leblanc
asked on
svi stops eigrp advertisement
I am trying to understand why eigrp is not advertised to sw4 (from sw5) when svi 200 (10.100.200.250) is configured on sw5.
sw3 advertises 10.100.200.0 via eigrp to its nrighbors. When it gets to sw5, it did not advertise to sw4. But when I shutdown int vlan 200 on sw5, sw4 receives the route 10.100.200.0 via sw5. Why?
sw4#sh ip eigrp topo 10.100.200.0/24
IP-EIGRP (AS 1): Topology entry for 10.100.200.0/24
 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 33280
 Routing Descriptor Blocks:
 10.10.200.13 (Vlan204), from 10.10.200.13, Send flag is 0x0
Composite metric is (33280/30720), Route is Internal
...
sw3 advertises 10.100.200.0 via eigrp to its nrighbors. When it gets to sw5, it did not advertise to sw4. But when I shutdown int vlan 200 on sw5, sw4 receives the route 10.100.200.0 via sw5. Why?
sw4#sh ip eigrp topo 10.100.200.0/24
IP-EIGRP (AS 1): Topology entry for 10.100.200.0/24
 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 33280
 Routing Descriptor Blocks:
 10.10.200.13 (Vlan204), from 10.10.200.13, Send flag is 0x0
Composite metric is (33280/30720), Route is Internal
...
ASKER
No. sw4 does not see a route to 10.100.200.0 from sw5 which is the optimal path. Bu t when I shutdown int vlan200 10.100.200.250 on sw5, sw4 sees the route to 10.100.200.0 via sw5.
You dont answer my quastions, Please do so.
ASKER
Did you add the network to the right router eigrp AS? Yes
"When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route"
SVI 200 not shutdown:
SVI 200 shutdown:
sw3#sh run | sec eigrp
router eigrp 1
passive-interface default
no passive-interface Vlan202
no passive-interface Vlan203
network 10.10.30.0 0.0.0.255
network 10.10.200.4 0.0.0.3
network 10.10.200.8 0.0.0.3
network 10.100.200.0 0.0.0.255
no auto-summary
"When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route"
SVI 200 not shutdown:
sw4#sh ip ro 10.100.200.0
Routing entry for 10.100.200.0/24
Known via "eigrp 1", distance 90, metric 35840, type internal
Redistributing via eigrp 1
Last update from 10.10.200.18 on Vlan205, 00:00:19 ago
Routing Descriptor Blocks:
* 10.10.200.18, from 10.10.200.18, 00:00:19 ago, via Vlan205
Route metric is 35840, traffic share count is 1
Total delay is 400 microseconds, minimum bandwidth is 100000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 3
SVI 200 shutdown:
sw4#sh ip ro 10.100.200.0
Routing entry for 10.100.200.0/24
Known via "eigrp 1", distance 90, metric 33280, type internal
Redistributing via eigrp 1
Last update from 10.10.200.13 on Vlan204, 00:00:02 ago
Routing Descriptor Blocks:
* 10.10.200.13, from 10.10.200.13, 00:00:02 ago, via Vlan204
Route metric is 33280, traffic share count is 1
Total delay is 300 microseconds, minimum bandwidth is 100000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 2
Something is missing in this picture. According to topology:
SVI 200 not shutdown Loading 1/255, Hops 3
SVI 200 shutdown Loading 1/255, Hops 2
But, both paths have 2 hops max. :)
Without knowing configuration details of devices it is impossible to know why one path is preferred to other. To find out why router is taking one path and not the other check EIGRP topology table on SW4.
The only idea without checking configuration details - are maybe some routers have the same EIGRP router-id? That could lead to ignoring hellos between devices.
show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(X.X.X.X)
SVI 200 not shutdown Loading 1/255, Hops 3
SVI 200 shutdown Loading 1/255, Hops 2
But, both paths have 2 hops max. :)
Without knowing configuration details of devices it is impossible to know why one path is preferred to other. To find out why router is taking one path and not the other check EIGRP topology table on SW4.
The only idea without checking configuration details - are maybe some routers have the same EIGRP router-id? That could lead to ignoring hellos between devices.
show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(X.X.X.X)
You can additionally check logs on devices:
show ip eigrp events
show ip eigrp events
SH run | sec eigrp on switch3? I rather see the output on switch 5 and 4 since the problem looks to be there.
ASKER
Duplicated router-ids can cause such problems to make route advertisement to be dropped.
Also it can be seen that path when int VLAN 200
I am not even sure why you have VLAN 200 and interface for it on sw5. Not sure that I see purpose of that one. :)
Also it can be seen that path when int VLAN 200
Known via "eigrp 1", distance 90, metric 35840, type internalhas higher cost than other path
Known via "eigrp 1", distance 90, metric 33280, type internalWithout additional information (configuration details and show command output) we can only guess about reasons.
I am not even sure why you have VLAN 200 and interface for it on sw5. Not sure that I see purpose of that one. :)
ASKER
They need vlan200 because they run PBR (on sw5) on specific VLANs to force the traffic to go to FW2. SVI 200 10.100.200.250 beloing to the FW2 subnet.
They config is straightforward:
sw4:
sw5----------------------- ---------- ---------- ---------- ---------
sw3----------------------- ---------- ---------- ---------- ---------- ---------- ---
Debug command------------------- ---------- ---------- ---------- ---------- ----
They config is straightforward:
sw4:
sw4#sh run
Building configuration...
Current configuration : 3594 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZmvR$qKFRkSqC2fvo7o86EyZUl1
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
vtp file nvram:vlan.dat
username cisco secret 5 $1$bLbW$/7lI15919NQke1DXurAUc0
archive
log config
hidekeys
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
...
!
interface FastEthernet1/15
switchport access vlan 40
duplex full
speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan40
ip address 10.10.40.1 255.255.255.0
!
interface Vlan204
ip address 10.10.200.14 255.255.255.252
!
interface Vlan205
ip address 10.10.200.17 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan204
no passive-interface Vlan205
network 10.10.40.0 0.0.0.255
network 10.10.200.12 0.0.0.3
network 10.10.200.16 0.0.0.3
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.40.254
!
!
no ip http server
no ip http secure-server
!
banner exec ^C
***************************************************************
This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
To view existing vlans use the command "show vlan-switch brief"
Alias(exec) : vl - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
--More-- exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end
sw5-----------------------
sh run
Building configuration...
Current configuration : 4664 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw5
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$v4GY$0l8Jrh/k8HtA9xO8p3UEM/
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 20 priority 4096
spanning-tree vlan 30 priority 4096
spanning-tree vlan 40 priority 4096
spanning-tree vlan 50 priority 4096
spanning-tree vlan 100 priority 4096
spanning-tree vlan 200 priority 4096
vtp file nvram:vlan.dat
username cisco secret 5 $1$uqfW$6X358NUh6i/q3U8zzgpKo.
archive
log config
hidekeys
ip tcp synwait-time 5
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
!
...
!
interface FastEthernet1/14
switchport access vlan 40
duplex full
speed 100
!
interface FastEthernet1/15
switchport access vlan 40
duplex full
--More-- speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.10.10.254 255.255.255.0
!
interface Vlan20
ip address 10.10.20.254 255.255.255.0
!
interface Vlan30
ip address 10.10.30.254 255.255.255.0
!
interface Vlan40
ip address 10.10.40.254 255.255.255.0
ip policy route-map PBR40
!
interface Vlan50
ip address 10.10.50.254 255.255.255.0
!
interface Vlan100
ip address 10.100.100.250 255.255.255.0
!
interface Vlan200
ip address 10.100.200.250 255.255.255.0
!
interface Vlan203
ip address 10.10.200.10 255.255.255.252
!
interface Vlan204
ip address 10.10.200.13 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan203
no passive-interface Vlan204
network 10.10.50.0 0.0.0.255
network 10.10.200.8 0.0.0.3
network 10.10.200.12 0.0.0.3
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.100.100.1
!
no ip http server
no ip http secure-server
!
access-list 40 permit 10.10.40.0 0.0.0.255
!
route-map PBR40 permit 40
match ip address 40
set ip default next-hop 10.100.200.1
!
no cdp log mismatch duplex
!
banner exec ^C
***************************************************************
--More-- This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
To view existing vlans use the command "show vlan-switch brief"
Alias(exec) : vl - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
--More-- exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end
sw3-----------------------
sw3#sh run
Building configuration...
Current configuration : 3619 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Xfb3$Jz1bcFR6nnjgRMAAxlWCl1
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
vtp file nvram:vlan.dat
username cisco secret 5 $1$X5uo$XuBo.eNhk9sIw4wo8O7VR0
archive
log config
hidekeys
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
switchport access vlan 200
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
!
...
!
interface FastEthernet1/15
duplex full
speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.10.30.1 255.255.255.0
!
interface Vlan200
ip address 10.100.200.100 255.255.255.0
!
interface Vlan202
ip address 10.10.200.6 255.255.255.252
!
interface Vlan203
ip address 10.10.200.9 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan202
no passive-interface Vlan203
network 10.10.30.0 0.0.0.255
network 10.10.200.4 0.0.0.3
network 10.10.200.8 0.0.0.3
network 10.100.200.0 0.0.0.255
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.30.254
!
no ip http server
no ip http secure-server
!
banner exec ^C
***************************************************************
This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
To view existing vlans use the command "show vlan-switch brief"
Alias(exec) : vl - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end
Debug command-------------------
sw4#sh ip eigrp topology all-links
IP-EIGRP Topology Table for AS(1)/ID(10.10.200.17)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 10.100.100.0/24, 1 successors, FD is 30720, serno 9
via 10.10.200.18 (30720/28160), Vlan205
P 10.10.10.0/24, 1 successors, FD is 30720, serno 8
via 10.10.200.18 (30720/28160), Vlan205
P 10.10.20.0/24, 1 successors, FD is 33280, serno 11
via 10.10.200.18 (33280/30720), Vlan205
P 10.10.30.0/24, 1 successors, FD is 35840, serno 13
via 10.10.200.18 (35840/33280), Vlan205
P 10.10.40.0/24, 1 successors, FD is 28160, serno 1
via Connected, Vlan40
P 10.10.50.0/24, 1 successors, FD is 30720, serno 4
via 10.10.200.13 (30720/28160), Vlan204
P 10.100.200.0/24, 1 successors, FD is 35840, serno 14
via 10.10.200.18 (35840/33280), Vlan205
P 10.10.200.8/30, 1 successors, FD is 30720, serno 5
via 10.10.200.13 (30720/28160), Vlan204
P 10.10.200.12/30, 1 successors, FD is 28160, serno 2
via Connected, Vlan204
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 10.10.200.0/30, 1 successors, FD is 30720, serno 10
via 10.10.200.18 (30720/28160), Vlan205
P 10.10.200.4/30, 2 successors, FD is 33280, serno 12
via 10.10.200.13 (33280/30720), Vlan204
via 10.10.200.18 (33280/30720), Vlan205
P 10.10.200.16/30, 1 successors, FD is 28160, serno 3
via Connected, Vlan205
EIGRP Packets debugging is on
(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)
sw4#
*Mar 1 00:05:11.667: EIGRP: Sending HELLO on Vlan205
*Mar 1 00:05:11.667: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 00:05:11.827: EIGRP: Sending HELLO on Vlan204
*Mar 1 00:05:11.827: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
sw4#
*Mar 1 00:05:12.831: EIGRP: Received HELLO on Vlan205 nbr 10.10.200.18
*Mar 1 00:05:12.831: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar 1 00:05:13.927: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar 1 00:05:13.931: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar 1 00:05:16.199: EIGRP: Sending HELLO on Vlan205
*Mar 1 00:05:16.199: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 00:05:16.423: EIGRP: Sending HELLO on Vlan204
*Mar 1 00:05:16.423: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
sw4#
*Mar 1 00:05:18.459: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar 1 00:05:18.463: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar 1 00:05:21.063: EIGRP: Sending HELLO on Vlan204
*Mar 1 00:05:21.063: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 00:05:21.103: EIGRP: Sending HELLO on Vlan205
*Mar 1 00:05:21.103: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 00:05:21.215: EIGRP: Received HELLO on Vlan205 nbr 10.10.200.18
*Mar 1 00:05:21.215: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar 1 00:05:23.387: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar 1 00:05:23.391: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar 1 00:05:25.795: EIGRP: Sending HELLO on Vlan205
*Mar 1 00:05:25.795: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 00:05:25.951: EIGRP: Sending HELLO on Vlan204
*Mar 1 00:05:25.951: AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Nice to see Some configs, i agree with predrag.
ASKER
Predrag,
Your suggestion did the trick. So it looks like when I have a SVI, I need to advertise its subnet. Thanks
Your suggestion did the trick. So it looks like when I have a SVI, I need to advertise its subnet. Thanks
When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route correct?