TSHOOT – EIGRP for IPv4, IPv6, and the beast of a topic EIGRP “Named Mode” review and troubleshooting!

IPv6_EIGRP

The displayed Topology is just an image from a ROUTE lab I ran through years ago, however most of the Review / Troubleshooting will be reviewed in IPv4 as it is exactly the same in IPv6 mode, literally only difference is the IPv6 Multicast Address.

Named Mode EIGRP is a whole nother animal, it should almost be its own topic!

Its hard to fully encompass as I try to do at the bottom of this article, however this is one of those topics you will just need logic to make it through complex questions, or you will likely fail unless you lab named mode inside out.

It is critical to understand that using the “sh run | sec router eigrp” to view the named mode configuration, and use other commands to see what IS working and what ISN’T working to find the contrast between them, once you see how something is incorrectly configured I have found its fairly easy to determine how to correctly configure it (especially if you have other working configs / adjacencies / routes as examples).

EIGRP will function the exact same in Named mode, it is only the configuration that is different, and knowing the differences in configuration / verification and using logic WILL get you the Pass grade on exam day.

Now that I have hammered on the use logic / STARE AND COMPARE part for getting through Named Mode, I will cover that last but will start with basic EIGRP IPv4.

EIGRP IPv4 review and troubleshooting

To see your current neighbors the command “sh ip eigrp nei” will show all EIGRP neighbor information including IP / interface learned off / Hold time / Uptime of neighborship / etc.

Let us first take a look at why neighbor relationships might NOT form:

  • Interface is down – Interface must be Up / Up on both sides of an Adjacency
  • Mismatched AS #’s – Both Routers must be in the same AS #
  • Incorrect network statement – The network statement is critical to be correct, it does not require a mask for classful network statements, however the IP Addresses forming the adjacency must be included in the configured neighbor statements!
  • Mismatched K Values – Both Routers must have matching AS # K weight values for an adjacency to form
  • Different subnets – Neighbors must be on the same subnet to form adjacencies
  • Authentication – Key ID / # must match, along with key string, in addition to consideration of the key lifetime if set
  • ACL – Make sure an ACL is not blocking EIGRP Multicast address 224.0.0.10
  • Timers – This will not hard down an Adjacency, but can cause flapping

To address these issues in order:

  1. Interfaces both need to be Up/Up for any routing to occur between them
  2. “router eigrp #” – Both interfaces must reside in the same AS # in the this router process or they will not form a neighbor Adjacency, though EIGRP routers can have multiple interfaces in multiple different Autonomous system, use “sh ip eigrp nei” / “sh cdp nei det” / “sh ip proto” / “sh run | s router eigrp” / “debug ip eigrp” to confirm both sides of the link are in the same Subnet and AS #
  3. The network statements must encompass the IP of the interface expected to form an Adjacency or it simply will not form, even if its just a Host network statement, this can also be verified with “sh ip eigrp interfaces” to see if the expected Adjacency interface is listed, if not the network statements in the running config router process “sh run | sec router eigrp #” should be reviewed and the correct subnet added to allow the interface to participate in EIGRP
  4. “sh ip proto” will show the metric K weight values, check on each side to verify they match, if not change them in the router process via the command “metric weights tos k1 k2 k3 k4 k5” where each k value is 0-255, reference Cisco documentation here for further information on K weight configuration
  5. “sh ip proto” and “debug eigrp packet” are two ways of finding a passive interface, as it will show explicitly in “sh ip proto” output, and because passive interfaces do not send routing updates no Hello’s will be seen from the interface in question
  6. To form an Adjacency, two interfaces must be in the same subnet, this can be verified with “sh ip eigrp int” / “sh ip int bri” / “sh int (int)” and also should be confirmed that it is correctly configured in the “network x.x.x.x …” statement
  7. Authentication works basically the same for all Cisco protocols, a key chain is configured that does not have to match, however the Key ID (its #) and the Key String that corresponds with that # must match and is case sensitive. The Key Chain is configured in global configuration, then applied to EIGRP directly on an EIGRP enabled interface with “ip auth mode eigrp #” and “ip auth key-chain eigrp # (key chain name)” – Use “stare and compare” on connected neighbor interfaces in their key-chain / interface authentication to confirm they match exactly!
  8. ACL’s are very straight forward, be sure to check the interface for which ACL is applied to it (if any) with “sh ip int (int)” to see what ACL is listed in which direction, then check those ACL’s to confirm if EIGRP traffic is being denied
  9. With timers, Hellos must be sent faster than the value of the Holdtime, or the link will flap between the neighbors. For example if the Hello time is 15 seconds and the Hold timer is 10, the link will be down for 5 seconds every 15 seconds.

That is a lot of listing of different issues, when EIGRP is really quite easy

AS #’s must match, K Weights must match, and the interfaces (of course) need to be in the same subnet. Authentication must match exactly (of course) if configured.

Multiple AS processes can run on a single router, and when a network is configured in that AS #, every interface that is encompassed in that network defined will become EIGRP Enabled for that AS #.

At its most basic you are telling the router what directly connected networks to share with other routers, then you go to those other routers, and tell it which connected networks to share with other routers, and its just that simple.

The only tricky part of EIGRP is stub routers…. and possibly Named Mode!

Here I will discuss Stub Routers which are only tricky because they have a bit different default behaviors, and Named Mode will have its own section allllll the way at the bottom of this article.

Making an EIGRP Stub router is done to save resources in larger networks, or because the extra traffic is simply unnecessary, say if the Stub is a spoke site that EIGRP does not need to know what is down stream of that router.

By default Stub routers will advertise Connected and Summary routes, Neighbors will send Hellos to keep the Adjacency alive, but will NOT send Query messages when a route is lost to a destination network because a Stub doesn’t know and doesn’t care!

There are also different flavors like Connected / Summary / Receive-only / etc to adjust how the Stub behaves, as it can be Receive-Only and not share any networks at all, it’s all about what the Stub router needs to work properly with the network.

Given its relatively low AD #, EIGRP can lead to sub-optimal routing

The AD of 90 can lead to the EIGRP routes being injected into the IP Route Table because of its AD, even if a static route with an AD of 1 is redistributed into EIGRP, that static route becomes an EIGRP External route with an AD of 170.

For this reason if users are experiencing network slowness it can be caused by EIGRP routes being preferred because of AD that route traffic over much slower links than say an OSPF Route with an AD of 110.

This is something to watch both on the job and on exam day when users are reporting slowness, the AD may need to be adjusted on either route to allow the optimal path to be chosen to the destination network.

Route Filtering is another tricky topic if you are not familiar with it!

“sh ip proto” will show if a filter list is set in either direction, as filter lists are set in the router process for each EIGRP process, whether it be a distribute-list (an ACL) or a Prefix-List which references an ACL like Prefix-List which is described in detail in this article.

If you see a filter set in either direction for a distribute-list do a “sh access-list #” to view what filtering is being done, and for a prefix-list do “sh ip prefix-list” to view the prefix-list configured

Both ACL’s and Prefix-Lists have an implicit deny all at the end, and with IPv6 they have an additional implicit permit at the bottom for Neighbor Discovery RS and RA traffic, I highly advise reviewing ACL’s and Prefix-Lists in that link if you are not familiar.

When working with either, make sure they are correct in terms of what needs to be filtered or permitted per the distribute or prefix list applied, and if incorrect it will need to be corrected to fix the problem reported.

Route-Maps can also be applied, “sh route” or “show route-map” for full syntax will show all route-maps and their sequences, and you should be completely clear on this logic as its used not only for Layer 3 routing but also in Layer 2 VLAN Access-Lists!

When to apply “no ip split-horizon” to an interface

If you have worked with any NBMA / Hub and Spoke network, you already know the answer to this, and that would be on the router interface pointing out to the spokes of the network. For example on a Frame-Relay network:

ospfv3_topology

Forget the OSPF Area stuff, just looking at this network, if R2 and R3 need to send updates up to R1 to advertise those routes to each other, so the NBMA facing interface on R1 will need to be configured with “no ip split” (for short) to disable split-horizon thus allowing the routes to be advertised out the same interface they were received on.

This is the same for DMVPN Head-End / Hub routers, routes need to be able to be advertised out the same interface that they came in on.

So if you are looking at a similar Topology as above, regardless of the routing protocol, the Hub will more than likely require “no ip split” configured to allow all routers to receive routing updates for other spoke routers!

Some misc EIGRP topics to touch on

Variance

When issuing “sh ip eigrp top” to view the Topology table to review ALL routes learned by EIGRP, two number will be seen in brackets for each route that determines if its a successor / feasible successor, Feasible Distance (FD) is the left side value that is the Reported Distance + the Distance to that next hop sending the Reported Distance.

The Reported Distance (RD) is the Distance / Metric reported by the next hop router to the destination network, for example a connected route that is Redistributed into EIGRP might show [28610/0] next to the RStatic route in the Topology table because the next hop metric is 0 because it is a connected route and there is no Distance to a connected route!

Successor Routes are chosen by the lowest Feasible Distance to a destination, and brought into the IP Route Table if not beat by a lower AD route, but Variance can be used to allow “unequal cost load-balancing” by allowing Feasible Successor routes into the IP Route table.

The command is “variance X” where X is the multiplier for the RD in the Topology table, which will allow the route to be injected into the Topology table, as long as it meets the “Feasibility Condition” which states that the RD cannot exceed the FD.

If “variance 3” is issued then a route showing the FD/RD [19/5] can be brought into the IP Route Table, because the RD of 15 does not exceed the FD of 19, therefor it meets the Feasibility Condition.

Don’t forget to verify max paths to allow for load-sharing with “sh ip proto” and configure the value higher (up to 4 max paths) if needed with “max path 4” in router eigrp mode.

Summary Routes and 15.x IOS no longer requiring “no auto” with EIGRP!

This threw me off on my ROUTE exam, as some of my physical lab is still 12.x code, and its just a habit to issue “no auto” as soon as I enter EIGRP config mode but it is no longer needed on exam day. This is confirmed with “sh ip proto” in the Auto-Summarization section as being Disabled or Enabled.

Point being, EIGRP will not auto-summarize anymore on the exam, so do not expect it to!

Summary routes can be configured for EIGRP directly on the interfaces, but the networks being summarized must be entered into EIGRP via network statements, then on the interface “ip summry-address eigrp # x.x.x.x x.x.x.x” the # being your EIGRP AS and the x’s being the summary route.

When created it will automatically create another route in your IP Route table for the summary route leading to Null0, so if packets are sent to a network with the exact same network # / subnet mask it will discard the packet rather than routing it back out a default route (creating a routing loop).

Summary Routes will have an AD of 5 despite being created for / tied to EIGRP.

An example of the flow of troubleshooting using the verification commands

  1. “sh ip proto” to get an idea of the EIGRP AS # currently running (if any) and which networks it knows about, and for passive interfaces!
  2. “sh ip eigrp nei” to see if any neighbor adjacencies exist
  3. “sh ip eigrp int” to see which interfaces are running EIGRP, as these should have adjacencies / be showing in “sh ip eigrp nei” output, also note that passive interfaces will not show in the “sh ip eigrp int” list as well!
  4. “sh cdp nei (det)” to confirm what device is off the eigrp enabled interfaces listed, and what their IP Addresses are (same subnet)
  5. “sh run | section router eigrp” to verify the network statements are correct / present, if not correct or add the necessary statements

So enough of EIGRP IPv4, lets get into IPv6!

EIGRP IPv6 Review and Troubleshooting

As mentioned at the top, EIGRP works EXACTLY the same for IPv4 as it does with IPv6, the ONLY difference is the commands will need “ipv6” where you’d normally put “ip”:

  • “sh ipv6 eigrp nei”
  • “sh ipv6 eigrp int”
  • “sh ipv6 int bri”
  • “sh ipv6 proto”
  • “sh ipv6 eigrp top”
  • “sh ipv6 access-list”
  • “sh ipv6 prefix-list”
  • “sh ipv6 EVERYTHING!”

The concepts are the same with configuration, timers, k weights / AS # ‘s must match, authentication is the same, summary routes / stub routers are the same, timers will cause flapping if Hello isn’t faster than Hold timer, variance works the same.

The one difference to watch for is ACL’s / Prefix-Lists blocking FF02::A as this is the all EIGRP Routers IPv6 Multicast Address for Hellos / Updates.

If you find this being blocked, you will want to unblock it, otherwise everything will be exactly the same only using IPv6 addressing.

The one possible gotcha is that Router-ID’s for EIGRP and OSPFv3 must be entered in IPv4 address format, so there is that, but aside from that literally everything is the same.

You will want to:

  • Make sure “ipv6 unicast-routing” is enabled globally for IPv6 routing
  • Make sure “ipv6 router eigrp #” is configured for IPv6 EIGRP

And that is about it outside of everything covered for IPv4, literally the same, so brush up on the IPv6 if rusty!

Last but not least Named Mode EIGRP that mixes IPv4 with IPv6!

This mode allows for one central location to enter all EIGRP configurations for both IPv4 and IPv6 via “address-family” configurations to separate the two different IP types, both can use the same AS # or use separate AS #’s.

“address-family (ipv4/ipv6) unicast autonomous-system #” will separate the IPv4 and IPv6 configurations, this output is best viewed with “sh run | section router eigrp” to see the entire output for both addressing configurations.

To get into “Named Mode” you must enter a name (word) instead of an Autonomous System # such as “router eigrp TSHOOT” which will drop you into named mode configuration where you can then break up into “address-family” modes.

You will then drop into address-family configuration as shown here:

R1(config-router)#address-family ipv4 unicast autonomous-system 1
R1(config-router-af)#?
Address Family configuration commands:
  af-interface                    Enter Address Family interface configuration
  default                         Set a command to its defaults
  eigrp                           EIGRP Address Family specific commands
  exit-address-family             Exit Address Family configuration mode
  help                            Description of the interactive help system
  maximum-prefix                  Maximum number of prefixes acceptable in aggregate
  metric                          Modify metrics and parameters for advertisement
  neighbor                        Specify an IPv4 neighbor router
  network                         Enable routing on an IP network
  no                              Negate a command or set its defaults
  shutdown                        Shutdown address family
  timers                          Adjust peering based timers
  topology                        Topology configuration mode

Above are the different ways to configure all the different options in EIGRP, and they will all still work the same way, its just a different way of configuring them.

From this prompt you can enter the following commands the same normal EIGRP:

  • “network x.x.x.x (x.x.x.x)” – This will add connected networks to be advertised
  • “neighbor x.x.x.x” – This will set a neighbor statically, generally used for Frame-Relay / NBMA Topologies to force a neighbor Adjacency
  • “metric tos k1 k1 …” – Set the K weights for the AS #
  • “timers …” – To set the timers for the AS

A few large config modes in address-family mode to know

The first of with to be reviewed is “af-interface” configuration:

R1(config-router-af)#af-interface g0/0
R1(config-router-af-interface)#?
Address Family Interfaces configuration commands:
  authentication             authentication subcommands
  bandwidth-percent          Set percentage of bandwidth percentage limit
  bfd                        Enable Bidirectional Forwarding Detection
  dampening-change           Percent interface metric must change to cause update
  dampening-interval         Time in seconds to check interface metrics
  default                    Set a command to its defaults
  exit-af-interface          Exit from Address Family Interface configuration
  hello-interval             Configures hello interval
  hold-time                  Configures hold time
  next-hop-self              Configures EIGRP next-hop-self
  no                         Negate a command or set its defaults
  passive-interface          Suppress address updates on an interface
  shutdown                   Disable Address-Family on interface
  split-horizon              Perform split horizon
  summary-address            Perform address summarization

As can be seen, these are simply the same commands in a slightly different format that would be entered on the physical interface tied to EIGRP.

Here is a list of the commands that are good to know for af-interface mode:

  • “hello #” – Hello Timer
  • “hold #” – Hold Timer
  • “authentication …” – This is to define the key chain to be used, the Key Chain itself must still be a separate global configuration, and the same rules apply that key chain name can be different but Key # and Key String must match
  • “summary-address x.x.x.x x.x.x.x” – Networks must still be entered back a level in af command level via “network …” for all networks to be summarized
  • “passive-interface” – To set this interface not to generate Hello packets to neighbors
  • “split-horizon” – More specifically where you would use “no split” to disable it on an interface facing an NBMA Frame-Relay / DMVPN network
  • “no …” to negate any of the commands like “no split” to disbale split-horizon on the interface
  • “shutdown” – This will not shut down the interface, but will disable EIGRP from running on the interface
  • “default (something)” – This is a cool command, as it will set something like metric or timers back to their defaults, which if the other sides interface is using defaults this command could very well fix an issue!

So basically any EIGRP command you would normally do directly on a physical interface, you will enter in af-interface mode, it does not run any different in EIGRP it is only a different way of configuring the parameters.

Next up is some important commands for “af-topology …” configuration:

R1(config-router-af)#topology base
R1(config-router-af-topology)#?
Address Family Topology configuration commands:
  auto-summary         Enable automatic network number summarization
  default              Set a command to its defaults
  default-information  Control distribution of default information
  default-metric       Set metric of redistributed routes
  distance             Define an administrative distance
  distribute-list      Filter entries in eigrp updates
  eigrp                EIGRP specific commands
  exit-af-topology     Exit from Address Family Topology configuration
  maximum-paths        Forward packets over multiple paths
  metric               Modify metrics and parameters for advertisement
  no                   Negate a command or set its defaults
  offset-list          Add or subtract offset from EIGRP metrics
  redistribute         Redistribute IPv4 routes from another routing proto
  summary-metric       Specify summary to apply metric/filtering
  timers               Adjust topology specific timers
  traffic-share        How to compute traffic share over alternate paths
  variance             Control load balancing variance

Quite a few here, again nothing to panic over, as I believe ? is allowed in the TSHOOT environment to help stumble through configurations.

Note that there will be some repeat values such as “metric” which is the same as configuring in address-family mode, and “timers” that can be configured either at the interface or global (Topology) level.

I will not go over repeat commands, but the unique commands found in Topology mode.

The very good to know for exam day commands for Topology config mode:

  • “redistribute” – This will be a big one to know as I’d expect to see plenty of redistribution on exam day, so it is good to know it is done via “topology base” while in “address-family” mode
  • “variance” – Works the exact same as configured in a regular EIGRP configuration
  • “maximum-paths” – To allow up to 4 paths to load balance with equal or unequal cost load-balancing
  • “default information (originate)” – To configure a deafult route to be advertised from this router / AS #
  • “distance” – Configure different AD’s for routes in this AS
  • “distribute-list” – To configure route-filtering
  • “auto-summary” – Enable or Disable (with a “no auto”) classful summarization

Outside of that you can should be able to use ? on TSHOOT I believe, so I wouldn’t really try to write mem more than that to your brain for Named Mode EIGRP.

Honestly as long as you understand how EIGRP works at its core, looking to the “router eigrp …” section of the running configuration will give a huge example configuration to go off of during the exam, so be sure to use it along with ? to make the best educated guess you can if you are not entirely sure about a question on exam day!

A few other commands to know about for address-family config mode using the “eigrp” command to lead the config in af mode:

  • “eigrp router-id x.x.x.x” – To set the RID for this AS #
  • “eigrp stub (connected/summary/receive-only/etc)” – To set router as stub for the AS # it is configured for

The verification for Named Mode is also slightly different!

One thing that makes these somewhat easier to remember is that Named Mode is meant to combine IPv4 and IPv6 EIGRP processes, so the verification commands will not be “sh ip …” or “sh ipv6 …” because Named Mode could be configured for either!

For this reason the verification commands are different, which I won’t go way in depth here other than to mention the commands, and what they display should be obvious.

EIGRP Named Mode verification commands:

  • “sh eigrp proto” – Rather than “sh ip proto” you will need to specify eigrp instead to review all protocol parameters for all IPv4 and IPv6 EIGRP Configurations
  • “sh eigrp address-family (ipv4/ipv6) int (det)” – Note there are two variable here whether you want to see IPv4 or IPv6 info, and “detail” at the end to see further detail, the equivalent of “sh ip eigrp int” for normally configured EIGRP
  • “sh eigrp address-family (ipv4/ipv6) top” – To view the Topology table for either IPv4 or IPv6 when EIGRP is configured in Named mode
  • “sh run | sec router eigrp” – This is VERY IMPORTANT FOR EXAM DAY! This is the one command that will stay the same between EIGRP config types to give you the manually entered configurations, so utilize it on exam day!

That is it for this monster of a post, but one more EIGRP named mode command

I would be amazed to see this on exam day, I really wouldn’t be knowing Cisco, but it would really stun me if one side of a config was normal EIGRP configured and the other router in Named Mode configuration.

To migrate a normal config to Named Mode config to better troublehshoot:

R1(config)#router eigrp 1
R1(config-router)#eigrp upgrade-cli TEST
Configuration will be converted from router eigrp 1 to router eigrp TEST.
Are you sure you want to proceed? ? [yes/no]: yes

This will literally take your existing normal EIGRP config and convert it to Named Mode / Address Family configuration for the AS # defined in the “router eigrp #” statement.

That is it for EIGRP, its a huge topic to re-cover in depth, so I hope I re-covered that enough to cover myself (and whoever is reading this) on exam day 🙂

Hasta Luego!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s