eigrpcosy.univ-reims.fr/~lsteffenel/cours/fc/bsci2.pdfeigrp metrics values displayed in show...

EIGRP

• “Enhanced” Interior Gateway Routing Protocol

• Cisco proprietary, released in 1994

• EIGRP is an advanced distanceadvanced distance--vectorvector routing protocol that relies on g pfeatures commonly associated with link-state protocols. (sometimes called a hybrid routing protocolhybrid routing protocol).

2

Metric Calculation

– k1 for bandwidth

EIGRP

– k2 for load– k3 for delay– k4 and k5 for Reliability

3

EIGRPRouter(config-router)# metric

weights tos k1 k2 k3 k4 k5bandwidth is in kbps

Displaying Interface Values

Router> show interface s0/0Serial0/0 is up, line protocol is upHardware is QUICC SerialDescription: Out to VERIOInternet address is 207.21.113.186/30

Bandwidth Delay

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,rely 255/255, load 246/255

Encapsulation PPP, loopback not setKeepalive set (10 sec)

<output omitted> Reliability Load

shows reliability as a fraction of 255, for example (higher is better):

rely 190/255 (or 74% reliability)rely 234/255 (or 92% reliability)

shows load as a fraction of 255, for example (lower is better):

load 10/255 (or 3% loaded link)l d 40/255 ( 16% l d d li k)

4

rely 234/255 (or 92% reliability)rely 255/255 (or 100% reliability)

load 40/255 (or 16% loaded link)load 255/255 (or 100% loaded link)


Router> show interface s0/0Serial0/0 is up, line protocol is upHardware is QUICC SerialDescription: Out to VERIOInternet address is 207.21.113.186/30

Bandwidth Delay

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,rely 255/255, load 246/255

Encapsulation PPP, loopback not setKeepalive set (10 sec)

<output omitted> Reliability Load

Routing Table Metric• Default: Slowest of bandwidth plus the sum of the delays of

all outgoing interfaces from “this router” to the destination

5

all outgoing interfaces from this router to the destination network.

EIGRP MetricsValues displayed in show interface

Media

Bandwidth K= kilobits

BWEIGRP

10,000,000/Bandwidth

Delay

DLYEIGRP Delay/10

*256

commands and sent in routing updates.

10,000,000/Bandwidth

*256 y

*256

100M ATM 100,000K 25,600 100 μS 2,560Fast Ethernet 100,000K 25,600 100 μS 2,560FDDI 100 000K 25 600 2 560FDDI 100,000K 25,600 100 μS 2,560HSSI 45,045K 56,832 20,000 μS 512,00016M Token Ring 16,000K 160,000 630 μS 16,128Ethernet 10,000K 256 000 1 000 μS 25 600Ethernet 10,000K 256,000 1,000 μS 25,600T1 (Serial Default)

1,544K 1,657,856 20,000 μS 512,000

512K 512K 4,999,936 20,000 μS 512,000S0 64 40 000 000 12 000DS0 64K 40,000,000 20,000 μS 512,000

56K 56K 45,714,176 20,000 μS 512,000 BWEIGRP and DLYEIGRP display values as sent in EIGRP updates and used in

6

BWEIGRP and DLYEIGRP display values as sent in EIGRP updates and used in calculating the EIGRP metric. Calculated values (cumulative) displayed in

routing table (show ip route).

SanJose2#show ip routeSanJose2#show ip routeD 192.168.72.0/24 [90/2172416]

via 192.168.64.6, 00:28:26, Serial0

A Closer Look at the Routing Table Metrics

7

The Routing Table

How does SanJose2 calculate the cost for this route?

Administrative Distance / MetricSanJose2#show ip route/ /

8

D 192.168.72.0/24 [90/2172416] via 192.168.64.6, 00:28:26, Serial0


Westasman> show interface fa0/0Ethernet0 is up, line protocol is up Hardware is Lance, address is 0010.7b3a.cf84 (bia 0010.7b3a.cf84)MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

rely 255/255, load 1/255<output omitted><output omitted>

SanJose2> show interface s0/0Serial0/0 is up, line protocol is upHardware is QUICC SerialDescription: Out to WestasmanInternet address is 192.168.64.5/30MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

rely 255/255, load 246/255<output omitted>

9

Bandwidth = (10,000,000/bandwidth kbps) * 256Determining the costs

Fa0/0 192.168.72.1/24

Delay = 2,560FastEthernet

= (10,000,000/100,000) * 256

S0/0 192.168.64.2/30 S0/1 192.168.64.6/30Westasman

Bandwidth = 25,600

( , , , )

= 25,600

Delay = 512,000

T1

= (10,000,000/1544) * 256

= 1,657,856S0/0 192.168.64.1/30 S0/0 192.168.64.5/30

Fa0/0 192.168.1.2/24

SanJose1 S J 2

Bandwidth = 1,657,856

1,657,856

Fa0/0 192.168.1.1/24

SanJose1 SanJose2

10

EIGRP AS 100

Delay = (delay/10) * 256Determining the costs

Fa0/0 192.168.72.1/24

Delay = 2,560FastEthernet

= (100/10) * 256

S0/0 192.168.64.2/30 S0/1 192.168.64.6/30Westasman

Bandwidth = 25,600

( )

= 2,560

Delay = 512,000

T1

= (20,000/10) * 256

= 512,000S0/0 192.168.64.1/30 S0/0 192.168.64.5/30

Fa0/0 192.168.1.2/24

SanJose1 S J 2

Bandwidth = 1,657,856

512,000

Fa0/0 192.168.1.1/24

SanJose1 SanJose2

11

EIGRP AS 100

The Routing Table

Administrative Distance / MetricSanJose2#show ip route/ /

12

D 192.168.72.0/24 [90/2172416] via 192.168.64.6, 00:28:26, Serial0

The Routing Table

NET 100.1.1.1NET 150.1.1.1

NET 100.6.6.6NET 150.6.6.6N 50.6.6.6

The Routing Table

NET 100.6.6.6NET 150.6.6.6

NET 100.1.1.1NET 150.1.1.1NET 150.1.1.1

EIGRP and IGRP compatibility

• Automatic redistribution occurs when the same AS number is used for EIGRP and IGRP.

17

• EIGRP scales the IGRP metric by a factor of 256.• IGRP reduces the metric by a factor of 256.

EIGRP and IGRP compatibility

External

10,476 = 6,476(BW)+2,000(DLY)+2,000(DLY)

External

• EIGRP will tag routes learned from IGRP, or any outside source, as e ternal beca se the did not originate from EIGRP ro ters

, , ( ) , ( ) , ( )IGRP Metrics! (Does not multiply by 256.

18

external because they did not originate from EIGRP routers. • IGRP cannot differentiate between internal and external routes.

Features of EIGRP

• Classless Routing Protocol (VLSM, CIDR)• Faster convergence times and improved scalability• Multiprotocol support: TCP/IP, IPX/SPX, Appletalk

– There is no IPX/SPX or Appletalk in CCNA or CCNP• Rapid Convergence and Better handling of routing loops – (DUAL) (coming)• Efficient Use of Bandwidth

– Partial, bounded updates: Incremental updates only to the routers that need them. – Minimal bandwidth consumption: Uses Hello packets and EIGRP packets by default use no more that 50% of link’s bandwidth EIGRP packets.

• PDM (Protocol Dependent Module)– Keeps EIGRP is modular– Different PDMs can be added to EIGRP as new routed protocols are enhanced or developed: IPv4, IPv6, IPX, and AppleTalk

19

• Unequal-cost load balancing same as IGRP (unlike OSPF)

EIGRP Terminology • N i hb t bl E h EIGRP t i t i i hb t bl th t• Neighbor table – Each EIGRP router maintains a neighbor table that

lists adjacent routers. This table is comparable to the adjacency database used by OSPF.

• Topology table – Every EIGRP router maintains a topology table for each configured network protocol. This table includes route entries for all destinations that the router has learned.

• Routing table – EIGRP chooses the best routes to a destination from the topology table and places these routes in the routing table.

• Successor – A successor is a neighbor selected as the primary route to use to reach a destination. Successors are the entries kept in the

ti t blrouting table.

• Feasible successor – A feasible successor is a backup route. These neighbors are selected at the same time the successors are identified

20

neighbors are selected at the same time the successors are identified, but are kept in the topology table.

Neighbor Table

• Each EIGRP router maintains a neighbor table that lists adjacent routers.

• Th i i hb t bl f h t l th t EIGRP t• There is a neighbor table for each protocol that EIGRP supports• Whenever a new neighbor is discovered, the address of that neighbor

and the interface used to reach it are recorded in a new neighbor table tentry.

RouterC#show ip eigrp neighbors# p g p gIP-EIGRP neighbors for process 44H Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num(sec) ( s) C t u0 192.168.0.1 Se0 11 00:03:09 1138 5000 0 61 192.168.1.2 Et0 12 00:34:46 4 200 0 4

21

Neighbor Table

RouterC#show ip eigrp neighborsIP-EIGRP neighbors for process 44H Address Interface Hold Uptime SRTT RTO Q SeqH Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num0 192.168.0.1 Se0 11 00:03:09 1138 5000 0 61 192.168.1.2 Et0 12 00:34:46 4 200 0 4

• Neighbor address The network-layer address of the neighbor router(s).

• Hold Time The interval to wait without receiving anything from a fneighbor before considering the link unavailable.

• Originally, the expected packet was a hello packet, but in current Cisco IOS software releases, any EIGRP packets received after the first hello will reset the timer

22

the first hello will reset the timer.

Neighbor Table

RouterC#show ip eigrp neighborsIP-EIGRP neighbors for process 44H Address Interface Hold Uptime SRTT RTO Q SeqH Address Interface Hold Uptime SRTT RTO Q Seq

(sec) (ms) Cnt Num0 192.168.0.1 Se0 11 00:03:09 1138 5000 0 61 192.168.1.2 Et0 12 00:34:46 4 200 0 4

• Smooth Round Trip Timer (SRTT) The average time it takes to send and receive packets from a neighborand receive packets from a neighbor. • This timer is used to determine the retransmit interval (RTO)

• Queue count The number of packets waiting in queue to be sent If• Queue count The number of packets waiting in queue to be sent. If this value is constantly higher than zero, then there may be a congestion problem at the router (think about QoS). A zero means that there are no EIGRP packets in the queue

23

there are no EIGRP packets in the queue.

Topology Table

• Topology table– Each EIGRP router maintains a topology table for each configured

network protocolnetwork protocol. – This table includes route entries for all destinations that the router has

learned.

• EIGRP uses its topology table to store all the information it needs to calculate a set of distances and vectors to all reachable destinations.

RouterB#show ip eigrp topologyIP-EIGRP Topology Table for process 44Codes: P - Passive, A - Active, U - Update, Q - Query, R -

Reply, r - Reply statusP 206.202.17.0/24, 1 successors, FD is 2195456

via 206.202.16.1 (2195456/2169856), Ethernet0P 206 202 18 0/24 2 successors FD is 2198016

24

P 206.202.18.0/24, 2 successors, FD is 2198016via 192.168.0.2 (2198016/284160), Serial0via 206.202.16.1 (2198016/2172416), Ethernet0

Topology Table

• EIGRP classifies routes as either internal or external. • EIGRP uses a process called route tagging to add special tags to each route. • These tags identify a route as internal or external and may include other• These tags identify a route as internal or external, and may include other

information as well.

All external routes are included in the topology table, and are tagged with the p gy , ggfollowing information:

• The identification number (router ID) of the EIGRP router that redistributed the route into the EIGRP network

• The AS number of the destination• The AS number of the destination• The protocol used in that external network• The cost or metric received from that external protocol• The configurable administrator tagThe configurable administrator tag

25

Topology Table

RTX#sh ip eigrp top 204.100.50.0IP-EIGRP topology entry for 204.100.50.0/24State is Passive Query origin flag is 1 1 Successor(s) FDState is Passive, Query origin flag is 1, 1 Successor(s), FD is 2297856Routing Descriptor Blocks:10.1.0.1 (Serial0), from 10.1.0.1, Send flag is 0x0

i i i (2297856/128256) i l

FD/RD

Composite metric is (2297856/128256), Route is ExternalVector metric:Minimum bandwidth is 1544 KbitTotal delay is 25000 microsecondsReliability is 255/255Load is 1/255Minimum MTU is 1500Hop count is 1Hop count is 1

External data:Originating router is 192.168.1.1AS number of route is 0

26

External protocol is Connected, external metric is 0Administrator tag is 0 (0x00000000)

IP Routing Table

• EIGRP chooses the best (that is, successor) routes to a destination from the topology table and places these routes in the routing table.

• E h EIGRP t i t i t l t bl f h t k t l• Each EIGRP router maintains a topology table for each network protocol.• EIGRP displays both internal EIGRP routes and external EIGRP routes.

RouterB#show ip routeRouterB#show ip routeCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaE1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default U - per-user static routeGateway of last resort is not setC 10 1 1 0 is directly connected Serial0C 10.1.1.0 is directly connected, Serial0D 172.16.0.0 [90/2681856] via 10.1.1.0, Serial0D EX 192.168.1.0 [170/2681856] via 10.1.1.1, 00:00:04, Serial0

27

Topology Table

Feasible Distance/Reported Distance

SanJose2#show ip eigrp top all-links

p

Sa Jose #s o p e g p top a sIP-EIGRP Topology Table for AS(100)/ID(192.168.64.5)Codes: P - Passive, A - Active, U - Update, Q - Query, R

- Reply r - Reply statusReply,r Reply status

P 192.168.72.0/24, 1 successors, FD is 2172416, Feasible distance

via 192.168.64.6 (2172416/28160), Serial0via 192.168.1.1 (2174976/2172416), FastEthernet0

successorfeasible

successorFeasible distance if this router was the successor Includes the 2 560

28

Feasible distance if this router was the successor. Includes the 2,560 delay cost of additional Fast Ethernet link.

EIGRP Technologies

Four key technologies set EIGRP apart from IGRP

29

Establishing Adjacencies with Neighbors

• EIGRP routers establish adjacencies with neighbor routers by using small hello packets.p

• Hellos are sent every 5 seconds by default for T1 or 60 seconds for slower links.

• K values must be the same between neighbors.

• Hold time tells the router how long it should consider the neighbor alive if it has not received any EIGRP packets (Hello, EIGRP updates, etc.)

• Hold time is normally three times the configured Hello interval.

• Both the Hello and Hold time intervals are configurable on a per interface basis, and do not have to match neighbor.

30

Reliable Transport Protocol

• EIGRP is protocol independent; that is it doesn’t rely on TCP/IP to• EIGRP is protocol-independent; that is, it doesn t rely on TCP/IP to exchange routing information the way RIP, IGRP, and OSPF do.

• To stay independent of IP, EIGRP uses the transport-layer protocol to guarantee delivery of routing information: RTP (Reliable Transport Protocol)guarantee delivery of routing information: RTP (Reliable Transport Protocol) queries, updates and replies.

• Initial delivery of EIGRP messages are done using multicast packets, that is data is sent to all neighbors on a segment and every neighbor is expected todata is sent to all neighbors on a segment, and every neighbor is expected to acknowledge it with a unicast Hello packet.

31

DUAL FSM

• The centerpiece of EIGRP is DUAL, the EIGRP route-e ce te p ece o G s U , t e G outecalculation engine.

– The full name of this technology is DUAL (Diffusing UpdateThe full name of this technology is DUAL (Diffusing Update Algorithm) finite state machine (FSM).

– This engine contains all the logic used to calculate and compare routes in an EIGRP networkcompare routes in an EIGRP network.

32

Protocol-Dependent Modules (PDMs)

• EIGRP is modular• Different PDMs can be added to EIGRP as new routed protocols are

enhanced or developed:– IPv4, IPv6, IPX, and AppleTalk

Each PDM is responsible for all functions related to its specific routed protocol.

• The IP-EIGRP module is responsible for the following:The IP EIGRP module is responsible for the following:– Sending and receiving EIGRP packets that bear IP data– Notifying DUAL of new IP routing information that is received

M i t i i th lt f DUAL’ ti d i i i th IP– Maintaining the results of DUAL’s routing decisions in the IP routing table

– Redistributing routing information that was learned by other IP-bl ti t l

33

capable routing protocols

EIGRP Terminology and Operations

• EIGRP routers keep route and topology information readily available in RAM so that they can react quickly to changes.

• Like OSPF, EIGRP keeps this information in several tables, or databases.

– Neighbor table– Topology tablep gy– Routing table– Successor

Feasible Successor– Feasible Successor

• We will first have an overview of all of the terminology and then see ho it orks and hat it all means!

34

how it works and what it all means!

EIGRP Terminology and Operations

• DUAL selects alternate routes quickly by using the information in the EIGRP tables.

• If a link goes down DUAL looks for a feasible successor in itsIf a link goes down, DUAL looks for a feasible successor in its neighbor and topology tables.

• Successor – Current RouteSuccessor Current Route– A successor is a neighbor selected as the primary route

to use to reach a destination. S th t i k t i th ti t bl– Successors are the entries kept in the routing table.

• Feasible Successor - A backup route– A feasible successor is a backup route. – These neighbors are selected at the same time the

successors are identified, but they are kept in the

35

successors are identified, but they are kept in the topology table.

Successors and Feasible Successors

36


37


38


Feasible distance (FD) is the minimum distance (metric) along a path to a destination network.

Reported distance (RD) is the distance (metric) towards a destination as advertised by an upstream neighbor. Reported distance is the distance reported in the queries, the replies and the updates.q p p

A neighbor meets the feasible condition(FC) if the reported distance by the neighbor is smaller than or equal to the current feasible distance (FD) of this router.

A feasible successor is a neighbor whose reported distance (RD) is less than or l t th t f ibl di t (FD) F ibl i h tequal to the current feasible distance (FD). Feasible successor is one who meets

the feasible condition (FC).

39


Feasible Successor, FC: RD30 < FD31

172.30.1.0

FD to 172.30.1.0 is 31 via Router Y

Current Successor = 31 RD of RTY= 21

RTZ is NOT Feasible Successor, FC: RD220 not< FD31

Advertised or Destination Feasible Dist. Reported. Dist. Neighbor172.30.1.0 40 30 X In Topology Table

RD220 not< FD31

40

172.30.1.0 40 30 X In Topology Table172.30.1.0 31 21 Y In Routing Table172.30.1.0 230 220 Z Not in Topology Table

EIGRP Hello Packet

• Used to discover, verify, and rediscover neighbor routers. • EIGRP routers send hellos at a fixed (and configurable) interval, called

the hello interval.

• The default hello interval depends on the bandwidth of the interface. p• Hello interval 5 seconds, hold time 15 seconds for T1 and faster• Hello interval 60 seconds, hold time 180 seconds for slower than T1

• On IP networks, EIGRP hello packets are multicast, 224.0.0.10• If a neighbor is not heard from for the duration of the hold time (three

ti h ll i t l) EIGRP id th t i hb d d DUALtimes hello interval), EIGRP considers that neighbor down, and DUAL must step in to reevaluate the routing table.

–By default, the hold time is three times the hello interval, but an d i i t t fi b th ti d i d

41

administrator can configure both timers as desired.

Update Packet

• Update packets are used when a router discovers a new neighbor.–An EIGRP sends unicast update packets to that new neighbor so–An EIGRP sends unicast update packets to that new neighbor so that it can add to its topology table.

• EIGRP updates are only sent when:• EIGRP updates are only sent when:-A network is added or removed from the topology database-The successor for a given network changes-The locally used metric is updated.

42

Query and Reply Packets

• EIGRP routers use query packets whenever it needs specific information from one, or all, of its neighbors.from one, or all, of its neighbors. – A reply packet is used to respond to a query.

• If an EIGRP router loses its successor and cannot find a feasible• If an EIGRP router loses its successor and cannot find a feasible successor for a route, DUAL places the route in the active state. – The router multicasts a query to all neighbors, searching for a

successor to the destination networksuccessor to the destination network. – Neighbors must send replies that either provide information on

successors, or indicate that no successor information is available.

• Queries can be multicast or unicast, while replies are always unicast.

43

Stuck in Active (SIA)

Router

Router C

Router XXZXXRouter

RepliesReplies

Router BQueriesQueries XX

Router

Router D

Router F

XXRouter

A XX E

Ro ter

FRouter G

Ro ter

XX Router H

Router I

Router J

Router KXX H

Router L

K

Router M

Router

44

Router N

Fixing (SIA)

• Depending on the cause, you may have to restrict the “query range” of EIGRP routers.– You may have to redesign parts of the network

• Although not recommended, you can also increase the amount of time the router will wait after sending a query out before declaring the route g q y gstuck in active.

• This can be changed using the command: timers active-time time in minutestimers active time time in minutes

45

Configuring EIGRPIt’s very easy ☺It’s very easy ☺

Configuring EIGRP for IP networks

Router(config)#router eigrp autonomous-system-number

• This value must match all routers within the internetwork.

Router(config-router)#network network-number

• The network command configures only connected networks.The network command configures only connected networks.

Router(config-router)#eigrp log-neighbor-changes

Thi d bl th l i f i hb dj h t• This command enables the logging of neighbor adjacency changes to monitor the stability of the routing system and to help detect problems.

Router(config-if)#bandwidth kilobits

• When configuring serial links using EIGRP it is important to configure the bandwidth setting on the interface. If the bandwidth setting is not

47

changed for these interfaces EIGRP assumes the default bandwidth on the link instead of the true bandwidth.

EIGRP and the bandwidth command

48

The bandwidth-percent command

• The bandwidth-percent command configures the percentage of bandwidth that may be used by EIGRP on an interface.

• By default, EIGRP is set to use only up to 50% of the bandwidth of an interface to exchange routing information.

• The bandwidth value may be artificially low for a variety of reasons, such as to manipulate the routing metric, or to accommodate an oversubscribed multipoint Frame Relay configuration

49

oversubscribed multipoint Frame Relay configuration.

Summarizing EIGRP Routes: no auto-summaryno auto-summary

• EIGRP automatically summarizes routes at the classful boundary, the boundary where the network address ends as defined by class-based addressingas defined by class based addressing.

50

Summarizing EIGRP Routes: no auto-summaryno auto summary

• In the presence of discontiguous subnetworks, automatic summarization must be disabled for routing to work properly. T ff i i h f ll i d

51

• To turn off auto-summarization, use the following command: Router(config-router)#no auto-summary

Summarizing EIGRP Routes: Interface SummarizationSummarization

Router(config-if)#ip summary-address eigrp autonomous-system-number ip-address mask administrative-distance

RTC(config)#router eigrp 2446RTC(config-router)#no auto-summaryRTC(config-router)#exit

RTC(config)#interface serial0/0RTC(config-if)#ip summary-address eigrp 2446 2.1.0.0 255.255.0.0

52

EIGRP variance command

Optional Interface Command:RTA(config-router)# variance number( g )

IGRP and EIGRP also support unequal cost path load balancing, which is known as variance.

The variance command instructs the router to include routes with a metric less than or equal to n times the minimum metricwith a metric less than or equal to n times the minimum metric route for that destination, where n is the number specified by the variance command.

53

EIGRP variance command

router eigrp 1

network x.x.x.x

variance 2

variance 2• This increases the minimum metric to 40 (2 * 20 = 40).

variance 2

• EIGRP includes all the routes that have a metric less than or equal to 40, and are feasible successors.

54

EIGRP and Default Routes

There are three ways to inject a default route into EIGRP:

• Redistribute a static route• IP default-network• Summarize to 0.0.0.0/0

55


Redistribute a static route

• This method is effective for advertising connections to the Internet, but will redistribute all static routes into EIGRP.

• For example:• For example:

Gateway Routerip route 0 0 0 0 0 0 0 0 x x x x (next hop)ip route 0.0.0.0 0.0.0.0 x.x.x.x (next hop) ! router eigrp 100 redistribute staticredistribute static<text omitted>

56


Ip default-network• Propagates a default route to other routers, but needs to have a p g ,

route or default route out once the packets arrive.

Gateway RouterGateway Routerrouter eigrp 24

<text omitted>network 207.21.20.0

ip route 0.0.0.0 0.0.0.0 207.21.20.1ip default-network 207.21.20.0p

57


Summarize to 0.0.0.0/0• Summarizing to a default route is effective only when you want g y y

to provide remote sites with a default route.

router eigrp 100 g pnetwork 10.0.0.0 ! interface serial 0 ip address 10.1.1.1 ip summary-address eigrp 100 0.0.0.0 0.0.0.0

58

Factors That Influence EIGRP Scalability

• Quantity of routing information exchanged between peers: without proper route summarization, this can be excessive.

• Number of routers that must be involved when a topology change occurs.

• Depth of topology: the number of hops that i f ti t t l t h ll tinformation must travel to reach all routers.

• Number of alternate paths through the networkNumber of alternate paths through the network.

Updates and Queries in Hub-and-Spoke Topologyp gy

EIGRP Stub

• The EIGRP Stub Routing featureImproves network stability– Improves network stability

– Reduces resource utilization and– Simplifies remote router (spoke) configuration

• Stub routing is commonly used in hub-and-spoke topology

• Stub router sends a special peer information packet to all neighboring routers to• Stub router sends a special peer information packet to all neighboring routers toreport its status as a stub router

• Any neighbor that receives a packet informing it of the stub status does notAny neighbor that receives a packet informing it of the stub status does notquery the stub router for any routes

Stub Review

• If A l it ti 4• If A loses its connection to 10.1.1.0/24, it must build and transmit five

BA

10.1

.1.0

/24

queries: one query to each remote, and one query to Bquery to B

• Each of the remote sites will also build a query towards B

• B receives five queries hi h it twhich it must process

and answer

Stub Review

• If these spokes are 4• If these spokes are remotes sites, they typically have two

ti f

BA

10.1

.1.0

/24

connections for redundancy, not so they can transit traffic between A d BA and B

• A should never use the spokes as a path to p panything reachable through B, so there’s no reason to learn about, or These Are Not

Designed to Transit,query for, routes through these spokes

Designed to Transit Traffic

Stub Review

4

To signal A and B that the paths through the spokes should not be

BA

10.1

.1.0

/24through the spokes should not be

used for transit traffic, the spoke routers can be configured as stubs

router#config t#router(config)#router eigrp 100router(config-router)#eigrp stubrouter(config-router)#

Configuring EIGRP Stub

Router(config-router)#

• receive-only: Prevents the stub from sending any

eigrp stub [receive-only|connected|static|summary]

y g ytype of route.

• connected: Permits stub to send connected routes ( till d t di t ib t )(may still need to redistribute).

• static: Permits stub to send static routes (must still redistribute).redistribute).

• summary: Permits stub to send summary routes.• Default is connected and summary.

Example: EIGRP stub Parameters

• If stub connected is configured:

B ill d ti– B will advertise 10.1.2.0/24 to A.

– B will not advertise 10 1 2 0/2310.1.2.0/23, 10.1.3.0/23, or 10.1.4.0/24.

If i• If stub summary is configured:– B will advertise

10.1.2.0/23 to A.– B will not advertise

10.1.2.0/24, ,10.1.3.0/24, or 10.1.4.0/24.

Example: EIGRP stub Parameters (Cont.) • If stub static is configured:

– B will advertise 10.1.4.0/24 to A.

– B will not advertise 10.1.2.0/24, 10.1.2.0/23, or 10.1.3.0/24.

• If stub receive-only is configured:– B won’t advertise anything y g

to A, so A needs to have a static route to the networks behind B to reach them.

Active Process Enhancement

Before• Router A resets relationship to

After

Ro ter A sends an SIA Q er at• Router A resets relationship to router B when the normal active timer expires. However, the problem is the link between

Router A sends an SIA-Query at half of the normal active timer. Router B acknowledges the query there by keeping the relationship

router B and C. up.

Graceful Shutdown

MD5 Authentication

• EIGRP MD5 authentication:– Router generates a message digest, or hash, of the

key, key-id, and message.

– EIGRP allows keys to be managed using key chains.

– Specify key-id (number, key, and lifetime of key).

– First valid activated key, in order of key numbers, is usedused.

Configuring EIGRP MD5 Authentication

Router(config-if)#

ip authentication mode eigrp autonomous-system md5

Specifies MD5 authentication for EIGRP packets

Router(config-if)#

ip authentication key-chain eigrp autonomous-system name-of-chain

Enables authentication of EIGRP packets using key in the key-chainchain


Router(config)#

key chain name-of-chain

Enters configuration mode for the key-chain

Router(config-keychain)#

key key-id

Identifies key and enters configuration mode for the key-id


Router(config-keychain-key)#

k t i t tkey-string text

Identifies key string (password)Router(config-keychain-key)#Router(config-keychain-key)#

accept-lifetime start-time {infinite | end-time | duration seconds}

Optional: specifies when key will be accepted for received packets

Router(config-keychain-key)#( g y y)#

send-lifetime start-time {infinite | end-time | duration seconds}

O i l ifi h k b d f di kOptional: specifies when key can be used for sending packets

Example MD5 AuthenticationExample MD5 Authentication Configuration

R1 Configuration for MD5 Authentication<output omitted> key chain R1chainkey 1ykey-string firstkeyaccept-lifetime 04:00:00 Jan 1 2006 infinitesend-lifetime 04:00:00 Jan 1 2006 04:01:00 Jan 1 2006

key 2key-string secondkeykey-string secondkeyaccept-lifetime 04:00:00 Jan 1 2006 infinitesend-lifetime 04:00:00 Jan 1 2006 infinite

<output omitted> interface FastEthernet0/0ip address 172.16.1.1 255.255.255.0!interface Serial0/0/1bandwidth 64ip address 192.168.1.101 255.255.255.224ip address 192.168.1.101 255.255.255.224ip authentication mode eigrp 100 md5ip authentication key-chain eigrp 100 R1chain!router eigrp 100

k 172 16 1 0 0 0 0 255network 172.16.1.0 0.0.0.255network 192.168.1.0auto-summary

R2 Configuration for MD5 Authentication

<output omitted> key chain R2chainkey 1key-string firstkeyaccept-lifetime 04:00:00 Jan 1 2006 infinitesend-lifetime 04:00:00 Jan 1 2006 infinite

key 2key-string secondkeykey-string secondkeyaccept-lifetime 04:00:00 Jan 1 2006 infinitesend-lifetime 04:00:00 Jan 1 2006 infinite

<output omitted> interface FastEthernet0/0ip address 172.17.2.2 255.255.255.0 !interface Serial0/0/1bandwidth 64ip address 192.168.1.102 255.255.255.224ip address 192.168.1.102 255.255.255.224ip authentication mode eigrp 100 md5ip authentication key-chain eigrp 100 R2chain!router eigrp 100

t k 172 17 2 0 0 0 0 255network 172.17.2.0 0.0.0.255network 192.168.1.0auto-summary

Verifying MD5 Authentication

R1#*Jan 21 16:23:30.517: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.1.102 (Serial0/0/1) is up: new adjacency( / / ) p j y

R1#show ip eigrp neighborsIP-EIGRP neighbors for process 100H Address Interface Hold Uptime SRTT RTO Q Seq0 192 168 1 102 Se0/0/1 12 00 03 10 17 2280 0 140 192.168.1.102 Se0/0/1 12 00:03:10 17 2280 0 14

R1#show ip route<output omitted>Gateway of last resort is not setD 172.17.0.0/16 [90/40514560] via 192.168.1.102, 00:02:22, Serial0/0/1

172.16.0.0/16 is variably subnetted, 2 subnets, 2 masksD 172.16.0.0/16 is a summary, 00:31:31, Null0C 172.16.1.0/24 is directly connected, FastEthernet0/0

192 168 1 0/24 is variably subnetted 2 subnets 2 masks192.168.1.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.1.96/27 is directly connected, Serial0/0/1D 192.168.1.0/24 is a summary, 00:31:31, Null0R1#ping 172.17.2.2Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.17.2.2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms

Troubleshooting MD5 AuthenticationTroubleshooting MD5 Authentication

R1#debug eigrp packetsEIGRP Packets debugging is on

(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)*Jan 21 16:38:51.745: EIGRP: received packet with MD5 authentication, key id = 1*Jan 21 16:38:51 745: EIGRP: Received HELLO on Serial0/0/1 nbr 192 168 1 102Jan 21 16:38:51.745: EIGRP: Received HELLO on Serial0/0/1 nbr 192.168.1.102*Jan 21 16:38:51.745: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0


(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)R2#*Jan 21 16:38:38.321: EIGRP: received packet with MD5 authentication, key id = 2*Jan 21 16:38:38.321: EIGRP: Received HELLO on Serial0/0/1 nbr 192.168.1.101*Jan 21 16:38:38.321: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0erQ un/rely 0/0

Troubleshooting MD5 Authentication ProblemMD5 authentication on both R1 and R2, but R1 key 2 (that it uses when sending) changed

R1(config-if)#key chain R1chainR1(config-keychain)#key 2R1(config-keychain-key)#key-string wrongkey

2#d b i k

g


(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY)R2##*Jan 21 16:50:18.749: EIGRP: pkt key id = 2, authentication mismatch*Jan 21 16:50:18.749: EIGRP: Serial0/0/1: ignored packet from 192.168.1.101, opcode = 5 (invalid authentication)*Jan 21 16:50:18.749: EIGRP: Dropping peer, invalid authentication*Jan 21 16:50:18 749: EIGRP: Sending HELLO on Serial0/0/1*Jan 21 16:50:18.749: EIGRP: Sending HELLO on Serial0/0/1*Jan 21 16:50:18.749: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0*Jan 21 16:50:18.753: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 192.168.1.101(Serial0/0/1) is down: Auth failure

R2#show ip eigrp neighborsIP-EIGRP neighbors for process 100R2#

eigrpcosy.univ-reims.fr/~lsteffenel/cours/fc/bsci2.pdfeigrp metrics values displayed in show...

Documents