eigrp issue

Discussion in 'Cisco' started by nini, Oct 23, 2008.

  1. nini

    nini Guest

    hi,

    we have a 2 layers network with 6 backbone multilayer switches 6500
    (at the distribution layer).
    there are two internet lines. from different routers.
    As we decided to share the load, we (rouglhy) implemented like this

    on 6500-router-1.

    ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

    on 6500-Router-2 :

    ip static routes to 2nd.internet.line.router
    # so according to destination network the traffic goes to one or
    another router

    ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

    I think this last command would give me failover in case 1st default
    route would go down. but in practice it was not.

    in my test, I shutdown 6500-router-1, but there were no defaut route
    any longer..
    i could not go to interent, except static route of course.

    I checked in the eigrp guide, but i couldn't find easy implementation.
    what could be the solution if

    we dont want to load balance.
    the two line are on different routers, I mean there are no common
    enterprise edge block..
    the goal is to have a backup route.


    thank you
     
    nini, Oct 23, 2008
    #1
    1. Advertising

  2. nini

    Trendkill Guest

    On Oct 23, 3:37 am, nini <> wrote:
    > hi,
    >
    > we have a 2 layers network with 6 backbone multilayer switches 6500
    > (at the distribution layer).
    > there are two internet lines. from different routers.
    > As we decided to share the load, we (rouglhy) implemented like this
    >
    > on 6500-router-1.
    >
    > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1
    >
    > on 6500-Router-2 :
    >
    > ip static routes to 2nd.internet.line.router
    > # so according to destination network the traffic goes to one or
    > another router
    >
    > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1
    >
    > I think this last command would give me failover in case 1st default
    > route would go down. but in practice it was not.
    >
    > in my test, I shutdown 6500-router-1, but there were no defaut route
    > any longer..
    > i could not go to interent, except static route of course.
    >
    > I checked in the eigrp guide, but i couldn't find easy implementation.
    > what could be the solution if
    >
    > we dont want to load balance.
    > the two line are on different routers, I mean there are no common
    > enterprise edge block..
    > the goal is to have a backup route.
    >
    > thank you


    What was your eigrp config on each?
     
    Trendkill, Oct 23, 2008
    #2
    1. Advertising

  3. nini

    nini Guest

    the 1st router i shut down had the following.

    #just the default route
    ip route 0.0.0.0 0.0.0.0 its_gateway tag 1

    router eigrp 1
    traffic-share min across-interfaces
    redistribute static route-map static-into-eigrp1
    passive-interface default
    no passive-interface GigabitEthernet1/1
    no passive-interface GigabitEthernet1/2
    no passive-interface GigabitEthernet3/16
    no passive-interface Port-channel41
    ...network commands...
    no auto-summary
    eigrp router-id 10.0.1.3
    eigrp log-neighbor-changes

    the second which was suppose to failover the default route has the
    following

    ip route 0.0.0.0 0.0.0.0 its_gateway 255 tag 1
    ip static route to its_gateway

    router eigrp 1
    traffic-share min across-interfaces
    redistribute static route-map static-into-eigrp1
    passive-interface default
    no passive-interface GigabitEthernet1/1
    no passive-interface GigabitEthernet1/2
    no passive-interface GigabitEthernet6/16
    no passive-interface Port-channel173
    ...network command...
    auto-summary
    eigrp log-neighbor-changes

    thanks
     
    nini, Oct 23, 2008
    #3
  4. nini

    nini Guest

    the 1st router i shut down had the following.

    #just the default route
    ip route 0.0.0.0 0.0.0.0 its_gateway tag 1

    router eigrp 1
    traffic-share min across-interfaces
    redistribute static route-map static-into-eigrp1
    passive-interface default
    no passive-interface GigabitEthernet1/1
    no passive-interface GigabitEthernet1/2
    no passive-interface GigabitEthernet3/16
    no passive-interface Port-channel41
    ...network commands...
    no auto-summary
    eigrp router-id 10.0.1.3
    eigrp log-neighbor-changes

    the second which was suppose to failover the default route has the
    following

    ip route 0.0.0.0 0.0.0.0 its_gateway 255 tag 1
    ip static route to its_gateway

    router eigrp 1
    traffic-share min across-interfaces
    redistribute static route-map static-into-eigrp1
    passive-interface default
    no passive-interface GigabitEthernet1/1
    no passive-interface GigabitEthernet1/2
    no passive-interface GigabitEthernet6/16
    no passive-interface Port-channel173
    ...network command...
    auto-summary
    eigrp log-neighbor-changes

    thanks
     
    nini, Oct 23, 2008
    #4
  5. nini wrote:
    > hi,
    >
    > we have a 2 layers network with 6 backbone multilayer switches 6500
    > (at the distribution layer).
    > there are two internet lines. from different routers.
    > As we decided to share the load, we (rouglhy) implemented like this
    >
    > on 6500-router-1.
    >
    > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1
    >
    > on 6500-Router-2 :
    >
    > ip static routes to 2nd.internet.line.router
    > # so according to destination network the traffic goes to one or
    > another router
    >
    > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1
    >
    > I think this last command would give me failover in case 1st default
    > route would go down. but in practice it was not.
    >
    > in my test, I shutdown 6500-router-1, but there were no defaut route
    > any longer..
    > i could not go to interent, except static route of course.
    >
    > I checked in the eigrp guide, but i couldn't find easy implementation.
    > what could be the solution if
    >
    > we dont want to load balance.
    > the two line are on different routers, I mean there are no common
    > enterprise edge block..
    > the goal is to have a backup route.
    >
    >
    > thank you


    I *think* I have an idea of what you're doing, but more info would be
    helpful. I'll make a couple of assumptions and scenarios...

    First, I assume you're multihomed? If so, and a 100,000 foot level, your
    two routers have an iBGP session between them with an IGP providing the
    routes for the peering. I assume that you're taking default routes from
    the providers. You could set an inbound BGP route preference for a
    provider and set up EIGRP peering to your Cats. Advertise a default
    network from your border routers (EIGRP) to the Cats.

    Second, if not multihomed (no BGP), do something similar to above. Setup
    EIGRP peering between the border routers and the Cats. Advertise a
    default network from both border routers. You can tweak the metrics on
    the border routers if you prefer one provider.

    Third, implement HSRP/GLBP and point your default gateway to the virtual
    address that is shared between the two border routers.

    I'm kinda throwing stuff out there to see what sticks. I'm wondering
    about your perimeter are firewalls and such in the mix? I'd love to hear
    more about these two providers, and how your network is viewed by the
    public Internet. Anyway, these are musings from a guy with limited
    knowledge. :)
     
    fugettaboutit, Oct 23, 2008
    #5
  6. nini

    nini Guest

    On 23 oct, 15:28, fugettaboutit <> wrote:
    > nini wrote:
    > > hi,

    >
    > > we have a 2 layers network with 6 backbone multilayer switches 6500
    > > (at the distribution layer).
    > > there are two internet lines. from different routers.
    > > As we decided to share the load, we (rouglhy) implemented like this

    >
    > > on 6500-router-1.

    >
    > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

    >
    > > on 6500-Router-2 :

    >
    > > ip static routes to 2nd.internet.line.router
    > > # so according to destination network the traffic goes to one or
    > > another router

    >
    > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

    >
    > > I think this last command would give me failover in case 1st default
    > > route would go down. but in practice it was not.

    >
    > > in my test, I shutdown 6500-router-1, but there were no defaut route
    > > any longer..
    > > i could not go to interent, except static route of course.

    >
    > > I checked in the eigrp guide, but i couldn't find easy implementation.
    > > what could be the solution if

    >
    > > we dont want to load balance.
    > > the two line are on different routers, I mean there are no common
    > > enterprise edge block..
    > > the goal is to have a backup route.

    >
    > > thank you

    >
    > I *think* I have an idea of what you're doing, but more info would be
    > helpful. I'll make a couple of assumptions and scenarios...
    >
    > First, I assume you're multihomed? If so, and a 100,000 foot level, your
    > two routers have an iBGP session between them with an IGP providing the
    > routes for the peering. I assume that you're taking default routes from
    > the providers. You could set an inbound  BGP route preference for a
    > provider and set up EIGRP peering to your Cats. Advertise a default
    > network from your border routers (EIGRP) to the Cats.
    >
    > Second, if not multihomed (no BGP), do something similar to above. Setup
    > EIGRP peering between the border routers and the Cats. Advertise a
    > default network from both border routers. You can tweak the metrics on
    > the border routers if you prefer one provider.
    >
    > Third, implement HSRP/GLBP and point your default gateway to the virtual
    > address that is shared between the two border routers.
    >
    > I'm kinda throwing stuff out there to see what sticks. I'm wondering
    > about your perimeter are firewalls and such in the mix? I'd love to hear
    > more about these two providers, and how your network is viewed by the
    > public Internet. Anyway, these are musings from a guy with limited
    > knowledge. :)- Masquer le texte des messages précédents -
    >
    > - Afficher le texte des messages précédents -


    it is nothing about all this.

    we have 6 core routers which forms our network.
    one of them is connected to the internet, it points to one nokia
    checkpoint firewall, which is connected to an isp
    another core routers in another building, 5km away, has a connection
    to another checkpoint firewall, which is connected to the same isp.
    The external interfaces of both firewall (isp side) are probably in
    the same segment and probaly can play bith bgp. but we are not awre of
    this.
    but, in our lan they are on different segment, one is 10.2.1.0/24,
    the other 10.1.3.0/24.
    hsrp cannot play here. because, as i mentionned, there are no
    enterpise edge block, no layer 2 in our core network.
    so the defaut route point to 10.2.1.200
    some large internet segment are routed trough 10.1.3.200.

    I dont understand why, when the checkpoint, or the core routers of the
    1st internet line goes down, there are no takeover.

    I tought that eigrp could deal with such scenario, which is not
    unusual. but i ve not yet found any doc introducing backup features..
     
    nini, Oct 23, 2008
    #6
  7. nini

    nini Guest

    On 23 oct, 15:28, fugettaboutit <> wrote:
    > nini wrote:
    > > hi,

    >
    > > we have a 2 layers network with 6 backbone multilayer switches 6500
    > > (at the distribution layer).
    > > there are two internet lines. from different routers.
    > > As we decided to share the load, we (rouglhy) implemented like this

    >
    > > on 6500-router-1.

    >
    > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

    >
    > > on 6500-Router-2 :

    >
    > > ip static routes to 2nd.internet.line.router
    > > # so according to destination network the traffic goes to one or
    > > another router

    >
    > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

    >
    > > I think this last command would give me failover in case 1st default
    > > route would go down. but in practice it was not.

    >
    > > in my test, I shutdown 6500-router-1, but there were no defaut route
    > > any longer..
    > > i could not go to interent, except static route of course.

    >
    > > I checked in the eigrp guide, but i couldn't find easy implementation.
    > > what could be the solution if

    >
    > > we dont want to load balance.
    > > the two line are on different routers, I mean there are no common
    > > enterprise edge block..
    > > the goal is to have a backup route.

    >
    > > thank you

    >
    > I *think* I have an idea of what you're doing, but more info would be
    > helpful. I'll make a couple of assumptions and scenarios...
    >
    > First, I assume you're multihomed? If so, and a 100,000 foot level, your
    > two routers have an iBGP session between them with an IGP providing the
    > routes for the peering. I assume that you're taking default routes from
    > the providers. You could set an inbound  BGP route preference for a
    > provider and set up EIGRP peering to your Cats. Advertise a default
    > network from your border routers (EIGRP) to the Cats.
    >
    > Second, if not multihomed (no BGP), do something similar to above. Setup
    > EIGRP peering between the border routers and the Cats. Advertise a
    > default network from both border routers. You can tweak the metrics on
    > the border routers if you prefer one provider.
    >
    > Third, implement HSRP/GLBP and point your default gateway to the virtual
    > address that is shared between the two border routers.
    >
    > I'm kinda throwing stuff out there to see what sticks. I'm wondering
    > about your perimeter are firewalls and such in the mix? I'd love to hear
    > more about these two providers, and how your network is viewed by the
    > public Internet. Anyway, these are musings from a guy with limited
    > knowledge. :)- Masquer le texte des messages précédents -
    >
    > - Afficher le texte des messages précédents -


    it is nothing about all this.

    we have 6 core routers which forms our network.
    one of them is connected to the internet, it points to one nokia
    checkpoint firewall, which is connected to an isp
    another core routers in another building, 5km away, has a connection
    to another checkpoint firewall, which is connected to the same isp.
    The external interfaces of both firewall (isp side) are probably in
    the same segment and probaly can play bith bgp. but we are not awre of
    this.
    but, in our lan they are on different segment, one is 10.2.1.0/24,
    the other 10.1.3.0/24.
    hsrp cannot play here. because, as i mentionned, there are no
    enterpise edge block, no layer 2 in our core network.
    so the defaut route point to 10.2.1.200
    some large internet segment are routed trough 10.1.3.200.

    I dont understand why, when the checkpoint, or the core routers of the
    1st internet line goes down, there are no takeover.

    I tought that eigrp could deal with such scenario, which is not
    unusual. but i ve not yet found any doc introducing backup features..
     
    nini, Oct 23, 2008
    #7
  8. nini

    Trendkill Guest

    On Oct 23, 10:09 am, nini <> wrote:
    > On 23 oct, 15:28, fugettaboutit <> wrote:
    >
    >
    >
    > > nini wrote:
    > > > hi,

    >
    > > > we have a 2 layers network with 6 backbone multilayer switches 6500
    > > > (at the distribution layer).
    > > > there are two internet lines. from different routers.
    > > > As we decided to share the load, we (rouglhy) implemented like this

    >
    > > > on 6500-router-1.

    >
    > > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

    >
    > > > on 6500-Router-2 :

    >
    > > > ip static routes to 2nd.internet.line.router
    > > > # so according to destination network the traffic goes to one or
    > > > another router

    >
    > > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

    >
    > > > I think this last command would give me failover in case 1st default
    > > > route would go down. but in practice it was not.

    >
    > > > in my test, I shutdown 6500-router-1, but there were no defaut route
    > > > any longer..
    > > > i could not go to interent, except static route of course.

    >
    > > > I checked in the eigrp guide, but i couldn't find easy implementation..
    > > > what could be the solution if

    >
    > > > we dont want to load balance.
    > > > the two line are on different routers, I mean there are no common
    > > > enterprise edge block..
    > > > the goal is to have a backup route.

    >
    > > > thank you

    >
    > > I *think* I have an idea of what you're doing, but more info would be
    > > helpful. I'll make a couple of assumptions and scenarios...

    >
    > > First, I assume you're multihomed? If so, and a 100,000 foot level, your
    > > two routers have an iBGP session between them with an IGP providing the
    > > routes for the peering. I assume that you're taking default routes from
    > > the providers. You could set an inbound  BGP route preference for a
    > > provider and set up EIGRP peering to your Cats. Advertise a default
    > > network from your border routers (EIGRP) to the Cats.

    >
    > > Second, if not multihomed (no BGP), do something similar to above. Setup
    > > EIGRP peering between the border routers and the Cats. Advertise a
    > > default network from both border routers. You can tweak the metrics on
    > > the border routers if you prefer one provider.

    >
    > > Third, implement HSRP/GLBP and point your default gateway to the virtual
    > > address that is shared between the two border routers.

    >
    > > I'm kinda throwing stuff out there to see what sticks. I'm wondering
    > > about your perimeter are firewalls and such in the mix? I'd love to hear
    > > more about these two providers, and how your network is viewed by the
    > > public Internet. Anyway, these are musings from a guy with limited
    > > knowledge. :)- Masquer le texte des messages précédents -

    >
    > > - Afficher le texte des messages précédents -

    >
    > it is nothing about all this.
    >
    > we have 6 core routers which forms our network.
    > one of them is connected to the internet, it points to one nokia
    > checkpoint firewall, which is connected to an isp
    > another core routers in another building, 5km away, has a connection
    > to another checkpoint firewall, which is connected to the same isp.
    > The external interfaces of both firewall (isp side) are probably in
    > the same segment and probaly can play bith bgp. but we are not awre of
    > this.
    > but, in our lan  they are on different segment, one is 10.2.1.0/24,
    > the other 10.1.3.0/24.
    > hsrp cannot play here. because, as i mentionned, there are no
    > enterpise edge block, no layer 2 in our core network.
    > so the defaut route point to 10.2.1.200
    > some large internet segment are routed trough 10.1.3.200.
    >
    > I dont understand why, when the checkpoint, or the core routers of the
    > 1st internet line goes down, there are no takeover.
    >
    > I tought that eigrp could deal with such scenario, which is not
    > unusual. but i ve not yet found any doc introducing backup features..


    So when it drops (the internet router), the 0.0.0.0 route to that hop
    will not clear out of the table unless the core that has the static
    route drops. Are you saying that core drops, and the route stays?
    What does show ip route 0.0.0.0 show on the other cores when that core
    goes down? By going down, do you mean the router is fully down, or
    just the link to the internet, which would not do anything since the
    static route is still in?

    Overall, I would recommend doing a default route with tracking which
    pings the upstream internet router, or even next hop beyond that. If
    that ping fails, the route will disappear from the routing table.
    Also, what does your route map do?

    All in all, if you turn up a routing protocol between the internet
    router and the core, redistribute it into EIGRP, then if that
    connection goes down, the route goes away. At that point, and having
    the second internet connection configured in the same way, it would
    failover. I would also just let 0.0.0.0 in from the internet router
    and not the whole internet routing table.
     
    Trendkill, Oct 23, 2008
    #8
  9. nini

    nini Guest

    On 23 oct, 21:10, Trendkill <> wrote:
    > On Oct 23, 10:09 am, nini <> wrote:
    >
    >
    >
    >
    >
    > > On 23 oct, 15:28, fugettaboutit <> wrote:

    >
    > > > nini wrote:
    > > > > hi,

    >
    > > > > we have a 2 layers network with 6 backbone multilayer switches 6500
    > > > > (at the distribution layer).
    > > > > there are two internet lines. from different routers.
    > > > > As we decided to share the load, we (rouglhy) implemented like this

    >
    > > > > on 6500-router-1.

    >
    > > > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

    >
    > > > > on 6500-Router-2 :

    >
    > > > > ip static routes to 2nd.internet.line.router
    > > > > # so according to destination network the traffic goes to one or
    > > > > another router

    >
    > > > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

    >
    > > > > I think this last command would give me failover in case 1st default
    > > > > route would go down. but in practice it was not.

    >
    > > > > in my test, I shutdown 6500-router-1, but there were no defaut route
    > > > > any longer..
    > > > > i could not go to interent, except static route of course.

    >
    > > > > I checked in the eigrp guide, but i couldn't find easy implementation.
    > > > > what could be the solution if

    >
    > > > > we dont want to load balance.
    > > > > the two line are on different routers, I mean there are no common
    > > > > enterprise edge block..
    > > > > the goal is to have a backup route.

    >
    > > > > thank you

    >
    > > > I *think* I have an idea of what you're doing, but more info would be
    > > > helpful. I'll make a couple of assumptions and scenarios...

    >
    > > > First, I assume you're multihomed? If so, and a 100,000 foot level, your
    > > > two routers have an iBGP session between them with an IGP providing the
    > > > routes for the peering. I assume that you're taking default routes from
    > > > the providers. You could set an inbound  BGP route preference for a
    > > > provider and set up EIGRP peering to your Cats. Advertise a default
    > > > network from your border routers (EIGRP) to the Cats.

    >
    > > > Second, if not multihomed (no BGP), do something similar to above. Setup
    > > > EIGRP peering between the border routers and the Cats. Advertise a
    > > > default network from both border routers. You can tweak the metrics on
    > > > the border routers if you prefer one provider.

    >
    > > > Third, implement HSRP/GLBP and point your default gateway to the virtual
    > > > address that is shared between the two border routers.

    >
    > > > I'm kinda throwing stuff out there to see what sticks. I'm wondering
    > > > about your perimeter are firewalls and such in the mix? I'd love to hear
    > > > more about these two providers, and how your network is viewed by the
    > > > public Internet. Anyway, these are musings from a guy with limited
    > > > knowledge. :)- Masquer le texte des messages précédents -

    >
    > > > - Afficher le texte des messages précédents -

    >
    > > it is nothing about all this.

    >
    > > we have 6 core routers which forms our network.
    > > one of them is connected to the internet, it points to one nokia
    > > checkpoint firewall, which is connected to an isp
    > > another core routers in another building, 5km away, has a connection
    > > to another checkpoint firewall, which is connected to the same isp.
    > > The external interfaces of both firewall (isp side) are probably in
    > > the same segment and probaly can play bith bgp. but we are not awre of
    > > this.
    > > but, in our lan  they are on different segment, one is 10.2.1.0/24,
    > > the other 10.1.3.0/24.
    > > hsrp cannot play here. because, as i mentionned, there are no
    > > enterpise edge block, no layer 2 in our core network.
    > > so the defaut route point to 10.2.1.200
    > > some large internet segment are routed trough 10.1.3.200.

    >
    > > I dont understand why, when the checkpoint, or the core routers of the
    > > 1st internet line goes down, there are no takeover.

    >
    > > I tought that eigrp could deal with such scenario, which is not
    > > unusual. but i ve not yet found any doc introducing backup features..

    >
    > So when it drops (the internet router), the 0.0.0.0 route to that hop
    > will not clear out of the table unless the core that has the static
    > route drops.  Are you saying that core drops, and the route stays?
    > What does show ip route 0.0.0.0 show on the other cores when that core
    > goes down?  By going down, do you mean the router is fully down, or
    > just the link to the internet, which would not do anything since the
    > static route is still in?
    >
    > Overall, I would recommend doing a default route with tracking which
    > pings the upstream internet router, or even next hop beyond that.  If
    > that ping fails, the route will disappear from the routing table.
    > Also, what does your route map do?
    >
    > All in all, if you turn up a routing protocol between the internet
    > router and the core, redistribute it into EIGRP, then if that
    > connection goes down, the route goes away.  At that point, and having
    > the second internet connection configured in the same way, it would
    > failover.  I would also just let 0.0.0.0 in from the internet router
    > and not the whole internet routing table.- Masquer le texte des messages précédents -
    >
    > - Afficher le texte des messages précédents -


    I understand that if the checkpoint firewall fail, the route is not
    automatically updated.
    but in my case, it is the core router who fails
    there are no route map, nothing.

    in the "backup" core, I changed the following line

    ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 255 tag 1

    to

    ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 171 tag 1

    now it failover, but doenst failback..
     
    nini, Oct 24, 2008
    #9
  10. nini

    nini Guest

    On 23 oct, 21:10, Trendkill <> wrote:
    > On Oct 23, 10:09 am, nini <> wrote:
    >
    >
    >
    >
    >
    > > On 23 oct, 15:28, fugettaboutit <> wrote:

    >
    > > > nini wrote:
    > > > > hi,

    >
    > > > > we have a 2 layers network with 6 backbone multilayer switches 6500
    > > > > (at the distribution layer).
    > > > > there are two internet lines. from different routers.
    > > > > As we decided to share the load, we (rouglhy) implemented like this

    >
    > > > > on 6500-router-1.

    >
    > > > > ip route 0.0.0.0 0.0.0.0 1st.internet.line.router tag 1

    >
    > > > > on 6500-Router-2 :

    >
    > > > > ip static routes to 2nd.internet.line.router
    > > > > # so according to destination network the traffic goes to one or
    > > > > another router

    >
    > > > > ip route 0.0.0.0 0.0.0.0 2nd.intenret.line.router 255 tag 1

    >
    > > > > I think this last command would give me failover in case 1st default
    > > > > route would go down. but in practice it was not.

    >
    > > > > in my test, I shutdown 6500-router-1, but there were no defaut route
    > > > > any longer..
    > > > > i could not go to interent, except static route of course.

    >
    > > > > I checked in the eigrp guide, but i couldn't find easy implementation.
    > > > > what could be the solution if

    >
    > > > > we dont want to load balance.
    > > > > the two line are on different routers, I mean there are no common
    > > > > enterprise edge block..
    > > > > the goal is to have a backup route.

    >
    > > > > thank you

    >
    > > > I *think* I have an idea of what you're doing, but more info would be
    > > > helpful. I'll make a couple of assumptions and scenarios...

    >
    > > > First, I assume you're multihomed? If so, and a 100,000 foot level, your
    > > > two routers have an iBGP session between them with an IGP providing the
    > > > routes for the peering. I assume that you're taking default routes from
    > > > the providers. You could set an inbound  BGP route preference for a
    > > > provider and set up EIGRP peering to your Cats. Advertise a default
    > > > network from your border routers (EIGRP) to the Cats.

    >
    > > > Second, if not multihomed (no BGP), do something similar to above. Setup
    > > > EIGRP peering between the border routers and the Cats. Advertise a
    > > > default network from both border routers. You can tweak the metrics on
    > > > the border routers if you prefer one provider.

    >
    > > > Third, implement HSRP/GLBP and point your default gateway to the virtual
    > > > address that is shared between the two border routers.

    >
    > > > I'm kinda throwing stuff out there to see what sticks. I'm wondering
    > > > about your perimeter are firewalls and such in the mix? I'd love to hear
    > > > more about these two providers, and how your network is viewed by the
    > > > public Internet. Anyway, these are musings from a guy with limited
    > > > knowledge. :)- Masquer le texte des messages précédents -

    >
    > > > - Afficher le texte des messages précédents -

    >
    > > it is nothing about all this.

    >
    > > we have 6 core routers which forms our network.
    > > one of them is connected to the internet, it points to one nokia
    > > checkpoint firewall, which is connected to an isp
    > > another core routers in another building, 5km away, has a connection
    > > to another checkpoint firewall, which is connected to the same isp.
    > > The external interfaces of both firewall (isp side) are probably in
    > > the same segment and probaly can play bith bgp. but we are not awre of
    > > this.
    > > but, in our lan  they are on different segment, one is 10.2.1.0/24,
    > > the other 10.1.3.0/24.
    > > hsrp cannot play here. because, as i mentionned, there are no
    > > enterpise edge block, no layer 2 in our core network.
    > > so the defaut route point to 10.2.1.200
    > > some large internet segment are routed trough 10.1.3.200.

    >
    > > I dont understand why, when the checkpoint, or the core routers of the
    > > 1st internet line goes down, there are no takeover.

    >
    > > I tought that eigrp could deal with such scenario, which is not
    > > unusual. but i ve not yet found any doc introducing backup features..

    >
    > So when it drops (the internet router), the 0.0.0.0 route to that hop
    > will not clear out of the table unless the core that has the static
    > route drops.  Are you saying that core drops, and the route stays?
    > What does show ip route 0.0.0.0 show on the other cores when that core
    > goes down?  By going down, do you mean the router is fully down, or
    > just the link to the internet, which would not do anything since the
    > static route is still in?
    >
    > Overall, I would recommend doing a default route with tracking which
    > pings the upstream internet router, or even next hop beyond that.  If
    > that ping fails, the route will disappear from the routing table.
    > Also, what does your route map do?
    >
    > All in all, if you turn up a routing protocol between the internet
    > router and the core, redistribute it into EIGRP, then if that
    > connection goes down, the route goes away.  At that point, and having
    > the second internet connection configured in the same way, it would
    > failover.  I would also just let 0.0.0.0 in from the internet router
    > and not the whole internet routing table.- Masquer le texte des messages précédents -
    >
    > - Afficher le texte des messages précédents -


    I understand that if the checkpoint firewall fail, the route is not
    automatically updated.
    but in my case, it is the core router who fails
    there are no route map, nothing.

    in the "backup" core, I changed the following line

    ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 255 tag 1

    to

    ip route 0.0.0.0 0.0.0.0 2nd.internet.line.router 171 tag 1

    now it failover, but doenst failback..
     
    nini, Oct 24, 2008
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mark Smythe
    Replies:
    3
    Views:
    672
    John Agosta
    Nov 29, 2003
  2. yepp

    Strange EIGRP/GRE issue !!

    yepp, Jun 1, 2005, in forum: Cisco
    Replies:
    4
    Views:
    3,679
    shivlu
    Oct 7, 2009
  3. BG
    Replies:
    3
    Views:
    6,831
  4. Tosh

    Eigrp strange issue

    Tosh, Mar 19, 2006, in forum: Cisco
    Replies:
    9
    Views:
    4,754
  5. Darren Green

    BGP & EIGRP Routing Issue

    Darren Green, Nov 9, 2007, in forum: Cisco
    Replies:
    18
    Views:
    1,603
Loading...

Share This Page