EIGRP Fundamentals / Advanced in a can

Posted on by Loopy

I’ve integrated Chris Bryant’s ROUTE book on kindle into my study, as it follows the video series perfectly, and decided to go over the EIGRP section while doing the OSPF videos just to re-cover the topics, which made realize how much important information I did not post here. So this will be bullet points of the important facts of EIGRP (May follow with a similar OSPF in a can post):

  • EIGRP must agree on Autonomous System (AS) numbers and K Values (Metric Weights) to form a neighbor relationship, Hello / Hold timers and Subnet Mask are not considered, must also receive Hello’s from neighbor to keep adjacency up
  • Auto-summarization is on by default, this will summarize discontiguous networks at classful network boundary when being advertised by an interface that is not part of the network being summarized – “no auto” in router config to turn off
  • When entering a network into router config, no mask is needed, however if a mask is used it MUST be a wildcard mask
  • Hello packets are multicast to 224.0.0.10 to maintain neighbor relationships, every 5 seconds on fast links (Ethernet, T1, ISDN PRI, point-to point Frame-Relay and ATM links, etc, and every 60 seconds on slower links such as Serial links, Frame-Relay multipoint interfaces, ATM SVI’s, ISDN BRI’s, and link speeds under T1
  • Hold timers will be 3 times the Hello value by default (15 for fast link, 180 on slow links), when a Hello is recv’d it refreshes the Hold time to it’s maximum value, if no Hello is recv’d before the Hold time expires the neighbor is considered down, if a Hold timer misses its expected Hello (showing Hold time under 10 seconds on Ethernet segment) something is wrong, can view Hold time with “show ip eigrp nei” and Hello time with “show ip proto” and debug this (and most EIGRP issues) with “debug eigrp packet”
  • By Default, EIGRP uses Bandwidth and Delay (K Values) to calculate metrics
  • EIGRP uses Successor and Feasible Successor routes, Successors are best routes (Metric wise) to a destination, while a Feasible Successor is a loop-free backup route
  • Feasible Distance is the total metric to a network from the local router, Advertised / Reported Distance is the metric to that destination from the next hop router
  • EIGRP uses 3 tables for routes and neighbor info: Route, Topology, and Neighbor
  • Route table (“show ip route eigrp”) populated with Successor Routes to networks, shown in the format of Admin Distance / Metric (Feasible Distance): [90/2297856]
  • Topology table (“show ip eigrp top”) holds Successor and Feasible Successor routes, so if the Successor route becomes unavailable, the Feasible Successor (route with higher metric than the Successor but is loop-free; see Feasibility Condition below) can be injected to the Route table immediately for rapid convergence, shown in format of Feasible Distance / Advertised (or Reported) Distance: [22997856/128256]
  • Neighbor table (“show ip eigrp nei”) to view neighbor details such as local interface receiving hello’s, timer info, peer IP address, and other values for troubleshooting
  • Feasibility Condition at its simplest: If a route’s Advertised Distance (or RD) is less than the Successor Routes Feasible Distance, that route is considered a valid and loop-free Feasible Successor and is placed in the Topology table
  • EIGRP will perform equal-cost load balancing up to 4 paths by default, with a maximum of 16 paths, if the FD is the same for each path to the destination network (Variance command is used for Unequal-Cost load balancing), “maximum-paths 1” command in router configuration mode to turn of equal-cost load balancing
  • Routes must meet Feasibility Condition to participate in Unequal-Cost load balancing or to be placed in the Topology table at all
  • To perform Unequal-Cost load balancing, use command “variance x” in router configuration, where x is an ‘invisible’ multiplier of acceptable routes to be put in the Route table to a destination, so “variance 2” will allow Feasible Successors with up to twice the Successors Metric or FD into the route table to perform Unequal-Cost LB, the impact being ‘invisible’ because the route brought in will retain its metric, and the only way to confirm the FS should be in the route table is “show ip proto” and check the Variance #, the # used is also very important to keep unwanted Feasible Successors out of the Route Table  ***IMPORTANT CONCEPT***
  • Variance will change Feasible Successors to Successors in Topology table, but will show as a secondary route in the EIGRP Route table to a destination network, and is ‘all or none’ in that it will bring in all qualified FS routes when configured, to disable Variance set “variance 1” in router configuration
  • ***Traffic generated by a router is NOT load balanced, only pass-thru traffic***
  • “traffic-share min across-interfaces” command in router configuration will force EIGRP to send data only over a single best path (minimum metric)
  • In the Topology table, there are two main states, Active and Passive, Passive=Good
  • If a Successor route is lost and no Feasible Successor exists in the Topology table, it is put into ‘Active’ while DUAL runs, sending Query packets on 224.0.0.10 via RTP to all EIGRP neighbors requesting a new loop-free route to the network, if no neighbors have a route they all ask their neighbors, and the process continues until a neighbor replies with a route or there are no more neighbors left to ask
  • A ‘Passive’ route in the Topology table means the route is stable, and good to go
  • ‘Stuck in Active’ (SIA) is a state a route will be put in if a replacement route is not found through Query’s before the active timer expires (Active Timer is 3 minutes by default), can be changed in router config with “timers active-timers #” set in minutes for #, must cannot set minute value to 0 to disable, must use “timers active-timers disabled” to turn off Active Timer entirely
  • Four main reason a route will become SIA: Link is Unidirectional so the Query cannot be answered, the Queried router is unavailable due to resources (High CPU Utilization), the Queried routers memory is corrupt and is unable to answer the Query, Link is low speed and just good enough to keep adjacency up but not respond to Query requests from upstream routers
  • EIGRP uses Reliable Transport Protocol (RTP) sends packets “reliably” to neighbors, which sounds like TCP, but it does not work like TCP (not all packets are reliable), the 5 packet types sent are as follows:
  • ‘Hello Packets’ are used to discover new neighbors, keep relationships alive, multicast to 224.0.0.10
  • ‘Acknowledgement’ packets are ‘Hello’ packets containing no data
  • Neither Hello’s or Ack’s use RTP – And are therefor considered unreliable
  • ‘Update’ packets are sent to new neighbors to allow the neighbor to build an accurate Route and Topology table, and when existing neighbors detect network changes – ‘Update packets exchanged between new neighbors are Unicast, while updates sent to existing neighbors upon detecting a route network change are multicast to 224.0.0.10 – ***Unicast Updates between new neighbors important point***
  • ‘Query’ packets are sent when a router loses a Successor with no FS route
  • ‘Reply’ packets are sent in response to a Query packet when a new route is found
  • Update, Query, and Reply packets use RTP and are there considered reliable
  • “show ip eigrp traffic” to see the statistics of all EIGRP packet types, if Query / Reply / Update packets are incrementing regularly you have a network problem
  • Neighbor forming process: R1 sends Hello – R2 responds with (Unicast) EIGRP Update packet if AS # and K Values are agreed upon – R1 responds to R2’s Update packet with an EIGRP Ack and Update Packet (Unicast) – R2 responds with a final EIGRP Ack packet and the neighbor relationship is formed
  • “ip [hello / hold] eigrp (AS) #” on the interface level to change Hello and Hold timers
  • K Values (Metric) 1-5: Bandwidth, Load, Delay, Reliability, Reliability Modifier
  • “metric weights 0 1 0 1 0 0″ in router config is used to modify the K Values used to calculate metric, with the bold/underline 0 being an odd ToS config that is required in the command and can only be 0, the exmaple 5 k values of 10100 are the default K Values for EIGRP (BandWidth and Delay)
  • Neighbor table values under the specified columns, from left to right:
  • H = Order in which neighbor was discovered
  • Address = The IP Address of the neighbor
  • Interface = Local interface receiving neighbor Hello’s
  • Hold = Time router will wait until declaring a neighbor adjacency dead (counts down)
  • Uptime = Amount of time since neighbor relationship was first formed
  • SRTT = Smooth Round Trip Time, amount of milliseconds it takes to send a packet to the neighbor and receive an Ack back
  • RTO = Retransmission TimeOut, time until retransmitting a packet to a neighbor
  • Q Cnt = Queue Count, # of EIGRP packets waiting to be sent
  • Seq Num = Seqence # of the last update / reply / query packet from neighbor
  • To debug neighbor adjacencies, use “debug eigrp nei”, or for a single neighbor “debug ip eigrp (AS) (Neighbor IP address)” (Only debug for a specific neighbors uses ‘ip’ after debug in its command *** VERY IMPORTANT TO NOTE***
  • Neighbors can be formed using an interfaces ‘Secondary IP Address’, by entering the secondary address in router config, though the neighbor relationship will still use that interfaces Primary IP address
  • “ip address 23.23.23.1 255.255.255.0 secondary” on interface to configure Secondary IP Address, then “network 23.23.23.0 0.0.0.255” in router config to add network
  • EIGRP has 3 Administrative Distances: EIGRP Internal route [90], EIGRP external route [170], and EIGRP Summary route [5]
  • Internal routes are learned via configuring in router configuration with “network” command and advertised to neighbors
  • External routes are learned via Redistribution of connected or static routes, as well as routes from other protocols, set in router configuration with command “redistribute connected” or “redistribute …” to redistribute other route types
  • To change Admin Distances for EIGRP routes on the local router, use “distance eigrp # #” where the first # is for Internal EIGRP route admin distance, the second # is for external routes – Must configure both but can enter the same value as default AD to retain the original AD of either route type
  • Manual Route Summarization begins with writing out all networks to be summarized in binary, then work from left to right and identify the common network bits, and any bits that are not common among all networks to be summarized will make up the Summary Route network mask, ex: Networks 100.1.0.0/16 – 100.7.0.0/16 written out in binary and Summarized will result in 100.0.0.0/13 **IMPORTANT CONCEPT**
  • First enter the networks into router configuration mode with “network …” command, then on the interface to advertise the summary route, use the command “ip summary-address eigrp (AS) 100.0.0.0 255.248.0.0”, this will drop neighbor relationships, when they come back up they will contain summary routes
  • On the router with the summary route, the summary route will show in the Route table is seen as a route to Null0, so if a packet comes in that doesn’t match one of the more specific network numbers it is discarded, as the router doing manual summarization will still have the more specific routes in it’s table – Route to Null0 will only be seen on the router performing manual summarization
  • The AD 5 will be seen only with “show ip route 100.0.0.0 255.248.0.0” or “show run” on the router doing summarization, remote routers will show “… is a summary route” in their route table where the Admin Distance should be
  • The best point is EIGRP networks to configure Manual Summarization is on ASBR (Autonomous System Boarder Routers) routers to be most efficient
  • Adjusting bandwidth on different interface types:
  • Single physical interface: Add all VC’s bandwidth together, and set “bandwidth x” where x is the total bandwidth across all VC’s connecting to that single interface
  • Point-to-Point Sub-Interfaces: Set Bandwidth on each indivudual sub-interface
  • Multipoint Sub-Interface: Add all VC’s bandwidth up and set the total bandwidth on the multipoint sub-interface
  • By default, EIGRP traffic will only use 50% of an interfaces set bandwidth, can be adjusted directly on the interface by issuing “ip bandwidth-percent eigrp (AS) (BW %)” – The percentage can be set above 100% in case the physical interface BW exceeds what it is logically set to
  • Stub Routing for EIGRP is done by configuring ‘Stub Routers’ by using the “eigrp stub” command in router configuration mode, unlike OSPF that uses different types of ‘Stub Areas’, it is configured on the ‘end of line’ routers, or routers that otherwise have no upstream neighbors to Query for routes via DUAL, so there is no need for it to receive Query requests, hence it being a ‘Stub’
  • By Default, only connected and Summary routes are advertised by a Stub Router, though route types to be advertised can be adjusted in router configuration with “eigrp stub …” command
  • Passive interfaces are used when you do not want an Interface sending any EIGRP related traffic, it does this by preventing that interface from sending Hello’s which means no adjacencies will form over that interface, therefor no other EIGRP traffic will be sent through the Passive interface (Updates, Query’s, etc.) There are two different options to configure passive interfaces:
  • Option 1: “passive-interface default” in router configuration makes all EIGRP enabled interfaces on the router passive, then use “no passive-interface s0/1” to disable for a single interface, “no passive-interface default” to disable globally
  • Option 2: “passive-interface s0/1” in router configuration mode to make a single EIGRP enabled interface passive while leaving all others non-passive
  • To Redistribute a static route via EIGRP, must create the static route with “ip route 0.0.0.0 0.0.0.0 s0/1” command and then “redistribute static …” in router configuration to advertise the default-gateway to EIGRP neighbors – Note that default information-originate is for OSPF, not available in EIGRP
  • “network 0.0.0.0” in router configuration will also propagate a default route to downstream routers with an EIGRP Admin Distance of 90 for an Internal route rather than 170 for an External / Redistributed route
  • “ip default-network 10.0.0.0” is another way to redistribute a non-zero (all zeros) default gateway address to EIGRP neighbors, configured in global config NOT router config, MUST have the network being advertised in route table as well as router configs via the network command (<- Need to verify route needs to be config’d in EIGRP), IOS 15.x+ will continue to show “No gateway of last resort set”, the command has several known bugs discussed in Cisco forums
  • Authentication between EIGRP niehgbors prevents undesired / rogue routers from becoming an EIGRP neighbor
  • EIGRP uses either clear text or MD5 Encryption, only encrypts passwords to authenticate neighbors but not traffic sent by EIGRP, the commands “key chain” and “key-chain” are both used in the configuration – “key chain” is used in the actual key chain configuration, “key-chain” is used when applying it to the interface – Know the difference of where those two are at!
  • Authentication configs below ***IMPORTANT REFERENCE***
  • R1(config)”key chain (name)” in global config to assign key chain name and start configuration of the keys for this key chain
  • R1(config-keychain)”key #” in keychain config to set the key # to configure
  • R1(config-keychain-key)”key-string (Password)” in key config to set password used by neighbors to authenticate to eachother
  • “ip authentication mode eigrp (AS) md5” on interface config of the interface that needs to be configured to authenticate with it’s peer(s)
  • “ip authentication key-chain eigrp (AS) (key chain name)” on interface config, **NOTE** that the key chain name is the name of the key chain itself and not the password that is set on specific keys, this is because different keys can be or ‘accepted’ at different times with the commands as follow
  • R1(config-keychain-key)”accept-lifetime 00:00:00 Jan 1 2016 infinite”
  • R1(config-keychain-key)”send-lifetime 00:00:00 Jan 1 2016 infinite” Are examples of the commands in the actual key configuration to set when a neighbor will send or accept authentication using a particular key on the key chain it is sub-configured under

 

AND THAT IS ALL THERE IS TO EIGRP (for now), PIECE OF CAKE!

(That compilation of accurate information was a LOT of freegin work)

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s