Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > eigrp issue

Reply
Thread Tools

eigrp issue

 
 
nini
Guest
Posts: n/a
 
      10-23-2008
hi,

we have a 2 layers network with 6 backbone multilayer switches 6500
(at the distribution layer).
there are two internet lines. from different routers.
As we decided to share the load, we (rouglhy) implemented like this

on 6500-router-1.

ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

on 6500-Router-2 :

ip static routes to 2nd.internet.line.router
# so according to destination network the traffic goes to one or
another router

ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

I think this last command would give me failover in case 1st default
route would go down. but in practice it was not.

in my test, I shutdown 6500-router-1, but there were no defaut route
any longer..
i could not go to interent, except static route of course.

I checked in the eigrp guide, but i couldn't find easy implementation.
what could be the solution if

we dont want to load balance.
the two line are on different routers, I mean there are no common
enterprise edge block..
the goal is to have a backup route.


thank you
 
Reply With Quote
 
 
 
 
Trendkill
Guest
Posts: n/a
 
      10-23-2008
On Oct 23, 3:37*am, nini <(E-Mail Removed)> wrote:
> hi,
>
> we have a 2 layers network with 6 backbone multilayer switches 6500
> (at the distribution layer).
> there are two internet lines. from different routers.
> As we decided to share the load, we (rouglhy) implemented like this
>
> on 6500-router-1.
>
> ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1
>
> on 6500-Router-2 :
>
> ip static routes to 2nd.internet.line.router
> # so according to destination network the traffic goes to one or
> another router
>
> ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1
>
> I think this last command would give me failover in case 1st default
> route would go down. but in practice it was not.
>
> in my test, I shutdown 6500-router-1, but there were no defaut route
> any longer..
> i could not go to interent, except static route of course.
>
> I checked in the eigrp guide, but i couldn't find easy implementation.
> what could be the solution if
>
> we dont want to load balance.
> the two line are on different routers, I mean there are no common
> enterprise edge block..
> the goal is to have a backup route.
>
> thank you


What was your eigrp config on each?
 
Reply With Quote
 
 
 
 
nini
Guest
Posts: n/a
 
      10-23-2008
the 1st router i shut down had the following.

#just the default route
ip route 0.0.0.0 0.0.0.0 its_gateway tag 1

router eigrp 1
traffic-share min across-interfaces
redistribute static route-map static-into-eigrp1
passive-interface default
no passive-interface GigabitEthernet1/1
no passive-interface GigabitEthernet1/2
no passive-interface GigabitEthernet3/16
no passive-interface Port-channel41
...network commands...
no auto-summary
eigrp router-id 10.0.1.3
eigrp log-neighbor-changes

the second which was suppose to failover the default route has the
following

ip route 0.0.0.0 0.0.0.0 its_gateway 255 tag 1
ip static route to its_gateway

router eigrp 1
traffic-share min across-interfaces
redistribute static route-map static-into-eigrp1
passive-interface default
no passive-interface GigabitEthernet1/1
no passive-interface GigabitEthernet1/2
no passive-interface GigabitEthernet6/16
no passive-interface Port-channel173
...network command...
auto-summary
eigrp log-neighbor-changes

thanks
 
Reply With Quote
 
nini
Guest
Posts: n/a
 
      10-23-2008
the 1st router i shut down had the following.

#just the default route
ip route 0.0.0.0 0.0.0.0 its_gateway tag 1

router eigrp 1
traffic-share min across-interfaces
redistribute static route-map static-into-eigrp1
passive-interface default
no passive-interface GigabitEthernet1/1
no passive-interface GigabitEthernet1/2
no passive-interface GigabitEthernet3/16
no passive-interface Port-channel41
...network commands...
no auto-summary
eigrp router-id 10.0.1.3
eigrp log-neighbor-changes

the second which was suppose to failover the default route has the
following

ip route 0.0.0.0 0.0.0.0 its_gateway 255 tag 1
ip static route to its_gateway

router eigrp 1
traffic-share min across-interfaces
redistribute static route-map static-into-eigrp1
passive-interface default
no passive-interface GigabitEthernet1/1
no passive-interface GigabitEthernet1/2
no passive-interface GigabitEthernet6/16
no passive-interface Port-channel173
...network command...
auto-summary
eigrp log-neighbor-changes

thanks
 
Reply With Quote
 
fugettaboutit
Guest
Posts: n/a
 
      10-23-2008
nini wrote:
> hi,
>
> we have a 2 layers network with 6 backbone multilayer switches 6500
> (at the distribution layer).
> there are two internet lines. from different routers.
> As we decided to share the load, we (rouglhy) implemented like this
>
> on 6500-router-1.
>
> ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1
>
> on 6500-Router-2 :
>
> ip static routes to 2nd.internet.line.router
> # so according to destination network the traffic goes to one or
> another router
>
> ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1
>
> I think this last command would give me failover in case 1st default
> route would go down. but in practice it was not.
>
> in my test, I shutdown 6500-router-1, but there were no defaut route
> any longer..
> i could not go to interent, except static route of course.
>
> I checked in the eigrp guide, but i couldn't find easy implementation.
> what could be the solution if
>
> we dont want to load balance.
> the two line are on different routers, I mean there are no common
> enterprise edge block..
> the goal is to have a backup route.
>
>
> thank you


I *think* I have an idea of what you're doing, but more info would be
helpful. I'll make a couple of assumptions and scenarios...

First, I assume you're multihomed? If so, and a 100,000 foot level, your
two routers have an iBGP session between them with an IGP providing the
routes for the peering. I assume that you're taking default routes from
the providers. You could set an inbound BGP route preference for a
provider and set up EIGRP peering to your Cats. Advertise a default
network from your border routers (EIGRP) to the Cats.

Second, if not multihomed (no BGP), do something similar to above. Setup
EIGRP peering between the border routers and the Cats. Advertise a
default network from both border routers. You can tweak the metrics on
the border routers if you prefer one provider.

Third, implement HSRP/GLBP and point your default gateway to the virtual
address that is shared between the two border routers.

I'm kinda throwing stuff out there to see what sticks. I'm wondering
about your perimeter are firewalls and such in the mix? I'd love to hear
more about these two providers, and how your network is viewed by the
public Internet. Anyway, these are musings from a guy with limited
knowledge.
 
Reply With Quote
 
nini
Guest
Posts: n/a
 
      10-23-2008
On 23 oct, 15:28, fugettaboutit <(E-Mail Removed)> wrote:
> nini wrote:
> > hi,

>
> > we have a 2 layers network with 6 backbone multilayer switches 6500
> > (at the distribution layer).
> > there are two internet lines. from different routers.
> > As we decided to share the load, we (rouglhy) implemented like this

>
> > on 6500-router-1.

>
> > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

>
> > on 6500-Router-2 :

>
> > ip static routes to 2nd.internet.line.router
> > # so according to destination network the traffic goes to one or
> > another router

>
> > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

>
> > I think this last command would give me failover in case 1st default
> > route would go down. but in practice it was not.

>
> > in my test, I shutdown 6500-router-1, but there were no defaut route
> > any longer..
> > i could not go to interent, except static route of course.

>
> > I checked in the eigrp guide, but i couldn't find easy implementation.
> > what could be the solution if

>
> > we dont want to load balance.
> > the two line are on different routers, I mean there are no common
> > enterprise edge block..
> > the goal is to have a backup route.

>
> > thank you

>
> I *think* I have an idea of what you're doing, but more info would be
> helpful. I'll make a couple of assumptions and scenarios...
>
> First, I assume you're multihomed? If so, and a 100,000 foot level, your
> two routers have an iBGP session between them with an IGP providing the
> routes for the peering. I assume that you're taking default routes from
> the providers. You could set an inbound *BGP route preference for a
> provider and set up EIGRP peering to your Cats. Advertise a default
> network from your border routers (EIGRP) to the Cats.
>
> Second, if not multihomed (no BGP), do something similar to above. Setup
> EIGRP peering between the border routers and the Cats. Advertise a
> default network from both border routers. You can tweak the metrics on
> the border routers if you prefer one provider.
>
> Third, implement HSRP/GLBP and point your default gateway to the virtual
> address that is shared between the two border routers.
>
> I'm kinda throwing stuff out there to see what sticks. I'm wondering
> about your perimeter are firewalls and such in the mix? I'd love to hear
> more about these two providers, and how your network is viewed by the
> public Internet. Anyway, these are musings from a guy with limited
> knowledge. - Masquer le texte des messages précédents -
>
> - Afficher le texte des messages précédents -


it is nothing about all this.

we have 6 core routers which forms our network.
one of them is connected to the internet, it points to one nokia
checkpoint firewall, which is connected to an isp
another core routers in another building, 5km away, has a connection
to another checkpoint firewall, which is connected to the same isp.
The external interfaces of both firewall (isp side) are probably in
the same segment and probaly can play bith bgp. but we are not awre of
this.
but, in our lan they are on different segment, one is 10.2.1.0/24,
the other 10.1.3.0/24.
hsrp cannot play here. because, as i mentionned, there are no
enterpise edge block, no layer 2 in our core network.
so the defaut route point to 10.2.1.200
some large internet segment are routed trough 10.1.3.200.

I dont understand why, when the checkpoint, or the core routers of the
1st internet line goes down, there are no takeover.

I tought that eigrp could deal with such scenario, which is not
unusual. but i ve not yet found any doc introducing backup features..

 
Reply With Quote
 
nini
Guest
Posts: n/a
 
      10-23-2008
On 23 oct, 15:28, fugettaboutit <(E-Mail Removed)> wrote:
> nini wrote:
> > hi,

>
> > we have a 2 layers network with 6 backbone multilayer switches 6500
> > (at the distribution layer).
> > there are two internet lines. from different routers.
> > As we decided to share the load, we (rouglhy) implemented like this

>
> > on 6500-router-1.

>
> > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

>
> > on 6500-Router-2 :

>
> > ip static routes to 2nd.internet.line.router
> > # so according to destination network the traffic goes to one or
> > another router

>
> > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

>
> > I think this last command would give me failover in case 1st default
> > route would go down. but in practice it was not.

>
> > in my test, I shutdown 6500-router-1, but there were no defaut route
> > any longer..
> > i could not go to interent, except static route of course.

>
> > I checked in the eigrp guide, but i couldn't find easy implementation.
> > what could be the solution if

>
> > we dont want to load balance.
> > the two line are on different routers, I mean there are no common
> > enterprise edge block..
> > the goal is to have a backup route.

>
> > thank you

>
> I *think* I have an idea of what you're doing, but more info would be
> helpful. I'll make a couple of assumptions and scenarios...
>
> First, I assume you're multihomed? If so, and a 100,000 foot level, your
> two routers have an iBGP session between them with an IGP providing the
> routes for the peering. I assume that you're taking default routes from
> the providers. You could set an inbound *BGP route preference for a
> provider and set up EIGRP peering to your Cats. Advertise a default
> network from your border routers (EIGRP) to the Cats.
>
> Second, if not multihomed (no BGP), do something similar to above. Setup
> EIGRP peering between the border routers and the Cats. Advertise a
> default network from both border routers. You can tweak the metrics on
> the border routers if you prefer one provider.
>
> Third, implement HSRP/GLBP and point your default gateway to the virtual
> address that is shared between the two border routers.
>
> I'm kinda throwing stuff out there to see what sticks. I'm wondering
> about your perimeter are firewalls and such in the mix? I'd love to hear
> more about these two providers, and how your network is viewed by the
> public Internet. Anyway, these are musings from a guy with limited
> knowledge. - Masquer le texte des messages précédents -
>
> - Afficher le texte des messages précédents -


it is nothing about all this.

we have 6 core routers which forms our network.
one of them is connected to the internet, it points to one nokia
checkpoint firewall, which is connected to an isp
another core routers in another building, 5km away, has a connection
to another checkpoint firewall, which is connected to the same isp.
The external interfaces of both firewall (isp side) are probably in
the same segment and probaly can play bith bgp. but we are not awre of
this.
but, in our lan they are on different segment, one is 10.2.1.0/24,
the other 10.1.3.0/24.
hsrp cannot play here. because, as i mentionned, there are no
enterpise edge block, no layer 2 in our core network.
so the defaut route point to 10.2.1.200
some large internet segment are routed trough 10.1.3.200.

I dont understand why, when the checkpoint, or the core routers of the
1st internet line goes down, there are no takeover.

I tought that eigrp could deal with such scenario, which is not
unusual. but i ve not yet found any doc introducing backup features..

 
Reply With Quote
 
Trendkill
Guest
Posts: n/a
 
      10-23-2008
On Oct 23, 10:09*am, nini <(E-Mail Removed)> wrote:
> On 23 oct, 15:28, fugettaboutit <(E-Mail Removed)> wrote:
>
>
>
> > nini wrote:
> > > hi,

>
> > > we have a 2 layers network with 6 backbone multilayer switches 6500
> > > (at the distribution layer).
> > > there are two internet lines. from different routers.
> > > As we decided to share the load, we (rouglhy) implemented like this

>
> > > on 6500-router-1.

>
> > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

>
> > > on 6500-Router-2 :

>
> > > ip static routes to 2nd.internet.line.router
> > > # so according to destination network the traffic goes to one or
> > > another router

>
> > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

>
> > > I think this last command would give me failover in case 1st default
> > > route would go down. but in practice it was not.

>
> > > in my test, I shutdown 6500-router-1, but there were no defaut route
> > > any longer..
> > > i could not go to interent, except static route of course.

>
> > > I checked in the eigrp guide, but i couldn't find easy implementation..
> > > what could be the solution if

>
> > > we dont want to load balance.
> > > the two line are on different routers, I mean there are no common
> > > enterprise edge block..
> > > the goal is to have a backup route.

>
> > > thank you

>
> > I *think* I have an idea of what you're doing, but more info would be
> > helpful. I'll make a couple of assumptions and scenarios...

>
> > First, I assume you're multihomed? If so, and a 100,000 foot level, your
> > two routers have an iBGP session between them with an IGP providing the
> > routes for the peering. I assume that you're taking default routes from
> > the providers. You could set an inbound *BGP route preference for a
> > provider and set up EIGRP peering to your Cats. Advertise a default
> > network from your border routers (EIGRP) to the Cats.

>
> > Second, if not multihomed (no BGP), do something similar to above. Setup
> > EIGRP peering between the border routers and the Cats. Advertise a
> > default network from both border routers. You can tweak the metrics on
> > the border routers if you prefer one provider.

>
> > Third, implement HSRP/GLBP and point your default gateway to the virtual
> > address that is shared between the two border routers.

>
> > I'm kinda throwing stuff out there to see what sticks. I'm wondering
> > about your perimeter are firewalls and such in the mix? I'd love to hear
> > more about these two providers, and how your network is viewed by the
> > public Internet. Anyway, these are musings from a guy with limited
> > knowledge. - Masquer le texte des messages précédents -

>
> > - Afficher le texte des messages précédents -

>
> it is nothing about all this.
>
> we have 6 core routers which forms our network.
> one of them is connected to the internet, it points to one nokia
> checkpoint firewall, which is connected to an isp
> another core routers in another building, 5km away, has a connection
> to another checkpoint firewall, which is connected to the same isp.
> The external interfaces of both firewall (isp side) are probably in
> the same segment and probaly can play bith bgp. but we are not awre of
> this.
> but, in our lan *they are on different segment, one is 10.2.1.0/24,
> the other 10.1.3.0/24.
> hsrp cannot play here. because, as i mentionned, there are no
> enterpise edge block, no layer 2 in our core network.
> so the defaut route point to 10.2.1.200
> some large internet segment are routed trough 10.1.3.200.
>
> I dont understand why, when the checkpoint, or the core routers of the
> 1st internet line goes down, there are no takeover.
>
> I tought that eigrp could deal with such scenario, which is not
> unusual. but i ve not yet found any doc introducing backup features..


So when it drops (the internet router), the 0.0.0.0 route to that hop
will not clear out of the table unless the core that has the static
route drops. Are you saying that core drops, and the route stays?
What does show ip route 0.0.0.0 show on the other cores when that core
goes down? By going down, do you mean the router is fully down, or
just the link to the internet, which would not do anything since the
static route is still in?

Overall, I would recommend doing a default route with tracking which
pings the upstream internet router, or even next hop beyond that. If
that ping fails, the route will disappear from the routing table.
Also, what does your route map do?

All in all, if you turn up a routing protocol between the internet
router and the core, redistribute it into EIGRP, then if that
connection goes down, the route goes away. At that point, and having
the second internet connection configured in the same way, it would
failover. I would also just let 0.0.0.0 in from the internet router
and not the whole internet routing table.
 
Reply With Quote
 
nini
Guest
Posts: n/a
 
      10-24-2008
On 23 oct, 21:10, Trendkill <(E-Mail Removed)> wrote:
> On Oct 23, 10:09*am, nini <(E-Mail Removed)> wrote:
>
>
>
>
>
> > On 23 oct, 15:28, fugettaboutit <(E-Mail Removed)> wrote:

>
> > > nini wrote:
> > > > hi,

>
> > > > we have a 2 layers network with 6 backbone multilayer switches 6500
> > > > (at the distribution layer).
> > > > there are two internet lines. from different routers.
> > > > As we decided to share the load, we (rouglhy) implemented like this

>
> > > > on 6500-router-1.

>
> > > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

>
> > > > on 6500-Router-2 :

>
> > > > ip static routes to 2nd.internet.line.router
> > > > # so according to destination network the traffic goes to one or
> > > > another router

>
> > > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

>
> > > > I think this last command would give me failover in case 1st default
> > > > route would go down. but in practice it was not.

>
> > > > in my test, I shutdown 6500-router-1, but there were no defaut route
> > > > any longer..
> > > > i could not go to interent, except static route of course.

>
> > > > I checked in the eigrp guide, but i couldn't find easy implementation.
> > > > what could be the solution if

>
> > > > we dont want to load balance.
> > > > the two line are on different routers, I mean there are no common
> > > > enterprise edge block..
> > > > the goal is to have a backup route.

>
> > > > thank you

>
> > > I *think* I have an idea of what you're doing, but more info would be
> > > helpful. I'll make a couple of assumptions and scenarios...

>
> > > First, I assume you're multihomed? If so, and a 100,000 foot level, your
> > > two routers have an iBGP session between them with an IGP providing the
> > > routes for the peering. I assume that you're taking default routes from
> > > the providers. You could set an inbound *BGP route preference for a
> > > provider and set up EIGRP peering to your Cats. Advertise a default
> > > network from your border routers (EIGRP) to the Cats.

>
> > > Second, if not multihomed (no BGP), do something similar to above. Setup
> > > EIGRP peering between the border routers and the Cats. Advertise a
> > > default network from both border routers. You can tweak the metrics on
> > > the border routers if you prefer one provider.

>
> > > Third, implement HSRP/GLBP and point your default gateway to the virtual
> > > address that is shared between the two border routers.

>
> > > I'm kinda throwing stuff out there to see what sticks. I'm wondering
> > > about your perimeter are firewalls and such in the mix? I'd love to hear
> > > more about these two providers, and how your network is viewed by the
> > > public Internet. Anyway, these are musings from a guy with limited
> > > knowledge. - Masquer le texte des messages précédents -

>
> > > - Afficher le texte des messages précédents -

>
> > it is nothing about all this.

>
> > we have 6 core routers which forms our network.
> > one of them is connected to the internet, it points to one nokia
> > checkpoint firewall, which is connected to an isp
> > another core routers in another building, 5km away, has a connection
> > to another checkpoint firewall, which is connected to the same isp.
> > The external interfaces of both firewall (isp side) are probably in
> > the same segment and probaly can play bith bgp. but we are not awre of
> > this.
> > but, in our lan *they are on different segment, one is 10.2.1.0/24,
> > the other 10.1.3.0/24.
> > hsrp cannot play here. because, as i mentionned, there are no
> > enterpise edge block, no layer 2 in our core network.
> > so the defaut route point to 10.2.1.200
> > some large internet segment are routed trough 10.1.3.200.

>
> > I dont understand why, when the checkpoint, or the core routers of the
> > 1st internet line goes down, there are no takeover.

>
> > I tought that eigrp could deal with such scenario, which is not
> > unusual. but i ve not yet found any doc introducing backup features..

>
> So when it drops (the internet router), the 0.0.0.0 route to that hop
> will not clear out of the table unless the core that has the static
> route drops. *Are you saying that core drops, and the route stays?
> What does show ip route 0.0.0.0 show on the other cores when that core
> goes down? *By going down, do you mean the router is fully down, or
> just the link to the internet, which would not do anything since the
> static route is still in?
>
> Overall, I would recommend doing a default route with tracking which
> pings the upstream internet router, or even next hop beyond that. *If
> that ping fails, the route will disappear from the routing table.
> Also, what does your route map do?
>
> All in all, if you turn up a routing protocol between the internet
> router and the core, redistribute it into EIGRP, then if that
> connection goes down, the route goes away. *At that point, and having
> the second internet connection configured in the same way, it would
> failover. *I would also just let 0.0.0.0 in from the internet router
> and not the whole internet routing table.- Masquer le texte des messages précédents -
>
> - Afficher le texte des messages précédents -


I understand that if the checkpoint firewall fail, the route is not
automatically updated.
but in my case, it is the core router who fails
there are no route map, nothing.

in the "backup" core, I changed the following line

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 255 tag 1

to

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 171 tag 1

now it failover, but doenst failback..
 
Reply With Quote
 
nini
Guest
Posts: n/a
 
      10-24-2008
On 23 oct, 21:10, Trendkill <(E-Mail Removed)> wrote:
> On Oct 23, 10:09*am, nini <(E-Mail Removed)> wrote:
>
>
>
>
>
> > On 23 oct, 15:28, fugettaboutit <(E-Mail Removed)> wrote:

>
> > > nini wrote:
> > > > hi,

>
> > > > we have a 2 layers network with 6 backbone multilayer switches 6500
> > > > (at the distribution layer).
> > > > there are two internet lines. from different routers.
> > > > As we decided to share the load, we (rouglhy) implemented like this

>
> > > > on 6500-router-1.

>
> > > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

>
> > > > on 6500-Router-2 :

>
> > > > ip static routes to 2nd.internet.line.router
> > > > # so according to destination network the traffic goes to one or
> > > > another router

>
> > > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

>
> > > > I think this last command would give me failover in case 1st default
> > > > route would go down. but in practice it was not.

>
> > > > in my test, I shutdown 6500-router-1, but there were no defaut route
> > > > any longer..
> > > > i could not go to interent, except static route of course.

>
> > > > I checked in the eigrp guide, but i couldn't find easy implementation.
> > > > what could be the solution if

>
> > > > we dont want to load balance.
> > > > the two line are on different routers, I mean there are no common
> > > > enterprise edge block..
> > > > the goal is to have a backup route.

>
> > > > thank you

>
> > > I *think* I have an idea of what you're doing, but more info would be
> > > helpful. I'll make a couple of assumptions and scenarios...

>
> > > First, I assume you're multihomed? If so, and a 100,000 foot level, your
> > > two routers have an iBGP session between them with an IGP providing the
> > > routes for the peering. I assume that you're taking default routes from
> > > the providers. You could set an inbound *BGP route preference for a
> > > provider and set up EIGRP peering to your Cats. Advertise a default
> > > network from your border routers (EIGRP) to the Cats.

>
> > > Second, if not multihomed (no BGP), do something similar to above. Setup
> > > EIGRP peering between the border routers and the Cats. Advertise a
> > > default network from both border routers. You can tweak the metrics on
> > > the border routers if you prefer one provider.

>
> > > Third, implement HSRP/GLBP and point your default gateway to the virtual
> > > address that is shared between the two border routers.

>
> > > I'm kinda throwing stuff out there to see what sticks. I'm wondering
> > > about your perimeter are firewalls and such in the mix? I'd love to hear
> > > more about these two providers, and how your network is viewed by the
> > > public Internet. Anyway, these are musings from a guy with limited
> > > knowledge. - Masquer le texte des messages précédents -

>
> > > - Afficher le texte des messages précédents -

>
> > it is nothing about all this.

>
> > we have 6 core routers which forms our network.
> > one of them is connected to the internet, it points to one nokia
> > checkpoint firewall, which is connected to an isp
> > another core routers in another building, 5km away, has a connection
> > to another checkpoint firewall, which is connected to the same isp.
> > The external interfaces of both firewall (isp side) are probably in
> > the same segment and probaly can play bith bgp. but we are not awre of
> > this.
> > but, in our lan *they are on different segment, one is 10.2.1.0/24,
> > the other 10.1.3.0/24.
> > hsrp cannot play here. because, as i mentionned, there are no
> > enterpise edge block, no layer 2 in our core network.
> > so the defaut route point to 10.2.1.200
> > some large internet segment are routed trough 10.1.3.200.

>
> > I dont understand why, when the checkpoint, or the core routers of the
> > 1st internet line goes down, there are no takeover.

>
> > I tought that eigrp could deal with such scenario, which is not
> > unusual. but i ve not yet found any doc introducing backup features..

>
> So when it drops (the internet router), the 0.0.0.0 route to that hop
> will not clear out of the table unless the core that has the static
> route drops. *Are you saying that core drops, and the route stays?
> What does show ip route 0.0.0.0 show on the other cores when that core
> goes down? *By going down, do you mean the router is fully down, or
> just the link to the internet, which would not do anything since the
> static route is still in?
>
> Overall, I would recommend doing a default route with tracking which
> pings the upstream internet router, or even next hop beyond that. *If
> that ping fails, the route will disappear from the routing table.
> Also, what does your route map do?
>
> All in all, if you turn up a routing protocol between the internet
> router and the core, redistribute it into EIGRP, then if that
> connection goes down, the route goes away. *At that point, and having
> the second internet connection configured in the same way, it would
> failover. *I would also just let 0.0.0.0 in from the internet router
> and not the whole internet routing table.- Masquer le texte des messages précédents -
>
> - Afficher le texte des messages précédents -


I understand that if the checkpoint firewall fail, the route is not
automatically updated.
but in my case, it is the core router who fails
there are no route map, nothing.

in the "backup" core, I changed the following line

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 255 tag 1

to

ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 171 tag 1

now it failover, but doenst failback..
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange EIGRP/GRE issue !! yepp Cisco 4 10-07-2009 03:26 PM
BGP & EIGRP Routing Issue Darren Green Cisco 18 11-20-2007 04:36 PM
Eigrp strange issue Tosh Cisco 9 03-20-2006 12:52 PM
EIGRP, Want to prevent any EIGRP traffic to a interface BG Cisco 3 02-09-2006 08:05 PM
Converting from RIP to EIGRP - netware issue Mark Smythe Cisco 3 11-29-2003 01:40 AM



Advertisments