Avatar of leblanc
leblanc
 asked on

svi stops eigrp advertisement

I am trying to understand why eigrp is not advertised to sw4 (from sw5) when svi 200 (10.100.200.250) is configured on sw5.
sw3 advertises 10.100.200.0 via eigrp to its nrighbors. When it gets to sw5, it did not advertise to sw4. But when I shutdown int vlan 200 on sw5, sw4 receives the route 10.100.200.0 via sw5. Why?

sw4#sh ip eigrp topo 10.100.200.0/24
IP-EIGRP (AS 1): Topology entry for 10.100.200.0/24
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 33280
  Routing Descriptor Blocks:
  10.10.200.13 (Vlan204), from 10.10.200.13, Send flag is 0x0
Composite metric is (33280/30720), Route is Internal
...

pic
* EIGRPNetworkingNetworking ProtocolsNetwork Analysis

Avatar of undefined
Last Comment
leblanc

8/22/2022 - Mon
Patrick Bogers

Did you add the network to the right router eigrp AS?
When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route correct?
leblanc

ASKER
No. sw4 does not see a route to 10.100.200.0 from sw5 which is the optimal path. Bu t when I shutdown int vlan200 10.100.200.250 on sw5, sw4 sees the route to 10.100.200.0 via sw5.
Patrick Bogers

You dont answer my quastions, Please do so.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
leblanc

ASKER
Did you add the network to the right router eigrp AS? Yes

sw3#sh run | sec eigrp
router eigrp 1
 passive-interface default
 no passive-interface Vlan202
 no passive-interface Vlan203
 network 10.10.30.0 0.0.0.255
 network 10.10.200.4 0.0.0.3
 network 10.10.200.8 0.0.0.3
 network 10.100.200.0 0.0.0.255
 no auto-summary

Open in new window


"When you shut vlan200 on sw5, sw4 is not getting the route as an eigrp route"

SVI 200 not shutdown:
sw4#sh ip ro 10.100.200.0
Routing entry for 10.100.200.0/24
  Known via "eigrp 1", distance 90, metric 35840, type internal
  Redistributing via eigrp 1
  Last update from 10.10.200.18 on Vlan205, 00:00:19 ago
  Routing Descriptor Blocks:
  * 10.10.200.18, from 10.10.200.18, 00:00:19 ago, via Vlan205
      Route metric is 35840, traffic share count is 1
      Total delay is 400 microseconds, minimum bandwidth is 100000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 3

Open in new window


SVI 200 shutdown:
sw4#sh ip ro 10.100.200.0
Routing entry for 10.100.200.0/24
  Known via "eigrp 1", distance 90, metric 33280, type internal
  Redistributing via eigrp 1
  Last update from 10.10.200.13 on Vlan204, 00:00:02 ago
  Routing Descriptor Blocks:
  * 10.10.200.13, from 10.10.200.13, 00:00:02 ago, via Vlan204
      Route metric is 33280, traffic share count is 1
      Total delay is 300 microseconds, minimum bandwidth is 100000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 2

Open in new window

Predrag Jovic

Something is missing in this picture. According to topology:
SVI 200 not shutdown Loading 1/255, Hops 3
SVI 200 shutdown Loading 1/255, Hops 2

But, both paths have 2 hops max. :)

Without knowing configuration details of devices it is impossible to know why one path is preferred to other. To find out why router is taking one path and not the other check EIGRP topology table on SW4.
The only idea without checking configuration details - are maybe some routers have the same EIGRP router-id? That could lead to ignoring hellos between devices.

show ip eigrp topology
IP-EIGRP Topology Table for AS(1)/ID(X.X.X.X)
Predrag Jovic

You can additionally check logs on devices:
show ip eigrp events
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Patrick Bogers

SH run | sec eigrp on switch3? I rather see the output on switch 5 and 4 since the problem looks to be there.
leblanc

ASKER
Sorry. I think I attached the wrong diagram. Here is the correct one. It looks to me that the path to 10.100.200.1 should go to sw5 instead of sw1. But it looks like the SVI 200 on sw5 prevents sw5 to advertise the route learnt (10.100.200.0/24) from sw3 to sw4. I am not sure why.

pic1
Predrag Jovic

Duplicated router-ids can cause such problems to make route advertisement to be dropped.
Also it can be seen that path when int VLAN 200
Known via "eigrp 1", distance 90, metric 35840, type internal
has higher cost than other path
Known via "eigrp 1", distance 90, metric 33280, type internal
Without additional information (configuration details and show command output) we can only guess about reasons.

I am not even sure why you have VLAN 200 and interface for it on sw5. Not sure that I see purpose of that one. :)
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
leblanc

ASKER
They need vlan200 because they run PBR (on sw5) on specific VLANs to force the traffic to go to FW2. SVI 200 10.100.200.250 beloing to the FW2 subnet.
They config is straightforward:

sw4:
sw4#sh run
Building configuration...
 
 
Current configuration : 3594 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZmvR$qKFRkSqC2fvo7o86EyZUl1
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
vtp file nvram:vlan.dat
username cisco secret 5 $1$bLbW$/7lI15919NQke1DXurAUc0
archive
log config
  hidekeys
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
 
 
...
!
interface FastEthernet1/15
switchport access vlan 40
duplex full
speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan40
ip address 10.10.40.1 255.255.255.0
!
interface Vlan204
ip address 10.10.200.14 255.255.255.252
!
interface Vlan205
ip address 10.10.200.17 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan204
no passive-interface Vlan205
network 10.10.40.0 0.0.0.255
network 10.10.200.12 0.0.0.3
network 10.10.200.16 0.0.0.3
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.40.254
!
!
no ip http server
no ip http secure-server
!
banner exec ^C
***************************************************************
This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
 
 
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
 
 
To view existing vlans use the command "show vlan-switch brief"
 
 
Alias(exec)     : vl   - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
--More--                            exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end
 

Open in new window


sw5--------------------------------------------------------------
sh run
Building configuration...
 
 
Current configuration : 4664 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw5
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$v4GY$0l8Jrh/k8HtA9xO8p3UEM/
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
!
spanning-tree vlan 10 priority 4096
spanning-tree vlan 20 priority 4096
spanning-tree vlan 30 priority 4096
spanning-tree vlan 40 priority 4096
spanning-tree vlan 50 priority 4096
spanning-tree vlan 100 priority 4096
spanning-tree vlan 200 priority 4096
vtp file nvram:vlan.dat
username cisco secret 5 $1$uqfW$6X358NUh6i/q3U8zzgpKo.
archive
log config
  hidekeys
ip tcp synwait-time 5
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
!
...
!
interface FastEthernet1/14
switchport access vlan 40
duplex full
speed 100
!
interface FastEthernet1/15
switchport access vlan 40
duplex full
--More--                            speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
ip address 10.10.10.254 255.255.255.0
!
interface Vlan20
ip address 10.10.20.254 255.255.255.0
!
interface Vlan30
ip address 10.10.30.254 255.255.255.0
!
interface Vlan40
ip address 10.10.40.254 255.255.255.0
 ip policy route-map PBR40
!
interface Vlan50
ip address 10.10.50.254 255.255.255.0
!
interface Vlan100
ip address 10.100.100.250 255.255.255.0
!
interface Vlan200
ip address 10.100.200.250 255.255.255.0
!
interface Vlan203
ip address 10.10.200.10 255.255.255.252
!
interface Vlan204
ip address 10.10.200.13 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan203
no passive-interface Vlan204
network 10.10.50.0 0.0.0.255
network 10.10.200.8 0.0.0.3
network 10.10.200.12 0.0.0.3
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.100.100.1
!
no ip http server
no ip http secure-server
!

access-list 40 permit 10.10.40.0 0.0.0.255
!
route-map PBR40 permit 40
 match ip address 40
 set ip default next-hop 10.100.200.1
!
no cdp log mismatch duplex
!
banner exec ^C
 
 
***************************************************************
--More--                           This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
 
 
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
 
 
To view existing vlans use the command "show vlan-switch brief"
 
 
Alias(exec)     : vl   - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
 
 
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
--More--                            exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end

Open in new window


sw3----------------------------------------------------------------------------
sw3#sh run
Building configuration...
 
 
Current configuration : 3619 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname sw3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Xfb3$Jz1bcFR6nnjgRMAAxlWCl1
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
macro name add_vlan
end
vlan database
vlan $v
exit
@
macro name del_vlan
end
vlan database
no vlan $v
exit
@
!
vtp file nvram:vlan.dat
username cisco secret 5 $1$X5uo$XuBo.eNhk9sIw4wo8O7VR0
archive
log config
  hidekeys
!
interface FastEthernet0/0
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
description *** Unused for Layer2 EtherSwitch ***
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/1
switchport mode trunk
duplex full
speed 100
!
interface FastEthernet1/2
switchport access vlan 200
duplex full
speed 100
!
interface FastEthernet1/3
duplex full
speed 100
!
...
!
interface FastEthernet1/15
duplex full
speed 100
!
interface Vlan1
no ip address
shutdown
!
interface Vlan30
ip address 10.10.30.1 255.255.255.0
!
interface Vlan200
ip address 10.100.200.100 255.255.255.0
!
interface Vlan202
ip address 10.10.200.6 255.255.255.252
!
interface Vlan203
ip address 10.10.200.9 255.255.255.252
!
router eigrp 1
passive-interface default
no passive-interface Vlan202
no passive-interface Vlan203
network 10.10.30.0 0.0.0.255
network 10.10.200.4 0.0.0.3
network 10.10.200.8 0.0.0.3
network 10.100.200.0 0.0.0.255
no auto-summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.30.254
!
no ip http server
no ip http secure-server
!
banner exec ^C
***************************************************************
This is a normal Router with a Switch module inside (NM-16ESW)
It has been pre-configured with hard-coded speed and duplex
 
 
To create vlans use the command "vlan database" in exec mode
After creating all desired vlans use "exit" to apply the config
 
 
To view existing vlans use the command "show vlan-switch brief"
 
 
Alias(exec)     : vl   - "show vlan-switch brief" command
Alias(configure): va X - macro to add vlan X
Alias(configure): vd X - macro to delete vlan X
***************************************************************
^C
alias configure va macro global trace add_vlan $v
alias configure vd macro global trace del_vlan $v
alias exec vl show vlan-switch brief
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login local
!
!
end

Open in new window


Debug command---------------------------------------------------------------
sw4#sh ip eigrp topology all-links
IP-EIGRP Topology Table for AS(1)/ID(10.10.200.17)
 
 
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status
 
 
P 10.100.100.0/24, 1 successors, FD is 30720, serno 9
        via 10.10.200.18 (30720/28160), Vlan205
P 10.10.10.0/24, 1 successors, FD is 30720, serno 8
        via 10.10.200.18 (30720/28160), Vlan205
P 10.10.20.0/24, 1 successors, FD is 33280, serno 11
        via 10.10.200.18 (33280/30720), Vlan205
P 10.10.30.0/24, 1 successors, FD is 35840, serno 13
        via 10.10.200.18 (35840/33280), Vlan205
P 10.10.40.0/24, 1 successors, FD is 28160, serno 1
        via Connected, Vlan40
P 10.10.50.0/24, 1 successors, FD is 30720, serno 4
        via 10.10.200.13 (30720/28160), Vlan204
P 10.100.200.0/24, 1 successors, FD is 35840, serno 14
        via 10.10.200.18 (35840/33280), Vlan205
P 10.10.200.8/30, 1 successors, FD is 30720, serno 5
        via 10.10.200.13 (30720/28160), Vlan204
P 10.10.200.12/30, 1 successors, FD is 28160, serno 2
        via Connected, Vlan204
         
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status
 
 
P 10.10.200.0/30, 1 successors, FD is 30720, serno 10
        via 10.10.200.18 (30720/28160), Vlan205
P 10.10.200.4/30, 2 successors, FD is 33280, serno 12
        via 10.10.200.13 (33280/30720), Vlan204
        via 10.10.200.18 (33280/30720), Vlan205
P 10.10.200.16/30, 1 successors, FD is 28160, serno 3
        via Connected, Vlan205
 
 
EIGRP Packets debugging is on
    (UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)
sw4#
*Mar  1 00:05:11.667: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:11.667:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:11.827: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:11.827:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
sw4#
*Mar  1 00:05:12.831: EIGRP: Received HELLO on Vlan205 nbr 10.10.200.18
*Mar  1 00:05:12.831:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:13.927: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar  1 00:05:13.931:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:16.199: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:16.199:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:16.423: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:16.423:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
sw4#
*Mar  1 00:05:18.459: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar  1 00:05:18.463:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:21.063: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:21.063:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:21.103: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:21.103:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:21.215: EIGRP: Received HELLO on Vlan205 nbr 10.10.200.18
*Mar  1 00:05:21.215:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:23.387: EIGRP: Received HELLO on Vlan204 nbr 10.10.200.13
*Mar  1 00:05:23.391:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
sw4#
*Mar  1 00:05:25.795: EIGRP: Sending HELLO on Vlan205
*Mar  1 00:05:25.795:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:05:25.951: EIGRP: Sending HELLO on Vlan204
*Mar  1 00:05:25.951:   AS 1, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0

Open in new window

ASKER CERTIFIED SOLUTION
Predrag Jovic

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Patrick Bogers

Nice to see Some configs, i agree with predrag.
leblanc

ASKER
Predrag,

Your suggestion did the trick. So it looks like when I have a SVI, I need to advertise its subnet. Thanks
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.