cis185 bsci-lecture3-eigrp-part2

1

Please wait, CIS 185 will begin shortly… (5:30pm)

CIS 185 Advanced Routing ProtocolsEIGRP Part 2

Rick Graziani

Cabrillo College

[email protected]

Last Updated: Fall 2009

3

EIGRP Part 1

Review Wildcard masks Authentication Passive Interfaces Stuck-in-active Stub Routers Offsets Variance Ip-bandwidth percent

Frame Relay Bandwidth Distribute Lists

With ACLs With Prefix-Lists With Route Maps

Summarization Default Route

4

Thanks Wendell Odom!

Much of the information used in this chapter is from the new Cisco Press BSCI Exam Certification Guide by Wendell Odom. (Not yet released at the time of this writing.)

I highly recommend this book!

5

Point-to-Point

Because there is a maximum of 256Kbps available on the access circuit, we cannot allow any individual PVC to handle more than 25Kbps (256/10).

Since this data rate is fairly low, and we don't expect very much user data traffic, we can allow EIGRP to use up to 90% of the bandwidth.

interface Serial 0

encapsulation frame-relay

interface Serial 0.1 point-to-point

bandwidth 25

ip bandwidth-percent eigrp 123 90

…

interface Serial 0.10 point-to-point

bandwidth 25

ip bandwidth-percent eigrp 123 90

256 / 10 = 25

6

Multipoint

If the virtual circuits are of different capacities, The bandwidth must be set to take into account the lowest capacity

virtual circuit. Example, if a T1 access line has three 256Kbps VCs and one

56Kbps VC, the bandwidth should be set to 224Kbps (4 * 56Kbps). Bandwidth equals the CIR rate of the lowest speed connection

multiplied by the number of circuits.

interface Serial 0

encapsulation frame-relay

interface Serial 0.1 multipoint

bandwidth 224

Lowest speed connection = 56 Kbps

4 * 56 = 224

7

Our Topology

Print this out

8

EIGRP Route Filtering

Route Filtering Allows an engineer to filter which routes are advertised in an

EIGRP update. Reasons

Branch Offices only need to communicate with Headquarters, not with each other.

Smaller Routing Tables Security

10.17.32.0/2310.17.34.0/2410.17.35.0/2510.17.32.128/2510.17.36.0/2610.17.36.64/26 10.17.32.0/23

10.17.34.0/24

9


Drawback Network engineers have the additional troubleshooting challenge

deciding whether it was due to a failure in the network or because of their design decision.

No route for 10.17.35.0/25 DROP REPLY

ping 172.16.1.10

10


EIGRP uses a distribute-list router subcommand. Distribute List refers to:

ACL Prefix List Route Map

Uses an ACL or Prefix List

Distribute List

ACL Prefix-List Route-Map

11

Inbound interfaces: Affects only the routing updates inbound on that interface. Same update may come from another interface from the same

(LAN) or different (serial) router. Note: This does not permit/deny other packets from entering the

routers, only which updates a router will send or receive.

Router(config-router)#distribute-list access-list-number in [interface-name]

Route Filters - Inbound

12

Outbound interfaces: Affects only the routing updates outbound on that interface.

Router(config-router)#distribute-list access-list-number out [interface-name | routing-process | as-number]

Route Filters Outbound

13

Route Filters

For each interface and routing process, Cisco IOS permits:

• One incoming global distribute-list

• One outgoing global distribute-list

• One incoming distribute-list per interface

• One outgoing distribute-list per interface

RTZ(config)# router eigrp 1

RTZ(config-router)# distribute-list 1 in

RTZ(config-router)# distribute-list 2 out

RTZ(config-router)# distribute-list 3 in serial 0/0

RTZ(config-router)# distribute-list 4 out serial 0/0

14

Route Filters - VerificationRTZ(config)#router eigrp 1

RTZ(config-router)#distribute-list 1 in

RTZ(config-router)#distribute-list 2 out

RTZ(config-router)#distribute-list 3 in e0

RTZ(config-router)#distribute-list 4 out e0

RTZ#show ip protocols

Routing Protocol is "rip"

Sending updates every 30 seconds, next due in 25 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Outgoing update filter list for all interfaces is 2

Ethernet0 filtered by 4

Incoming update filter list for all interfaces is 1

Ethernet0 filtered by 3

15

Route Filters and Link State Routing Protocols

Routers running link state protocols determine their routes based on information in their link state database, rather than the advertised route entries of its neighbors.

Route filters have a different effect on link state advertisements or the link state database. Remember, a basic requirement of link state routing protocols is

that routers in an area must have identical link state databases. We will examine route filters and link state routing protocols later with

OSPF.

16

Distribute Lists and ACLs

EIGRP uses a distribute-list router subcommand. Distribute List refers to:

ACL Prefix List Route Map

Uses an ACL or Prefix List

Distribute List


17

Distribute Lists and ACLs

Objective: Deny R4 from learning about the 10.17.35.0/25 network. Create a distribute-list outbound serial 0/2

Refer to access-list 2 To filter EIGRP routes using an ACL:

ACL deny – filters the route ACL permit - allows route to be advertised

R3(config)# router eigrp 1

R3(config-router)# distribute-list 2 out ser 0/2

R3(config)# access-list 2 deny 10.17.35.0 0.0.0.127

R3(config)# access-list 2 permit any

18

ACL Ranges

What if we needed to filter a range of networks? We could use several ACL statements or use the wildcard mask to

specify a range. What range of networks does this network/wildcard mask

summarize?





19

ACL Ranges

It’s easy! Start with the addresses in ACL which is the low end: 10.17.32.0 Add the wildcard mask: 0.0.7.255 The result is the high end of the range! ACL range: 10.17.32.0 through 10.17.39.255


Low end 10.17.32.0

Wildcard mask + 0. 0. 7.255

--------------

High end 10.17.39.255

20

ACL Ranges

This distribute list filters all EIGRP updates for the LANs, 10.17.32.0 through 10.17.36.64, going to R4 ACL range: 10.17.32.0 through 10.17.39.255





Filtered

21

access-list 3 deny...?

What address or range of addresses do these ACLs deny? Exactly the prefix 10.17.32.0, (does not match any other routes) All prefixes that begin "10.17.32“, 10.17.32.0 – 10.17.32.255. All prefixes in the range 10.17.32.0 – 10.17.35.255. All prefixes in the range 10.16.0.0 – 10.17.255.255

ACL range: 10.17.32.0 through 10.17.39.255

access-list 3 deny 10.17.32.0

access-list 4 deny 10.17.32.0 0.0.0.255

access-list 5 deny 10.17.32.0 0.0.3.255

access-list 6 deny 10.16.0.0 0.1.255.255

22

Verifying - BEFORE Distribute List

Notice the option with the pipe!

R4# show ip route | include 10. 10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks

D 10.0.0.8/30 [90/2681856] via 10.0.0.13, 00:06:28, Ser0/0

C 10.0.0.12/30 is directly connected, Serial0/0

D 10.0.0.0/30 [90/3193856] via 10.0.0.13, 00:06:28, Ser0/0

D 10.0.0.4/30 [90/2681856] via 10.0.0.13, 00:06:28, Ser0/0

D 10.17.35.0/25 [90/2684416] via 10.0.0.13, 00:06:15, Ser0/0

D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Ser0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:05:58, Ser0/0

D 10.17.36.0/26 [90/2172416] via 10.0.0.13, 00:06:28, Ser0/0

D 10.17.36.64/26 [90/2172416] via 10.0.0.13, 00:06:28,Ser0/0

23

Verifying – BEFORE Distribute List

R4# show ip route | include 10.17D 10.17.35.0/25 [90/2684416] via 10.0.0.13, 00:04:16, Ser0/0

D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Ser0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:03:59, Ser0/0

D 10.17.36.0/26 [90/2172416] via 10.0.0.13, 00:04:29, Ser0/0

D 10.17.36.64/26 [90/2172416] via 10.0.0.13, 00:04:29,Ser0/0

24

Distribute List

This distribute list filters all EIGRP updates for the LANs, 10.17.32.0 through 10.17.36.64, going to R4. ACL range: 10.17.32.0 through 10.17.39.255





01:31:34: %DUAL-5-NBRCHANGE: IP-EIGRP 1: Neighbor 10.0.0.14 (Serial0/2) is down: route configuration changed

01:31:38: %DUAL-5-NBRCHANGE: IP-EIGRP 1: Neighbor 10.0.0.14 (Serial0/2) is up: new adjacency

25

Verifying Distribute List - AFTER

Only has serial “10” networks which were not in the range ACL range: 10.17.32.0 through 10.17.36.64 ACL range: 10.17.32.0 through 10.17.39.255

R4# show ip route

172.16.0.0/24 is subnetted, 2 subnets

C 172.16.1.0 is directly connected, FastEthernet0/0



D 10.0.0.8 [90/2681856] via 10.0.0.13, 00:01:26, Serial0/0

C 10.0.0.12 is directly connected, Serial0/0

D 10.0.0.0 [90/3193856] via 10.0.0.13, 00:01:26, Serial0/0

D 10.0.0.4 [90/2681856] via 10.0.0.13, 00:01:26, Serial0/0

26

Verifying Distribute List - AFTER

R4 does not have any of the “10.17” routes. R1 still has all the routes, including the “10.17” routes.

R4# show ip route | include 10.17R4#

R1# show ip route | include 10.17D 10.17.35.0/25 [90/2172416] via 10.0.0.2, 00:25:50, Ser0/0

C 10.17.34.0/24 is directly connected, FastEthernet0/1


D 10.17.36.0/26 [90/2172416] via 10.0.0.6, 00:25:50, Ser0/1

D 10.17.36.64/26 [90/2172416] via 10.0.0.6, 00:25:50,Ser0/1

R1#

27

Distribute Lists and Prefix Lists

Prefix-list uses a distribute-list router subcommand. Another tool for matching routes. Can examine both the prefix (network address) and the prefix length

(subnet mask). Or a range of ether

ACLs matched only the prefix of the route (subnet number), IP prefix lists always examine both the prefix and prefix length.

Distribute List


28

Prefix-list concepts

The route prefix (the subnet number) The prefix length (the subnet mask) Each command has a permit or deny action

Only used for matching routes. Not used for packet filtering. Just implies whether a route is matched (permit) or not (deny).

Sequence numbers are used for the insertion and deletion of individual commands.

ip prefix-list list-name [seq seq-value] {deny | permit prefix/prefix-length}[ge ge-value] [le le-value]

29

Prefix-list Concepts

Prefix-list Logic:

1. The route’s prefix must be within the range of addresses implied by the prefix-list command’s prefix/prefix-length parameters.

2. The route’s prefix length must match the range of prefixes implied by the prefix-list command's prefix-length, ge, and le parameters.

What???


30


Examining the Prefix prefix/prefix-length –

Prefix: Address to be used for matching. Prefix length: How much of the address must match.

10.0.0.0/8 Any number (address) whose first 8 bits (/8) match 10.0.0.0.

Examples coming soon!


31


Examining the Prefix Length Blank: Exact match. ge ge-value: Subnet mask must be at least this length up to /32. le le-value: Subnet mask must be this length or less, but at

least the length of the prefix-length. ge ge-value le le-value: Subnet mask must fall within this

range The ge value must be larger than the configured prefix length in the

base part of the command. ip prefix-list list1 permit 1.0.0.0/8 ge 7 would

be rejected The ge value (7) is less than the configured prefix-length (/8).

Examples coming next!


32

Match the Prefix List with the appropriate routes

10.0.0.0/8 Routes matched: 1 Reason: Without ge or le configured, both the prefix (10.0.0.0) and

length (8) must be an exact match.

1. 10.0.0.0/8

2. 10.128.0.0/9

3. 10.1.1.0/24

4. 10.1.2.0/24

5. 10.128.10.4/30

6. 10.128.10.8/30

33


10.0.0.0/8 ge 9 Routes matched: 2 - 6 Reason: The 10.0.0.0/8 means “all routes whose first octet is 10”.

The prefix length must be between 9 and 32, inclusive.

1. 10.0.0.0/8

2. 10.128.0.0/9

3. 10.1.1.0/24

4. 10.1.2.0/24

5. 10.128.10.4/30

6. 10.128.10.8/30

34


10.0.0.0/8 ge 24 le 24 Routes matched: 3, 4 Reason: The 10.0.0.0/8 means “all routes whose first octet is 10,”

and the prefix range is 24 to 24 — meaning only routes with prefix length 24.

1. 10.0.0.0/8

2. 10.128.0.0/9

3. 10.1.1.0/24

4. 10.1.2.0/24

5. 10.128.10.4/30

6. 10.128.10.8/30

35


10.0.0.0/8 le 28 Routes matched: 1 - 4 Reason: The prefix length needs to be between 8 and 28, inclusive.

1. 10.0.0.0/8

2. 10.128.0.0/9

3. 10.1.1.0/24

4. 10.1.2.0/24

5. 10.128.10.4/30

6. 10.128.10.8/30

36


0.0.0.0/0 Routes matched: none Reason:

0.0.0.0/0 means “match all prefixes”. Because no le nor ge parameter is configured, the /0 also

means that the prefix length must be exactly 0. Only a default route would match this prefix list.

1. 10.0.0.0/8

2. 10.128.0.0/9

3. 10.1.1.0/24

4. 10.1.2.0/24

5. 10.128.10.4/30

6. 10.128.10.8/30

37


0.0.0.0/0 le 32 Routes matched: All Reason:

The range implied by 0.0.0.0/0 is all IPv4 addresses. The le 32 then implies any prefix length between 0 and 32,

inclusive. This is the syntax for “match all” prefix list logic.

1. 10.0.0.0/8

2. 10.128.0.0/9

3. 10.1.1.0/24

4. 10.1.2.0/24

5. 10.128.10.4/30

6. 10.128.10.8/30

38


Using the prefix-list with the distribute list is easy now!

Distribute List


39


Remove the previous distribute list and ACLs if appropriate.

R3(config)# no access-list 2 deny 10.17.32.0 0.0.7.255

R3(config)# no access-list 2 permit any


R3(config-router)# no distribute-list 2 out ser 0/2

40


Objectives - Routes going to R4: Filter only those routes which begin with 10.17.35 with a /25 mask and 10.17.36 with a /26 mask. Filter /30 routes

Filtered

R4# show ip route | include 10.

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks

D 10.0.0.8/30 [90/2681856] via 10.0.0.13, 00:02:34, Serial0/0


D 10.0.0.0/30 [90/3193856] via 10.0.0.13, 00:02:30, Serial0/0

D 10.0.0.4/30 [90/2681856] via 10.0.0.13, 00:02:34, Serial0/0

D 10.17.35.0/25 [90/2684416] via 10.0.0.13, 00:02:31, Serial0/0

D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Serial0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:02:31, Serial0/0

D 10.17.36.0/26 [90/2172416] via 10.0.0.13, 00:02:36, Serial0/0

D 10.17.36.64/26 [90/2172416] via 10.0.0.13, 00:02:36, Serial0/0

BEFORE

Not Filtered

41


Objectives - Routes going to R4: Filter only those routes which begin with 10.17.35 with a /25 mask

and 10.17.36 with a /26 mask. Filter /30 routes


R3(config-router)# distribute-list prefix no-r1-r2-slash30 out Serial0/2

R3(config)# ip prefix-list no-r1-r2-slash30 seq 5 deny 10.17.35.0/24 ge 25 le 25



R3(config)# ip prefix-list no-r1-r2-slash30 seq 20 permit 0.0.0.0/0 le 32

42


Sequence number 5 - Matches 10.17.35.0/25 and 10.17.35.128/25• Matches prefix: 24 bits of 10.17.35 routes. • Matches prefix-lists: exactly /25.




43


Sequence number 10 - Matches routes 10.17.36.0/26 and 10.17.36.64/26.

• Matches prefix: 24 bits of 10.17.36 routes. • Matches prefix-lists: exactly /26.





44


Sequence number 15 - uses wildcard logic (0.0.0.0/0) to match all. • Matches prefix: Match all (0.0.0.0/0). • Matches prefix-lists: exactly /30.






45


Sequence number 20 - uses wildcard logic (0.0.0.0/0) to match all. • Matches prefix: Match all (0.0.0.0/0). • Matches prefix-lists: All prefixes (le 32).






R3(config)# ip prefix-list no-r1-r2-slash30 seq 20 permit 0.0.0.0/0 le 32

46

Verifying Distribute Lists and Prefix Lists

Objectives - Routes going to R4: Filter only those routes which begin with 10.17.35 with a /25 mask and 10.17.36 with a /26 mask. Filter /30 routes

Filtered



D 10.0.0.8/30 [90/2681856] via 10.0.0.13, 00:02:34, Serial0/0


D 10.0.0.0/30 [90/3193856] via 10.0.0.13, 00:02:30, Serial0/0

D 10.0.0.4/30 [90/2681856] via 10.0.0.13, 00:02:34, Serial0/0

D 10.17.35.0/25 [90/2684416] via 10.0.0.13, 00:02:31, Serial0/0

D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Serial0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:02:31, Serial0/0

D 10.17.36.0/26 [90/2172416] via 10.0.0.13, 00:02:36, Serial0/0

D 10.17.36.64/26 [90/2172416] via 10.0.0.13, 00:02:36, Serial0/0

BEFORE

Not Filtered

47

Verifying Distribute List with Prefix List



R4# show ip route






D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Serial0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:08:59, Serial0/0

AFTER

48

Distribute Lists and Route Maps

Route maps are used for various things including: Policy Routing – Sophisticated static routes Route Filtering during redistribution Setting BGP attributes Route Filtering with distribute lists

Similar logic to the If/Then/Else logic seen in programming languages.

Additional features but can be tricky to configure.

Distribute List


49


Seq #5: deny, discard or filter all routes matched by the match command (1st set of criteria)

Seq #10: permit, allow through all routes matched by the match command (2nd set of criteria)

Seq #30: deny, discard or filter all routes matched by the match command (3rd set of criteria)

Seq #35: permit. The absence of a match command means "match all", so allow through all remaining routes


RTZ(config-router)# distribute-list route-map sample-map out

RTZ(config)# route-map sample-map deny 5

RTZ(config-route-map)# match (1st set of criteria)

RTZ(config)# route-map sample-map permit 10

RTZ(config-route-map)# match (2nd set of criteria)


RTZ(config-route-map)# match (3rd set of criteria)


50


Match command references: ACL Prefix List

IMPORTANT: The decision to filter a route or allow the route through is based on the deny or permit in the route-map command, and not the deny or permit in the ACL or prefix list.


RTZ(config-router)# distribute-list route-map sample-map out








51

Route-map with permit Match: Allow route to go through No match: Remain in the list and go to next route-map command

Route-map with deny Match: Filter the route No match: Remain in the list and go to next route-map command

If match command refers to ACL or Prefix List with a: Permit: If there is a match proceed with permit/deny in route-map. Deny: Not necessarily filtered, just doesn’t match and proceed to

next match command. (Less common)








52


Objectives - Routes going to R4: (Same as before) Filter only those routes which begin with 10.17.35 with a /25 mask and 10.17.36 with a /26 mask. Filter /30 routes

Filtered



D 10.0.0.8/30 [90/2681856] via 10.0.0.13, 00:02:34, Serial0/0


D 10.0.0.0/30 [90/3193856] via 10.0.0.13, 00:02:30, Serial0/0

D 10.0.0.4/30 [90/2681856] via 10.0.0.13, 00:02:34, Serial0/0

D 10.17.35.0/25 [90/2684416] via 10.0.0.13, 00:02:31, Serial0/0

D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Serial0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:02:31, Serial0/0

D 10.17.36.0/26 [90/2172416] via 10.0.0.13, 00:02:36, Serial0/0

D 10.17.36.64/26 [90/2172416] via 10.0.0.13, 00:02:36, Serial0/0

BEFORE

Not Filtered

53

Filter (deny) routes that match the prefix-list: 10.17.35.0/25 10.17.36.0/26

Filter (deny) routes that match the prefix-list: All /30 routes. route-map with a permit action and no match command:

Default action is to allow the route to be advertised.

router eigrp 1

distribute-list route-map filter-lan-slash30 out

route-map filter-lan-slash30 deny 8

match ip address prefix-list lans

route-map filter-lan-slash30 deny 15

match ip address prefix-list slash30

route-map filter-lan-slash30 permit 23

ip prefix-list lans seq 5 permit 10.17.35.0/24 ge 25 le 25

ip prefix-list lans seq 10 permit 10.17.36.0/24 ge 26 le 26

ip prefix-list slash30 seq 5 permit 0.0.0.0/0 ge 30 le 30

54

Verifying Distribute List with Route Map



R4# show ip route






D 10.17.34.0/24 [90/2684416] via 10.0.0.13, 00:03:04, Serial0/0

D 10.17.32.0/23 [90/2684416] via 10.0.0.13, 00:08:59, Serial0/0

AFTER

EIGRP Summarization and Default Routes

A CCNA Review

56

For the rest of this presentation

Using information from the book: Routing Protocols

and Concepts By Rick Graziani

and Allan Johnson ISBN: 1-58713-

206-0 ISBN-13: 978-

58713-206-3 A great gift for a loved

one!

57

Summarization

Benefits: Smaller routing tables Reduces Query scope:

EIGRP Query stops at a router which has a summary route that includes the subnet listed in the Query, but not the specific route listed in the Query

EIGRP supports summarization on any router in the network Trade-offs:

Can cause suboptimal routing Packets destined for inaccessible destinations will flow to the

summarizing router before being discarded

Note: If a packet matches two routes in the routing table, the best match will be the route with the longest-bit-match, the route with the longer prefix-length (subnet mask).

58

EIGRP Summarization – Odds and Ends An EIGRP router can summarize routes.

OSPF: Summarization can only take place on the ABRs and ASBRs.

The summary route's metric is based on the lowest metric route upon which the summary route is based. The summary route will us a metric equal to the metric of the

lowest metric subordinate route.

Manual summarization creates a Null0 summary on the router doing the summarization.

R3(config)# interface serial 0/0/1

R3(config-if)# ip summary-address eigrp 1 192.168.0.0 255.255.252.0

R3# show ip route

<output omitted>

D 192.168.0.0/22 is a summary, 00:00:06, Null0

Creates a Null0 summary route

59

The Null0 Summary Route

EIGRP automatically includes a Null0 summary route as a child route whenever both of the following conditions exist: There is at least one subnet that was learned via EIGRP. Automatic summarization is enabled. (By default with EIGRP)

What if R1 received a packet: 172.16.4.10 It would be discarded – never looking for a supernet or default route Regardless of ip classless or no ip classless command

R1# show ip route



C 192.168.10.4/30 is directly connected, Serial0/0/1

D 192.168.10.8/30 [90/3523840] via 192.168.10.6, 00:44:56, S0/0/1




D 172.16.2.0/24 [90/40514560] via 172.16.3.2, 00:45:09, S0/0/0


D 192.168.1.0/24 [90/2172416] via 192.168.10.6, 00:44:55, Serial0/0/1

60

Disabling Automatic Summarization

Like RIP, EIGRP automatically summarizes at major network boundaries using the default auto-summary command.

R3# show ip route





D 172.16.0.0/16 [90/2172416] via 192.168.10.5, 01:08:30, Serial0/0/0


172.16.0.0/16

61


Both R1 and R2 automatically summarizing. R1 is the successor because of the difference in bandwidth.

R3# show ip route





D 172.16.0.0/16 [90/2172416] via 192.168.10.5, 01:08:30, Serial0/0/0


172.16.0.0/16

172.16.0.0/16

62


Is this the best route for all 172.16.0.0 subnets? No, suboptimal routing may occur. R3 will route all packets destined for 172.16.2.0 through R1.

Solution? Need R1 and R2 to send individual subnets. R1 and R2 must stop automatically summarizing 172.16.0.0/16.

R3# show ip route

<output omitted>

D 172.16.0.0/16 [90/2172416] via 192.168.10.5, 01:08:30, Serial0/0/0

172.16.0.0/16

63


Automatic summarization can be disabled with the no auto-summary. The router configuration command eigrp log-neighborchanges is on by

default on some IOS implementations. .


R1(config-router)# no auto-summary

%DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.3.2 (Serial0/0/0) is resync: summary configured

%DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.3.2 (Serial0/0/0) is down: peer restarted

%DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 172.16.3.2 (Serial0/0/0) is up: new adjacency

<output omitted>





64

R1 no more Null0 summary routes:


D 172.16.0.0/16 is a summary, 00:46:10, Null0 What does this mean?

This mean any packets for their parent networks that do not match a child route, the routing table will check supernet and default routes.

Unless no ip classess is used

R1# show ip route


C 192.168.10.4 is directly connected, Serial0/0/1

D 192.168.10.8 [90/3523840] via 192.168.10.6, 00:16:55, S0/0/1



D 172.16.2.0/24 [90/3526400] via 192.168.10.6, 00:16:53, S0/0/1


D 192.168.1.0/24 [90/2172416] via 192.168.10.6, 00:16:52, Serial0/0/1


65

R2 no more Null0 summary routes :



R2# show ip route


D 192.168.10.4 [90/3523840] via 192.168.10.10, 00:15:44, S0/0/1



D 172.16.1.0/24 [90/3526400] via 192.168.10.10, 00:15:44, S0/0/1




C 10.1.1.0 is directly connected, Loopback1

D 192.168.1.0/24 [90/3014400] via 192.168.10.10, 00:15:44, S0/0/1


66

Why does R3’s routing table now have two equal-cost paths to 172.16.3.0/24? Shouldn’t the best path only be through R1 with the 1544-Mbps link?

R3# show ip route





D 172.16.1.0/24 [90/2172416] via 192.168.10.5, 00:00:11, S0/0/0

D 172.16.2.0/24 [90/3014400] via 192.168.10.9, 00:00:12, S0/0/1

D 172.16.3.0/30 [90/41024000] via 192.168.10.5, 00:00:12, S0/0/0

[90/41024000] via 192.168.10.9, 00:00:12, S0/0/1


172.16.0.0/16

172.16.0.0/16

67


The slowest link is the 64-Kbps link

R3# show ip route

<output omitted>

D 172.16.3.0/30 [90/41024000] via 192.168.10.5, 00:00:12, S0/0/0

[90/41024000] via 192.168.10.9, 00:00:12, S0/0/1

172.16.0.0/16

172.16.0.0/16

68

Manual Summarization

EIGRP can be configured to summarize routes, whether or not automatic summarization (auto-summary) is enabled.

Modified topology.

69


Add two more networks to R3. Configure EIGRP network statements.

R3(config)# interface loopback 2

R3(config-if)# ip address 192.168.2.1 255.255.255.0

R3(config-if)# interface loopback 3

R3(config-if)# ip address 192.168.3.1 255.255.255.0

R3(config-if)# router eigrp 1

R3(config-router)# network 192.168.2.0

R3(config-router)# network 192.168.3.0

70


Instead of sending three separate networks, R3 can summarize the 192.168.1.0/24, 192.168.2.0/24, and 192.168.3.0/24 networks as a single route.

R1# show ip route

D 192.168.1.0/24 [90/2172416] via 192.168.10.6, 02:07:38, S0/0/1

D 192.168.2.0/24 [90/2297856] via 192.168.10.6, 00:00:34, S0/0/1

D 192.168.3.0/24 [90/2297856] via 192.168.10.6, 00:00:18, S0/0/1

R2# show ip route

D 192.168.1.0/24 [90/3014400] via 192.168.10.10, 02:08:50, S0/0/1

D 192.168.2.0/24 [90/3139840] via 192.168.10.10, 00:01:46, S0/0/1

D 192.168.3.0/24 [90/3139840] via 192.168.10.10, 00:01:30, S0/0/1

Only pertinent routes shown

192.168.1.0/24, 192.168.2.0/24,

192.168.3.0/24 192.168.1.0/24, 192.168.2.0/24,

192.168.3.0/24

71

Determining the Summary EIGRP Route

1. Write out the networks that you want to summarize in binary.2. Find the matching bits.

Count the number of leftmost matching bits, which in this example is 22. This number becomes your subnet mask for the summarized route: /22

or 255.255.252.0.3. To find the network address for summarization, copy the matching 22 bits

and add all 0 bits to the end to make 32 bits.

The result is the summary network address and mask for 192.168.0.0/22

72

Configure EIGRP Manual Summarization

Because R3 has two EIGRP neighbors, the EIGRP manual summarization in configured on both Serial 0/0/0 and Serial 0/0/1.

Router(config-if)# ip summary-address eigrp as-number network-address subnet-mask





192.168.0.0/22

192.168.0.0/22

R3# show ip route

<output omitted>


Creates a Null0 summary route

73

Verify EIGRP Manual Summarization

Fewer number of total routes in routing tables Faster routing table lookup process more efficient.

Summary routes also require less bandwidth Single route can be sent rather than multiple individual routes.

R1# show ip route

<output omitted>

D 192.168.0.0/22 [90/2172416] via 192.168.10.6, 00:01:11, Serial0/0/1

R2# show ip route

<output omitted>

D 192.168.0.0/22 [90/3014400] via 192.168.10.10, 00:00:23, Serial0/0/1

192.168.0.0/22

192.168.0.0/22

74

EIGRP Default Route

R2(config)# ip route 0.0.0.0 0.0.0.0 loopback 1


R2(config-router)# redistribute static

The ISP router in our topology does not physically exist. By using a loopback interface, we can simulate a connection to another router.

Default RouteRedistribute default static route in EIGRP updates

75

EIGRP Default Route

R1# show ip route

Gateway of last resort is 192.168.10.6 to network 0.0.0.0

D*EX 0.0.0.0/0 [170/3651840] via 192.168.10.6, 00:02:14, S0/0/1

R2# show ip route


S* 0.0.0.0/0 is directly connected, Loopback1

R3# show ip route


D*EX 0.0.0.0/0 [170/3139840] via 192.168.10.9, 00:01:25, S0/0/1

Only static default route shown, other output omitted.


76

EIGRP Default Route

R1# show ip route


D*EX 0.0.0.0/0 [170/3651840] via 192.168.10.6, 00:02:14, S0/0/1

Only static default route shown, other output omitted.

D: This static route was learned from an EIGRP routing update. *: The route is a candidate for a default route. EX: The route is an external EIGRP route, in this case a static route outside

of the EIGRP routing domain. 170: This is the AD of an external EIGRP route.


77

EIGRP Default Route

There is another method to propagate a default route in EIGRP, using the ip default-network command.

More information on this command can be found at this site: http://www.cisco.com/en/US/tech/tk365/

technologies_tech_note09186a0080094374.shtml.


CIS 185 Advanced Routing ProtocolsEIGRP Part 2

Rick Graziani

Cabrillo College

[email protected]

Last Updated: Fall 2009

cis185 bsci-lecture3-eigrp-part2

Documents

list accesslist

list router subcommand

list outbound serial

router eigrp 1r3configrouter

acl prefix list route

eigrp route filtering10

different serial router

incoming update filter