Analyzing Routes to the Common Services Area

The common services are connected to the core through two distribution routers and are also connected via multiple, parallel Ethernet links (or Fast Ethernet links), as illustrated in Figure 7-8. Whether these are truly separate physical links or VLANs connected through switches, to EIGRP they present the appearance of multiple parallel paths connecting the "back side" of the two distribution routers. One of the more typical errors made by network designers is to include all of these parallel paths as alternative paths for routes to reach much of the rest of the network. This section addresses how to avoid this condition.

Ideally, the servers on these segments point their default gateway to a Hot Standby Routing Protocol (HSRP) address shared by the two distribution routers. This design allows the servers on these segments to adapt to a router failure almost immediately.

These networks are not designed for transit traffic; that is, traffic is not expected to enter the common services distribution router from the core, go through one of the Fast Ethernet links used by the common services, and then exit through the other distribution router back to the core. EIGRP, however, won't know this by default. It will treat each of these links as an alternate path, storing information about them in the topology table, and propagating queries through them. These alternate paths complicate EIGRP's convergence.

To eliminate the possibility of these networks being used for transit traffic, the network manager shouldn't run EIGRP on any of these parallel Ethernet links. (Well, one or two should run EIGRP, but this is discussed following Figure 7-9.) Configuring passive-interface {interface} for an interface or subinterface will remove EIGRP from these interfaces.

To prevent the rest of the routers in the network from going active on individual segments supporting these servers, you should use the same strategy that is used everywhere else in the network. Summarize the subnets that reside on the common service Ethernet connections in both distribution layer routers so that they will send only a single summary route out to the core.

If a single Ethernet connection goes down in the common services area, the remainder of the network will not start the query process to find an alternative path. The query will stop at the first router that doesn't have knowledge of the specific subnet that has failed, which will be a core router.

There is one problem with this strategy though—it can create routing black holes in the same way that dual-homed remotes can. To understand why, examine Figure 7-9, which has all but two of the common services networks removed.

Router A and Router B will both be advertising a summary of 172.16.16.0/22, which covers the entire address range but doesn't overlap with any other addresses in the network. (See Chapter 4 for more details.)

If Router A's interface on the 172.16.18.192/26 network fails, Router A will continue advertising the 172.16.16.0/22 summary toward the core. If, however, one of the core routers forwards a packet destined to the 172.16.18.192/26 network toward Router A, Router A will drop it because it has no route for this destination—or even worse, it will send the packet back toward the core along its default route.

To resolve this situation, Router A must know that 172.16.18.192/26 is reachable through Router B. This is why EIGRP should be run over at least one of these parallel Ethernet links. In order to do this, a passive-interface statement should NOT be put into the configuration for at least one Ethernet link. It would be even better if there were one or two links between these routers dedicated to redundancy (with no servers or other devices on them) to account for just this situation.