svi stops eigrp advertisement

I am trying to understand why eigrp is not advertised to sw4 (from sw5) when svi 200 (10.100.200.250) is configured on sw5.
sw3 advertises 10.100.200.0 via eigrp to its nrighbors. When it gets to sw5, it did not advertise to sw4. But when I shutdown int vlan 200 on sw5, sw4 receives the route 10.100.200.0 via sw5. Why?

sw4#sh ip eigrp topo 10.100.200.0/24
IP-EIGRP (AS 1): Topology entry for 10.100.200.0/24
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 33280
  Routing Descriptor Blocks:
  10.10.200.13 (Vlan204), from 10.10.200.13, Send flag is 0x0
Composite metric is (33280/30720), Route is Internal
...

pic
LVL 1
leblancAccountingAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Patrick BogersDatacenter platform engineer LindowsCommented:
Did you add the network to the right router eigrp AS?
When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route correct?
0
leblancAccountingAuthor Commented:
No. sw4 does not see a route to 10.100.200.0 from sw5 which is the optimal path. Bu t when I shutdown int vlan200 10.100.200.250 on sw5, sw4 sees the route to 10.100.200.0 via sw5.
0
Patrick BogersDatacenter platform engineer LindowsCommented:
You dont answer my quastions, Please do so.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

leblancAccountingAuthor Commented:
Did you add the network to the right router eigrp AS? Yes

sw3#sh run | sec eigrp
router eigrp 1
 passive-interface default
 no passive-interface Vlan202
 no passive-interface Vlan203
 network 10.10.30.0 0.0.0.255
 network 10.10.200.4 0.0.0.3
 network 10.10.200.8 0.0.0.3
 network 10.100.200.0 0.0.0.255
 no auto-summary

Open in new window


"When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route"

SVI 200 not shutdown:
sw4#sh ip ro 10.100.200.0
Routing entry for 10.100.200.0/24
  Known via "eigrp 1", distance 90, metric 35840, type internal
  Redistributing via eigrp 1
  Last update from 10.10.200.18 on Vlan205, 00:00:19 ago
  Routing Descriptor Blocks:
  * 10.10.200.18, from 10.10.200.18, 00:00:19 ago, via Vlan205
      Route metric is 35840, traffic share count is 1
      Total delay is 400 microseconds, minimum bandwidth is 100000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 3

Open in new window


SVI 200 shutdown:
sw4#sh ip ro 10.100.200.0
Routing entry for 10.100.200.0/24
  Known via "eigrp 1", distance 90, metric 33280, type internal
  Redistributing via eigrp 1
  Last update from 10.10.200.13 on Vlan204, 00:00:02 ago
  Routing Descriptor Blocks:
  * 10.10.200.13, from 10.10.200.13, 00:00:02 ago, via Vlan204
      Route metric is 33280, traffic share count is 1
      Total delay is 300 microseconds, minimum bandwidth is 100000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 2

Open in new window

0
JustInCaseCommented:
Something is missing in this picture. According to topology:
SVI 200 not shutdown Loading 1/255, Hops 3
SVI 200 shutdown Loading 1/255, Hops 2

But, both paths have 2 hops max. :)

Without knowing configuration details of devices it is impossible to know why one path is preferred to other. To find out why router is taking one path and not the other check EIGRP topology table on SW4.
The only idea without checking configuration details - are maybe some routers have the same EIGRP router-id? That could lead to ignoring hellos between devices.

show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(X.X.X.X)
0
JustInCaseCommented:
You can additionally check logs on devices:
show ip eigrp events
0
Patrick BogersDatacenter platform engineer LindowsCommented:
SH run | sec eigrp on switch3? I rather see the output on switch 5 and 4 since the problem looks to be there.
0
leblancAccountingAuthor Commented:
Sorry. I think I attached the wrong diagram. Here is the correct one. It looks to me that the path to 10.100.200.1 should go to sw5 instead of sw1. But it looks like the SVI 200 on sw5 prevents sw5 to advertise the route learnt (10.100.200.0/24) from sw3 to sw4. I am not sure why.

pic1
0
JustInCaseCommented:
Duplicated router-ids can cause such problems to make route advertisement to be dropped.
Also it can be seen that path when int VLAN 200
Known via "eigrp 1", distance 90, metric 35840, type internal
has higher cost than other path
Known via "eigrp 1", distance 90, metric 33280, type internal
Without additional information (configuration details and show command output) we can only guess about reasons.

I am not even sure why you have VLAN 200 and interface for it on sw5. Not sure that I see purpose of that one. :)
0
leblancAccountingAuthor Commented:
They need vlan200 because they run PBR (on sw5) on specific VLANs to force the traffic to go to FW2. SVI 200 10.100.200.250 beloing to the FW2 subnet.
They config is straightforward:

sw4:
sw4#sh run
Building configuration...
 
 
Current configuration : 3594 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZmvR$qKFRkSqC2fvo7o86EyZUl1
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
vtp file nvram:vlan.dat
username cisco secret 5 $1$bLbW$/7lI15919NQke1DXurAUc0
archive
log config
  hidekeys
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
 
 
...
!
interface FastEthernet1/15
switchport access vlan 40
duplex full
speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan40
ip address 10.10.40.1 255.255.255.0
!
interface Vlan204
ip address 10.10.200.14 255.255.255.252
!
interface Vlan205
ip address 10.10.200.17 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan204
no passive-interface Vlan205
network 10.10.40.0 0.0.0.255
network 10.10.200.12 0.0.0.3
network 10.10.200.16 0.0.0.3
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.40.254
!
!
no ip http server
no ip http secure-server
!
banner exec ^C
***************************************************************
This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
 
 
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
 
 
To view existing vlans use the command "show vlan-switch brief"
 
 
Alias(exec)     : vl   - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
--More--                            exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end
 

Open in new window


sw5--------------------------------------------------------------
sh run
Building configuration...
 
 
Current configuration : 4664 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw5
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$v4GY$0l8Jrh/k8HtA9xO8p3UEM/
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 20 priority 4096
spanning-tree vlan 30 priority 4096
spanning-tree vlan 40 priority 4096
spanning-tree vlan 50 priority 4096
spanning-tree vlan 100 priority 4096
spanning-tree vlan 200 priority 4096
vtp file nvram:vlan.dat
username cisco secret 5 $1$uqfW$6X358NUh6i/q3U8zzgpKo.
archive
log config
  hidekeys
ip tcp synwait-time 5
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
!
...
!
interface FastEthernet1/14
switchport access vlan 40
duplex full
speed 100
!
interface FastEthernet1/15
switchport access vlan 40
duplex full
--More--                            speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.10.10.254 255.255.255.0
!
interface Vlan20
ip address 10.10.20.254 255.255.255.0
!
interface Vlan30
ip address 10.10.30.254 255.255.255.0
!
interface Vlan40
ip address 10.10.40.254 255.255.255.0
 ip policy route-map PBR40
!
interface Vlan50
ip address 10.10.50.254 255.255.255.0
!
interface Vlan100
ip address 10.100.100.250 255.255.255.0
!
interface Vlan200
ip address 10.100.200.250 255.255.255.0
!
interface Vlan203
ip address 10.10.200.10 255.255.255.252
!
interface Vlan204
ip address 10.10.200.13 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan203
no passive-interface Vlan204
network 10.10.50.0 0.0.0.255
network 10.10.200.8 0.0.0.3
network 10.10.200.12 0.0.0.3
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.100.100.1
!
no ip http server
no ip http secure-server
!

access-list 40 permit 10.10.40.0 0.0.0.255
!
route-map PBR40 permit 40
 match ip address 40
 set ip default next-hop 10.100.200.1
!
no cdp log mismatch duplex
!
banner exec ^C
 
 
***************************************************************
--More--                           This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
 
 
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
 
 
To view existing vlans use the command "show vlan-switch brief"
 
 
Alias(exec)     : vl   - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
 
 
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
--More--                            exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end

Open in new window


sw3----------------------------------------------------------------------------
sw3#sh run
Building configuration...
 
 
Current configuration : 3619 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Xfb3$Jz1bcFR6nnjgRMAAxlWCl1
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
vtp file nvram:vlan.dat
username cisco secret 5 $1$X5uo$XuBo.eNhk9sIw4wo8O7VR0
archive
log config
  hidekeys
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
switchport access vlan 200
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
!
...
!
interface FastEthernet1/15
duplex full
speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.10.30.1 255.255.255.0
!
interface Vlan200
ip address 10.100.200.100 255.255.255.0
!
interface Vlan202
ip address 10.10.200.6 255.255.255.252
!
interface Vlan203
ip address 10.10.200.9 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan202
no passive-interface Vlan203
network 10.10.30.0 0.0.0.255
network 10.10.200.4 0.0.0.3
network 10.10.200.8 0.0.0.3
network 10.100.200.0 0.0.0.255
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.30.254
!
no ip http server
no ip http secure-server
!
banner exec ^C
***************************************************************
This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
 
 
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
 
 
To view existing vlans use the command "show vlan-switch brief"
 
 
Alias(exec)     : vl   - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end

Open in new window


Debug command---------------------------------------------------------------
sw4#sh ip eigrp topology all-links
IP-EIGRP Topology Table for AS(1)/ID(10.10.200.17)
 
 
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status
 
 
P 10.100.100.0/24, 1 successors, FD is 30720, serno 9
        via 10.10.200.18 (30720/28160), Vlan205
P 10.10.10.0/24, 1 successors, FD is 30720, serno 8
        via 10.10.200.18 (30720/28160), Vlan205
P 10.10.20.0/24, 1 successors, FD is 33280, serno 11
        via 10.10.200.18 (33280/30720), Vlan205
P 10.10.30.0/24, 1 successors, FD is 35840, serno 13
        via 10.10.200.18 (35840/33280), Vlan205
P 10.10.40.0/24, 1 successors, FD is 28160, serno 1
        via Connected, Vlan40
P 10.10.50.0/24, 1 successors, FD is 30720, serno 4
        via 10.10.200.13 (30720/28160), Vlan204
P 10.100.200.0/24, 1 successors, FD is 35840, serno 14
        via 10.10.200.18 (35840/33280), Vlan205
P 10.10.200.8/30, 1 successors, FD is 30720, serno 5
        via 10.10.200.13 (30720/28160), Vlan204
P 10.10.200.12/30, 1 successors, FD is 28160, serno 2
        via Connected, Vlan204
         
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status
 
 
P 10.10.200.0/30, 1 successors, FD is 30720, serno 10
        via 10.10.200.18 (30720/28160), Vlan205
P 10.10.200.4/30, 2 successors, FD is 33280, serno 12
        via 10.10.200.13 (33280/30720), Vlan204
        via 10.10.200.18 (33280/30720), Vlan205
P 10.10.200.16/30, 1 successors, FD is 28160, serno 3
        via Connected, Vlan205
 
 
EIGRP Packets debugging is on
    (UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)
sw4#
*Mar  1 00:05:11.667: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:11.667:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:11.827: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:11.827:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
sw4#
*Mar  1 00:05:12.831: EIGRP: Received HELLO on Vlan205 nbr 10.10.200.18
*Mar  1 00:05:12.831:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:13.927: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar  1 00:05:13.931:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:16.199: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:16.199:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:16.423: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:16.423:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
sw4#
*Mar  1 00:05:18.459: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar  1 00:05:18.463:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:21.063: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:21.063:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:21.103: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:21.103:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:21.215: EIGRP: Received HELLO on Vlan205 nbr 10.10.200.18
*Mar  1 00:05:21.215:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:23.387: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar  1 00:05:23.391:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:25.795: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:25.795:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:25.951: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:25.951:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

Open in new window

0
JustInCaseCommented:
Since SW5 has interface VLAN 200 for network 10.100.200.0/24 in its route table  (directly connected interface) it will not accept route received from other routers. And since you are not advertising 10.100.200.0/24 network from SW5 (passive interface default) - network can't be readvertised.

Simple solution configure EIGRP on SW5 to advertise 10.100.200.0/24 network:
router eigrp 1
 network 10.100.200.250 0.0.0.0

It should solve your problem.

but since you stretched VLAN 200 to SW5 it could cause SW2 to use path over SW5 to reach network 10.100.200.0/24 (if defaults are not changed - those paths could look like equal cost paths).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Patrick BogersDatacenter platform engineer LindowsCommented:
Nice to see Some configs, i agree with predrag.
0
leblancAccountingAuthor Commented:
Predrag,

Your suggestion did the trick. So it looks like when I have a SVI, I need to advertise its subnet. Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
EIGRP

From novice to tech pro — start learning today.