90/2036224] via 10.255.255.18, 13:25:39, Tunnel60
D       172.16.12.0/24 [90/2292224] via 10.255.255.10, 02:40:33, Tunnel50
D       172.16.8.0/22 [90/2292224] via 10.255.255.10, 02:40:33, Tunnel50
D       172.16.8.0/21 [90/4340224] via 10.255.255.1, 02:40:42, Tunnel10
D EX    172.16.0.0/24 [170/2315264] via 10.255.255.10, 02:40:33, Tunnel50
C       172.16.104.0/24 is directly connected, FastEthernet1.900
D       172.16.104.0/22 is a summary, 02:40:33, Null0
C       172.16.100.0/24 is directly connected, FastEthernet1.10
D       172.16.100.0/22 is a summary, 5d17h, Null0
C       172.16.102.0/24 is directly connected, FastEthernet1.222
S       172.16.103.0/24 [1/0] via 172.16.102.5
     172.31.0.0/24 is subnetted, 1 subnets
D EX    172.31.254.0 [170/2315264] via 10.255.255.10, 02:40:35, Tunnel50
     173.11.0.0/29 is subnetted, 1 subnets
C       173.11.153.16 is directly connected, FastEthernet0
     216.xx.yy.0/32 is subnetted, 1 subnets
S       216.xx.yy.67 [1/0] via 173.11.153.22
     10.0.0.0/8 is variably subnetted, 14 subnets, 4 masks
C       10.255.255.8/30 is directly connected, Tunnel50
D       10.255.255.12/30 [90/2289664] via 10.255.255.10, 02:40:35, Tunnel50
C       10.255.255.0/30 is directly connected, Tunnel10
D EX    10.10.10.0/24 [170/2315264] via 10.255.255.10, 02:40:35, Tunnel50
S       10.0.0.0/8 is directly connected, Null0
D EX    10.255.254.0/30
           [170/1671680] via 172.16.102.3, 02:40:44, FastEthernet1.222
D EX    10.255.254.4/30
           [170/1671680] via 172.16.102.3, 02:40:44, FastEthernet1.222
C       10.255.255.16/30 is directly connected, Tunnel60
D       10.255.0.24/32 [90/2161664] via 10.255.255.10, 02:40:35, Tunnel50
C       10.255.0.1/32 is directly connected, Loopback22
D       10.255.0.2/32
           [90/156160] via 172.16.102.3, 02:40:44, FastEthernet1.222
D       10.255.0.12/32 [90/2420224] via 10.255.255.10, 02:40:35, Tunnel50
D       10.255.0.14/32 [90/2161664] via 10.255.255.18, 13:25:41, Tunnel60
D       10.255.0.11/32 [90/2417664] via 10.255.255.10, 02:40:35, Tunnel50
     74.0.0.0/32 is subnetted, 1 subnets
S       74.213.45.114 [1/0] via 173.11.153.22
S*   0.0.0.0/0 [1/0] via 172.16.102.5
S    172.16.0.0/12 is directly connected, Null0
S    192.168.0.0/16 is directly connected, Null0

Router Office B:

sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.10.5 to network 0.0.0.0

     71.0.0.0/32 is subnetted, 1 subnets
S       71.40.250.242 [1/0] via 98.174.170.1
     98.0.0.0/24 is subnetted, 1 subnets
C       98.xx.yy.0 is directly connected, FastEthernet0
D    192.168.10.0/24 [90/2036224] via 10.255.255.2, 02:41:54, Tunnel10
     172.16.0.0/16 is variably subnetted, 14 subnets, 4 masks
S       172.16.253.0/24 [1/0] via 172.16.8.254
D       172.16.16.0/23 [90/2036224] via 10.255.255.14, 02:41:54, Tunnel40
D       172.16.19.0/24 [90/2292224] via 10.255.255.2, 02:41:54, Tunnel10
C       172.16.12.0/24 is directly connected, FastEthernet1.900
C       172.16.8.0/24 is directly connected, FastEthernet1.108
D       172.16.8.0/22 is a summary, 02:41:54, Null0
D       172.16.8.0/21 is a summary, 02:41:54, Null0
C       172.16.10.0/24 is directly connected, FastEthernet1.222
S       172.16.11.0/24 [1/0] via 172.16.10.5
S       172.16.0.0/24 [1/0] via 172.16.8.254
D       172.16.104.0/24 [90/2292224] via 10.255.255.14, 02:41:55, Tunnel40
D       172.16.104.0/22 [90/2036224] via 10.255.255.2, 02:42:04, Tunnel10
D EX    172.16.100.0/24
           [170/1671680] via 172.16.10.3, 06:01:20, FastEthernet1.222
D       172.16.100.0/22 [90/2036224] via 10.255.255.2, 02:41:55, Tunnel10
     172.31.0.0/24 is subnetted, 1 subnets
S       172.31.254.0 [1/0] via 172.16.8.254
     173.11.0.0/32 is subnetted, 1 subnets
S       173.11.153.18 [1/0] via 98.174.170.1
     216.xx.yy.0/32 is subnetted, 1 subnets
S       216.201.183.67 [1/0] via 98.174.170.1
     10.0.0.0/8 is variably subnetted, 14 subnets, 4 masks
D       10.255.255.8/30 [90/2289664] via 10.255.255.14, 02:41:55, Tunnel40
                        [90/2289664] via 10.255.255.2, 02:41:55, Tunnel10
C       10.255.255.12/30 is directly connected, Tunnel40
C       10.255.255.0/30 is directly connected, Tunnel10
S       10.10.10.0/24 [1/0] via 172.16.8.254
S       10.0.0.0/8 is directly connected, Null0
D EX    10.255.254.0/30
           [170/1671680] via 172.16.10.3, 02:41:55, FastEthernet1.222
D EX    10.255.254.4/30
           [170/1671680] via 172.16.10.3, 02:41:56, FastEthernet1.222
D       10.255.255.16/30 [90/2289664] via 10.255.255.2, 02:41:56, Tunnel10
D       10.255.0.24/32 [90/2161664] via 10.255.255.14, 02:41:56, Tunnel40
D       10.255.0.1/32 [90/2161664] via 10.255.255.2, 02:41:56, Tunnel10
D       10.255.0.2/32 [90/2164224] via 10.255.255.2, 02:41:56, Tunnel10
D       10.255.0.12/32
           [90/156160] via 172.16.10.3, 02:41:56, FastEthernet1.222
D       10.255.0.14/32 [90/2417664] via 10.255.255.2, 02:41:56, Tunnel10
C       10.255.0.11/32 is directly connected, Loopback22
     74.0.0.0/32 is subnetted, 1 subnets
S       74.213.45.114 [1/0] via 98.174.170.1
S*   0.0.0.0/0 [1/0] via 172.16.10.5
S    172.16.0.0/12 is directly connected, Null0
S    192.168.0.0/16 is directly connected, Null0

Thank you for taking a look Naderz
0
 

Author Comment

by:marceloNYC
ID: 39239283
What I really want to do is keep traffic organize in where the MPLS connection is first choice for the DATA network instead of the VPN tunnels between offices A and B.
0
 
LVL 11

Expert Comment

by:naderz
ID: 39239672
Just a quick look: I don't see 172.16.102.0 in the route table of Location B. Doesn't look like Location B router knows how to get back to Location A.

Also, I am not clear as to what you mean by DATA over MPLS instead of the Tunnels. Which interface is the MPLS connection?
0
 

Author Comment

by:marceloNYC
ID: 39244517
Here is a drawing of the network I just took over. I need to make traffic go between office A and B run over that AT&T IP Flex line. Right now office A comes to office B using the VPN between office C.

Here is a tracert from Office A to office B:

 C:\Users\office A>tracert 172.16.8.225 to office B LAN

Tracing route to 172.16.8.225 over a maximum of 30 hops

  1    <1 ms    <1 ms    <1 ms  172.16.100.2 <-- Office <-- A LAN address VPN router
  2    40 ms    40 ms    39 ms  10.255.255.10 <- office <--C VPN router
  3    40 ms    39 ms    44 ms  10.255.255.13 <-- office B <-- office B VPN router
  4    39 ms    37 ms    42 ms  172.16.8.225 <-- office B LAN address

Trace complete.

Tracert from office B to office A:

C:\Users\mzamorano>tracert 172.16.102.5 <-- network Management address

Tracing route to  [172.16.102.5]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  172.16.8.2 <-- LAN address for office B VPN router
  2    52 ms    45 ms    57 ms  10.255.255.2 < office A VPN router
  3    47 ms    44 ms    44 ms  i  [172.16.102.5]

Trace complete.

C:\Users\mzamorano>tracert 172.16.100.6 <-- LAN network address for Office A

Tracing route to is-hous-cm01 [172.16.100.6]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  172.16.8.2 <-- VPN router office B LAN address
  2     1 ms     1 ms     1 ms  172.16.10.3 <-- Office B Voice gateway router (not VPN)
  3     1 ms    <1 ms    <1 ms  10.255.254.6
  4     1 ms     1 ms     1 ms  12.113.178.153
  5    16 ms    14 ms    15 ms  cr2.kc9mo.ip.att.net [12.123.130.234] <-- this is what we need to see for all traffic
  6    15 ms    14 ms    15 ms  cr1.dlstx.ip.att.net [12.122.155.5]
  7    14 ms    14 ms    14 ms  cr2.hs1tx.ip.att.net [12.122.28.158]
  8    13 ms    13 ms    13 ms  12.113.178.145
  9    13 ms    13 ms    13 ms  12.113.178.146
 10    38 ms    39 ms    38 ms  10.255.254.1
 11    38 ms    39 ms    46 ms    [172.16.100.6]

Trace complete.

 


In another words I do not want to use the VPN tunnels for any traffic between office A and B. All traffic for the 3 networks (LAN, VoIP, Management network) in the AT& T IP Flex.

It will be nice to make the tunnels available if the AT&T IP Flex was down.

I thank you so much for any help on this. I know is kind of messy.
ntwrktopology2.jpg
0
 

Author Comment

by:marceloNYC
ID: 39244863
Interesting output here from the call voice gateway router office B with LAN IP address 172.16.8.3:

Router office B#sh ip route 172.16.102.5 <-- to office A
Routing entry for 172.16.100.0/22
  Known via "eigrp 42", distance 90, metric 2038784, type internal
  Redistributing via eigrp 42
  Last update from 172.16.10.2 on FastEthernet0/1.222, 19:02:17 ago
  Routing Descriptor Blocks:
  * 172.16.10.2, from 172.16.10.2, 19:02:17 ago, via FastEthernet0/1.222
      Route metric is 2038784, traffic share count is 1
      Total delay is 10200 microseconds, minimum bandwidth is 1440 Kbit
      Reliability 255/255, minimum MTU 1400 bytes
      Loading 1/255, Hops 2

Router Office B1#sh ip route 172.16.100.6 < to office A LAN
Routing entry for 172.16.100.0/24
  Known via "bgp 65510", distance 20, metric 0
  Tag 65500, type external
  Redistributing via eigrp 42
  Advertised by eigrp 42 metric 1536 10 255 1 1500 route-map Redist-BGPtoEIGRP
  Last update from 10.255.254.6 1w0d ago
  Routing Descriptor Blocks:
  * 10.255.254.6, from 10.255.254.6, 1w0d ago
      Route metric is 0, traffic share count is 1
      AS Hops 4
      Route tag 65500
0
 

Author Comment

by:marceloNYC
ID: 39244975
Trying to answer: Also, I am not clear as to what you mean by DATA over MPLS instead of the Tunnels. Which interface is the MPLS connection?

We have 3 networks between both offices. One for phone, LAN (DATA) and Network  Management(172.16.102.0).  I am not sure which one is the Interface for the IP Flex or MPLS connection. I have a mess of interfaces here all connecting either with EIGRP for this or BGP for that. There are also router links for AT&T I think that is what you are asking me for.
0
 

Author Comment

by:marceloNYC
ID: 39245324
This network has HSRP and GLBP Gateway Load Balancing Protocol configure along with BGP and EIGRP. I think that my solution is with the current HSRP and GLBP configuration.
0
 
LVL 11

Expert Comment

by:naderz
ID: 39245552
Interesting setup. I am sorting through the configs and the diagram and will get back to you.
0
 

Author Comment

by:marceloNYC
ID: 39245592
I appreciated, I am pulling my hair out.  I ran wireshark and that is how I saw HSRP and GLBP.
0
 

Author Comment

by:marceloNYC
ID: 39245977
Some additional information:

Router Office B#sh glbp
FastEthernet1.108 - Group 1
  State is Active
    11 state changes, last state change 2d06h
  Virtual IP address is 172.16.8.1
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.596 secs
  Redirect time 600 sec, forwarder timeout 14400 sec
  Preemption enabled, min delay 0 sec
  Active is local
  Standby is 172.16.8.3, priority 100 (expires in 9.232 sec)
  Priority 110 (configured)
  Weighting 100 (configured 100), thresholds: lower 91, upper 99
    Track object 1 state Up decrement 10
  Load balancing: weighted
  Group members:
    0007.0e41.7de9 (172.16.8.2) local
    001f.9e16.d311 (172.16.8.3)
  There are 2 forwarders (1 active)
  Forwarder 1
    State is Active
      31 state changes, last state change 2d03h
    MAC address is 0007.b400.0101 (default)
    Owner ID is 0007.0e41.7de9
    Redirection enabled
    Preemption enabled, min delay 30 sec
    Active is local, weighting 100
    Client selection count: 208538
  Forwarder 2
    State is Listen
      8 state changes, last state change 2d06h
    MAC address is 0007.b400.0102 (learnt)
    Owner ID is 001f.9e16.d311
    Redirection enabled, 598.068 sec remaining (maximum 600 sec)
    Time to live: 14398.068 sec (maximum 14400 sec)
    Preemption enabled, min delay 30 sec
    Active is 172.16.8.3 (primary), weighting 50 (expires in 8.068 sec)
    Client selection count: 106468

Router office A ##sh glbp

No output....
0
 

Author Comment

by:marceloNYC
ID: 39246000
0
 

Author Comment

by:marceloNYC
ID: 39246048
Route from Office B to Office D

Router Office B#traceroute 172.16.19.5

Type escape sequence to abort.
Tracing the route to 172.16.19.5

  1 10.255.255.14 32 msec 64 msec 48 msec <-- Office C router link --
  2 10.255.255.9 68 msec 68 msec 64 msec <--- office A router link
  3 10.255.255.18 112 msec 100 msec 96 msec <--- Office D router link
  4  *
    172.16.19.5 112 msec *
0
 
LVL 11

Expert Comment

by:naderz
ID: 39246686
Not knowing the behind the configuration it is hard to say why it is the way it is. But, I can you tell you that this is a challenge to sort out. If I where you, I would plan on redesigning the whole thing.

You have three routing protocols plus static routes!!! You have three private AS BGPs running!!!

There is static routes redistributing into EIGRP and EIGRP into RIP!!! And, to make it more exciting there is GLBP and HSRP!

Would you be able to confirm the correctness of the diagram and provide scrubbed full running-configs of all the routers?

Also, what's under the routers at each location? Switches?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:marceloNYC
ID: 39248062
I am going to reconfigure the whole network as you said. I am going to take out the dynamic routing and redundancy for now.

All I need if this:



Office A <------------------------AT&T dedicate line call IP Flex---------------------------> Office B (all traffic)

Office A is the main office should keep VPN tunnel with Office C And D

Office B should get to other offices through Office A

If you could please give some ideas on how to get there considering everything the previous admin did. That will be great.

The stress for me now is losing connectivity with the remote offices.


Thanks!
OfficeA-HSRP.txt
OfficeA-VPN.txt
OfficeA-VG.txt
OfficeB-VG.txt
OfficeB-VPN.txt
OfficeC-HSRP.txt
OfficeC-VG.txt
OfficeC-VPN.txt
0
 
LVL 11

Expert Comment

by:naderz
ID: 39248655
OK. Let me review the configs, and I will let you know.
0
 
LVL 11

Expert Comment

by:naderz
ID: 39249264
So, for now you just want to have connectivity between Office B (172.16.8.0) and Office A (172.16.102.0); correct? I think this can be done with some changes in the EIGRP and perhaps one static route.

Would you please run a traceroute from each of the above to the other and post the results?
Also, I am assuming that the VG routers are the ones connected to IP Flex, please confirm.

One more request: please post show ip eigrp nei for both Office A and B VG routers.
0
 

Author Comment

by:marceloNYC
ID: 39253076
Good morning,

Here we go:

Office A GW#show ip eigrp nei
IP-EIGRP neighbors for process 42
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
4   10.255.255.1            Tu10              11 4d17h      29   200  0  954
2   10.255.255.10           Tu50              13 4d17h      40   240  0  928
3   10.255.255.18           Tu60              12 6d06h      31   200  0  1069
0   172.16.102.5            Fa1.222           11 10w5d       1   200  0  841
1   172.16.102.3            Fa1.222           10 31w4d       1   200  0  2824
 

Office B Router VG:

 #show ip eigrp nei
IP-EIGRP neighbors for process 42
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
1   172.16.10.5             Fa0/1.222         11 5d22h       1   200  0  385
0   172.16.10.2             Fa0/1.222         11 5d22h       1   200  0  955

Thanks!
0
 

Author Comment

by:marceloNYC
ID: 39253191
I shut down the tunnels between office b to offices A & C and is working the way I want it for now. Except that Office B and Office C are not connecting. I am trying to change it so it goes to office C through office A.

Now I need to add the Static route to network 172.16.102.0 in office A for office B to connect to.
0
 

Author Comment

by:marceloNYC
ID: 39253470
This pipe command gives a really cool output:

sh run | sec router|ip route|ip prefix|route-map

router eigrp 42
 redistribute static route-map Redist-Static-EIGRP
 passive-interface FastEthernet1.108
 passive-interface FastEthernet1.900
 network 10.255.0.11 0.0.0.0
 network 10.255.255.0 0.0.0.3
 network 10.255.255.12 0.0.0.3
 network 10.255.255.144 0.0.0.15
 network 172.16.8.0 0.0.0.255
 network 172.16.10.0 0.0.0.255
 network 172.16.102.0 0.0.0.255
 network 172.16.100.0 0.0.3.255
 network 172.16.0.0
 default-metric 100000 100 255 1 1500
 no auto-summary
 eigrp router-id 10.255.0.11
router rip
 version 2
 redistribute eigrp 42 metric 1
 network 172.16.0.0
 no auto-summary
router bgp 65530
 no synchronization
 bgp log-neighbor-changes
 neighbor 172.16.10.3 remote-as 65530
 no auto-summary
ip route 0.0.0.0 0.0.0.0 172.16.10.5
ip route 10.0.0.0 255.0.0.0 Null0
ip route 10.10.10.0 255.255.255.0 172.16.8.254
ip route 71.xx.yy.242 255.255.255.255 98.xx.yy.1
ip route 74.xx.yy.114 255.255.255.255 98.xx.yy.1
ip route 172.16.0.0 255.240.0.0 Null0
ip route 172.16.0.0 255.255.255.0 172.16.8.254
ip route 172.16.11.0 255.255.255.0 172.16.10.5
ip route 172.16.253.0 255.255.255.0 172.16.8.254
ip route 172.31.254.0 255.255.255.0 172.16.8.254
ip route 173.xx.yy.18 255.255.255.255 98.xx.yy.1
ip route 192.168.0.0 255.255.0.0 Null0
ip route 216.xx.yy.67 255.255.255.255 98.xx.yy.1
route-map Redist-Static-EIGRP permit 10
 match ip address Static-Routes
0
 
LVL 11

Expert Comment

by:naderz
ID: 39254443
Any results from the static route 172.16.102.0 in office A for office B? That's the first thing I saw in your original post that the 172.16.102.0 was not present.
0
 

Author Comment

by:marceloNYC
ID: 39257174
I am okay now. I just cant get network 172.16.102.0 to ping 172.16.8.0 from office A to Office B.

I cant get it... I disconnected my self a couple of times already. I had to get a person to reboot the remote router.
0
 

Author Comment

by:marceloNYC
ID: 39257205
I wonder if I shoud added to the BGO network statements"


#sh bgp

#sh bgp
BGP table version is 775, local router ID is 10.255.0.12
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.255.0.2/32    10.255.254.6                           0 65500 7018 65500 65520 i
*> 10.255.0.12/32   0.0.0.0                  0         32768 i
*> 10.255.254.0/30  10.255.254.6                           0 65500 7018 65500 i
*  10.255.254.4/30  10.255.254.6             0             0 65500 i
*>                  0.0.0.0                  0         32768 i

Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.8.0/21    0.0.0.0                            32768 i
s> 172.16.12.0/24   0.0.0.0                  0         32768 i
*> 172.16.100.0/24  10.255.254.6                           0 65500 7018 65500 65520 i
*> 172.16.104.0/24  10.255.254.6                           0 65500 7018 65500 65520 i

It is missing that 172.16.102.0 network


From sh run:
Router office B#
 redistribute bgp 65510 metric 1536 10 255 1 1500 route-map Redist-BGPtoEIGRP
 passive-interface FastEthernet0/1.108
 passive-interface FastEthernet0/1.900
 network 10.255.0.12 0.0.0.0
 network 172.16.8.0 0.0.7.255
 no auto-summary
 eigrp router-id 10.255.0.12
!
router bgp 65510
 no synchronization
 bgp log-neighbor-changes
 network 10.255.0.12 mask 255.255.255.255
 network 10.255.254.4 mask 255.255.255.252
 network 172.16.10.2 mask 255.255.255.255
 network 172.16.12.0 mask 255.255.255.0
 aggregate-address 172.16.8.0 255.255.248.0 summary-only
 neighbor 10.255.254.6 remote-as 65500
 neighbor 10.255.254.6 default-originate
 no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 172.16.10.5
ip route 10.0.0.0 255.0.0.0 Null0
ip route 172.16.0.0 255.240.0.0 Null0
ip route 192.168.0.0 255.255.0.0 Null0
0
 
LVL 11

Expert Comment

by:naderz
ID: 39257351
I would try to ultimately get rid off BGP, RIPv2, all the redistributions, and static routes. All you should need is EIGRP. With proper bandwidth statements EIGRP will do everything you need. But, you need to do this gradually. As such I would stop relying on BGP and band-aid routing using static routes.

Have you tried a static route for 172.16.102.0 on OfficeB-VG pointing to OfficeA-VG? That may do the trick. Also, check on OfficeA-VG route table and verify that it knows how to get back to 172.16.8.0 on the correct interface. If not, you may need to fix that also.

Your Office-VPN routers are not helping! Static routes on VG routers will hopefully cut them out of routing business until you sort this out.

Also, remember that you if you loose connection accidentally you can "hop" from router to router using the interface IP addresses for telnet. Telnet from the router itself.
0
 
LVL 11

Expert Comment

by:naderz
ID: 39257358
One more question: why is there a default route pointing to 172.16.102.5 on OfficeA-VG router?
0
 

Author Comment

by:marceloNYC
ID: 39257552
172.16.102.5 is the firewall that takes that office to the internet.

I tried making changes on the routing protocols and it causes all sorts of trouble.
0
 
LVL 11

Accepted Solution

by:
naderz earned 500 total points
ID: 39258472
Yes, you can not dismantle the routing protocols unless a complete redesign is planned and engineered. But, if you add the static route it may work to get what need done right now. You can then carefully proceed at a later date to clean things up.
0
 

Author Closing Comment

by:marceloNYC
ID: 39267115
You were very nice and very helpful to me with this complicated issue.

As it turned out:

 ip route 0.0.0.0 0.0.0.0 172.16.10.5 <-- Office B discontinue gateway

ip route 0.0.0.0 0.0.0.0 172.16.102.5 <-- office A gateway

The internet traffic had to be allow between offices by AT&T IP flex network for things to work. I also had to give them all of our LAN network address.  

I thank you so much for your time. Cheers!
0
 
LVL 11

Expert Comment

by:naderz
ID: 39267347
You are very welcome. Thank you for the update.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now