Overlapping Subnets Causing Routing Ambiguity
Presenting Symptom
Users in the branch office report intermittent connectivity to the data center, with some traffic succeeding and other traffic failing unpredictably.
Network Context
A small branch office with a single Cisco 4321 router (IOS XE 16.9) connects to an enterprise data center via two WAN links: primary MPLS (10.0.0.0/24) and backup Internet VPN (192.168.1.0/24). The branch LAN uses 10.0.0.0/24, and the data center LAN uses 172.16.0.0/24. The branch router runs EIGRP with the data center router. The network engineer notices that pings to the data center sometimes fail and routing table entries appear inconsistent.
Diagnostic Steps
Check the routing table for the destination network
show ip route 172.16.0.0Routing entry for 172.16.0.0/24
Known via "eigrp 100", distance 90, metric 28160, type internal
Last update from 10.0.0.2 on GigabitEthernet0/0, 00:00:15 ago
Routing Descriptor Blocks:
* 10.0.0.2, from 10.0.0.2, 00:00:15 ago, via GigabitEthernet0/0
Route metric is 28160, traffic share count is 1
Also advertised via eigrp 100
Also advertised via eigrp 100
Also advertised via eigrp 100The routing table shows only one path via 10.0.0.2. If there were overlapping subnets, you might see multiple entries or unexpected next hops. Here it looks normal, but the problem may be intermittent.
Examine the routing table for all networks to identify overlaps
show ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/24 is directly connected, GigabitEthernet0/1
D 10.0.0.0/24 is a summary, 00:00:05, Null0
172.16.0.0/24 is subnetted, 1 subnets
D 172.16.0.0/24 [90/28160] via 10.0.0.2, 00:00:15, GigabitEthernet0/0Notice that 10.0.0.0/24 appears twice: once as a connected route on G0/1 (LAN) and once as an EIGRP summary route to Null0. This indicates that the router is summarizing the 10.0.0.0/24 network, which may be overlapping with the WAN subnet (also 10.0.0.0/24). The summary route to Null0 can cause traffic to be dropped if the router thinks it has a better path.
Check EIGRP interfaces and neighbors to see which networks are advertised
show ip eigrp interfacesEIGRP interfaces for process 100
Xmit Queue Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Gi0/0 1 0/0 12 0/10 50 0
Gi0/1 0 0/0 0 0/10 0 0GigabitEthernet0/1 (LAN) has no EIGRP peers, which is expected. However, the router may be advertising the LAN subnet (10.0.0.0/24) into EIGRP, causing the data center router to see two paths to 10.0.0.0/24 (the WAN link and the branch LAN). This can cause routing ambiguity.
Verify EIGRP topology table for the overlapping network
show ip eigrp topology 10.0.0.0/24EIGRP-IPv4 Topology Entry for AS(100)/ID(10.0.0.1) for 10.0.0.0/24
State: Passive, Query origin flag: 1, 1 Successor(s), FD is 28160
Routing Descriptor Blocks:
0.0.0.0, from Null0, Send flag is 0x0
Composite metric is (28160/0), Route is Internal
Vector metric:
Minimum bandwidth is 100000 Kbit
Total delay is 100 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1
10.0.0.2, from 10.0.0.2, Send flag is 0x0
Composite metric is (28160/0), Route is Internal
Vector metric:
Minimum bandwidth is 100000 Kbit
Total delay is 100 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1The topology table shows two entries for 10.0.0.0/24: one via Null0 (the summary route) and one via 10.0.0.2 (the WAN neighbor). This confirms that the router is summarizing the LAN subnet and also learning the same subnet from the WAN, creating an overlap. The router may prefer the Null0 route, causing traffic to be dropped.
Root Cause
The branch router has an EIGRP summary route configured for 10.0.0.0/24 (the LAN subnet) on the WAN interface (GigabitEthernet0/0). This summary route is advertised to the data center router, which then sees two paths to 10.0.0.0/24: one via the WAN link and one via the branch LAN. However, the branch router itself installs the summary route to Null0, which can cause traffic destined for 10.0.0.0/24 (including the WAN link itself) to be dropped because the router thinks it has a directly connected summary route. Additionally, the WAN link uses the same subnet (10.0.0.0/24) as the LAN, causing an address overlap.
Resolution
Verification
1. Verify the routing table no longer shows overlapping entries: show ip route | include 10.0.0.0 Expected output: Only the WAN interface subnet (e.g., 10.0.0.0/24 via connected) should appear, no Null0 route. 2. Verify EIGRP topology for the old LAN subnet is gone: show ip eigrp topology 10.0.0.0/24 Expected output: % Entry not found 3. Test connectivity from branch to data center: ping 172.16.0.1 source 192.168.10.1 Expected output: Success (!!!!!)
Prevention
1. Use unique IP subnets for each network segment (LAN, WAN, loopbacks) to avoid overlaps. 2. Avoid using the same subnet for both LAN and WAN links. 3. When using EIGRP summarization, ensure summary routes do not mask the WAN subnet or create Null0 routes that drop traffic.
CCNA Exam Relevance
On the CCNA 200-301 exam, this scenario may appear as a troubleshooting question where you must identify overlapping subnets causing routing issues. The exam tests your ability to interpret show ip route and show ip eigrp topology output to find misconfigurations. Key fact: EIGRP summary routes to Null0 can cause traffic blackholing if they overlap with learned routes.
Exam Tips
Remember that a route to Null0 in the routing table indicates a summary route that can drop traffic if it overlaps with a real network.
When you see two entries for the same subnet with different next hops (one being Null0), suspect an EIGRP summary misconfiguration.
The command 'show ip route' is your first step; look for 'is a summary' in the output to identify summary routes.
Commands Used in This Scenario
clear ip eigrp neighbors
This command immediately resets all EIGRP neighbor adjacencies, forcing the router to re-establish neighbor relationships and re-learn routes from all EIGRP neighbors.
show ip eigrp interfaces
Displays detailed information about interfaces on which EIGRP is enabled, including neighbor status, pending routes, and interface statistics, used to verify EIGRP adjacency and interface participation.
show ip eigrp topology
Displays the EIGRP topology table, showing all learned routes and their feasible successors, used to verify EIGRP convergence and path selection.
show ip route
Displays the current IP routing table on a Cisco router, used to verify routes, check next-hop addresses, and troubleshoot connectivity issues.
Test Your CCNA Knowledge
Practice with scenario-based questions to prepare for the CCNA 200-301 exam.
Practice CCNA Questions