We help IT Professionals succeed at work.

EIGRP: Will a backup route arrive in the event of primary path out failure?

I'm in a new gig and I want to understand what happens if a site's Internet link goes down what takes over for their default route.
The routing protocol is EIGRP.

{DATA CENTER}-----WAN EIGRP-----{OFFICE}-----LAN EIGRP----[Cisco ASA]-----{INTERWEBS}

So the switches in the OFFICE are learning their path to the Internet from the Cisco ASA which advertises
a default route inward via EIGRP. The ASA learned it has the default via OSPF from an edge router
outside of it. My guess is that the DATA CENER's default route would propagate over the WAN to
the OFFICE in the event the Cisco ASA stopped advertising the default route inward.

How could I find out the behavior of the lost default route without causing an outage?

Thank you.
Comment
Watch Question

Don JohnstonInstructor
Top Expert 2015

Commented:
Why is the data center advertising a default route?  Does it have it's own internet connection?
amigan_99Network Engineer

Author

Commented:
Yes the data center has its own Internet feed and ASA which advertises a default route inside via EIGRP. So the L3 switch there has a default route to the Internet and that switch has a WAN connection to the office. I want to know if that will propagate to the office in the event that the office loses its default route.
Hemil AquinoNetwork Security Engineer
Distinguished Expert 2018

Commented:
So the switches in the OFFICE are learning their path to the Internet from the Cisco ASA which advertises
a default route inward via EIGRP

That means the switch is acting as a core using the ASA default route.

The ASA learned it has the default via OSPF from an edge router
outside of it.

That means aside of your firewall you have another router sending default route via OSPF to go to the internet.


My guess is that the DATA CENER's default route would propagate over the WAN to
the OFFICE in the event the Cisco ASA stopped advertising the default route inward.

I'm confused about this part, why are you advertising your default route via WAN link?
Are you using VPN, DMVPN? any MPLS? please explain.. so I can help you more
amigan_99Network Engineer

Author

Commented:
The data center core has a default route to the Internet it learns from another ASA there. There an L2 WAN link from the office to the data center.
Hemil AquinoNetwork Security Engineer
Distinguished Expert 2018

Commented:
You cant propagate the default route by using L2 WAN link.
L2 is only used to forward frames and define VLANs. Can you share a diagram so we can visualize your setup?

Still hard for me to give you a concrete answer by guessing.
Don JohnstonInstructor
Top Expert 2015

Commented:
Yeah.  Complete, accurate information is needed to answer a question.

What kind of link is this "WAN" connection from the DC to the office?

But if both the DC and the ASA are advertising a default route via EIGRP, then the office is going to prefer the route with the lowest cost. Sounds like the one from the ASA and not the DC.   If the ASA stops advertising that default route, then the office will use the DC default route.

"show ip eigrp topology" should show you the information you're looking for.
amigan_99Network Engineer

Author

Commented:
show ip eigrp topology is great. Ok so with that I spot
two default routes - one with a better feasible distance
than the other. Although it's not clear to me where the
default with 51200 FD is coming from. I'd presume the
DC but it's not saying "via x.x.x.x) to know what that is.
Thoughts?.

P 0.0.0.0/0, 1 successors, FD is 26112
        via 192.168.10.1 (26112/25856), Vlan100

P 0.0.0.0/0, 1 successors, FD is 51200
        via Redistributed (51200/0)
amigan_99Network Engineer

Author

Commented:
Oh I think I've spotted it with..

sho ip eigrp to 0.0.0.0/0

That shows the AS, originating router etc.
Don JohnstonInstructor
Top Expert 2015

Commented:
Yes.  "show ip eigrp topology 0.0.0.0/0" will give you more information on the default route.
atlas_shudderedSr. Network Engineer
Commented:

Your next question is in the config snip you shared amigan - where are you getting the redistributed route from.  Run these commands on that router and show output:


show ip eigrp topology 0.0.0.0/0

show ip route prefix   0.0.0.0/0

Don JohnstonInstructor
Top Expert 2015

Commented:
Your next question is in the config snip you shared amigan - where are you getting the redistributed route from.

That information was provided in the authors second post.

The data center core has a default route to the Internet it learns from another ASA there.
Network Security Engineer
Distinguished Expert 2018
Commented:
how ip eigrp topology is great. Ok so with that I spot
two default routes - one with a better feasible distance
than the other. Although it's not clear to me where the
default with 51200 FD is coming from. I'd presume the
DC but it's not saying "via x.x.x.x) to know what that is.
Thoughts?.

Again, regardless of all the information been given to you, you need to explain your whole set-up using some type of diagram to understand your problem. Writing is not always enough.

P 0.0.0.0/0, 1 successors, FD is 26112
        via 192.168.10.1 (26112/25856), Vlan100 -
-
What you are saying is, IF any traffic is trying to leave my switch, send it over to SVI vlan100 (192.168.10.1) which is your firewall Default gateway. - if you used the command "show IP eigrp" that means you executed the command on the Switch itself and no on the firewall.
 

P 0.0.0.0/0, 1 successors, FD is 51200
        via Redistributed (51200/0) -- This guy here is a distribution from your ASA to your switch, I'm guessing you have a route map at some point and you might not know that.

Again, I don't like guessing, things may vary depending on your configuration. Your information is poor and it does not help us.
You need to tell us your environment such as

1- Do you have a redundant core
2- Do you have a redundant firewall
3- What kind of WAn connection do you have, are you using MPLS, P2P, etc.
4- Any diagram.

Show ip route is always your best friend and my fav of all.
Show ip eigrp is another good command to identify the issue, but also you need to know the topology of its database.

Cheers,
amigan_99Network Engineer

Author

Commented:
In the end the answer I think is no. The Default route in the DC is learned by core via EIGRP AS 100. And in Office the core learns the default via EIGRP AS 100. The link between DC and Office is participates in another AS 1000 and that's only learning each side's private address space.

I could put in a floating static route with a worse metric in Office so that if the default goes away it forwards traffic to the DC.

Thanks all.
amigan_99Network Engineer

Author

Commented:
Thanks all.