Unexpected Routing

[thomaspm]

I have a CISCO 5509 which supports a number of Vlans and frame relay circuits. I recently added a CISCO 1700 with a frame relay circuit.

1700 FastEthernet0 configuration contains the following

ip address 172.16.20.100 255.255.255.0
ip route 63.123.123.0 255.255.255.0 Serial0.1

where 172.16.20.100 is in the address space of my local Vlan

To route via the 5509 in place of the internet I added the following IP Route command to the 5509:

ip route 63.123.123.0 255.255.255.0 172.16.20.100

This worked like a charm, but had the unexpected effect that internet sites with addresses starting 63.xxx.xxx.xxx were no longer accessible. Tracert showed a response of "destination host unreachable" from the default gateway.

Why?

Here is an extract from the show ip route on the 5509:

show ip route

Gateway of last resort is 172.16.30.100 to network 0.0.0.0
63.0.0.0/24 is subnetted, 1 subnets
63.123.123.0 [1/0] via 172.16.20.100
0.0.0.0/0 [1/0] via 172.16.30.100

 

[jeter]

I'm liitle confused with the internet setup . Is this a static ip to the ISP . lets say on the 1720 that your WAN ips are 208.19.124.54 and 208.19.124.53 your conf should look
something like this .

serial 0
no ip address
no ip directed-broadcast
encapsulation frame-relay frame-relay lmi-type ansi
no shut

int ser 0.1 point-to-point
ip address 208.19.124.54 255.255.255.252
no ip directed-broadcast
frame-relay interface-dlci 16 IETF

INT FA0
ip address 172.16.20.100
no ip directed-broadcast

ip default-gateway 208.19.124.53
ip classless
ip route 0.0.0.0 0.0.0.0 208.19.124.53
ip http server

Do not forget your ip name-server xxx.xxx.xxx.xxx

 

[thomaspm]

jeter:

Many thanks for looking at this problem. Let me try to clarify. Our ISP connection is configured on a separate Vlan on the 5509 catalyst switch. The routing command on the 5509

ip route 0.0.0.0 0.0.0.0 172.16.30.100

directs all internet traffic which is not routed to our VPN to a PIX firewall, which in turn is connected to a 2600 router and then to the ISP. We do not run DHCP (yet) so the routing is static.

I believe this is a correct configuration because(a) our ISP worked fine before the frame-relay circuit was added (b) show ip route gave the firewall as the gateway of last resort (c) without the new frame relay, tracert shows the traffic flowing this way.

I think that adding the default gateway and ip route to the 1700 is unlikely to solve the problem as tracert stops dead at the default gateway for my Vlan on the 5509 and never gets to the 1700 router.

My main question is why does show ip route on the 5509 respond:

63.0.0.0/24 is subnetted, 1 subnets

when I had specified a subnet mask of 255.255.255.0

Any further suggestions?

 

[jeter]

by adding 63.xxx.xxx.xxx as your Lan and internet you are creating a loop and not giving an escape out to the isp . On the 1700 router add an ip route 0.0.0.0 0.0.0.0
and your ip of your isp. Also you may want to change the gateway of last resort to
172.16.20.100 not 172.16.30.100

 

[thomaspm]

Thanks!