Using this Topology I will work across the EIGRP Domain using EIGRP Named Mode, possibly mixing some “Classic” mode EIGRP Routers in there as well, just to see how things are different once I’ve gotten into a Named Mode groove of configuration.
Honestly before running through this lab (when studying for my CCNP R/S) I was NOT a fan of ANY Address-Family modes, but after running through this lab using it I am very much warmed up to Address-Family configuration, and dare say I am a fan of it!
Some notes on EIGRP Named Mode before diving into configuration
Named Mode for eigrp configured with “router eigrp (name)” essentially just allows you to make multiple instances of EIGRP instances as classic mode restricts you to a single instance on a router per AS (so its almost like the VRF euqivalent of EIGRP?).
It allows you to not only make multiple Autonomous-System instances, but name them intuitively, so you can know what instance is routing for what service / network.
There is also a great “shutdown” command that shuts down the process at every level of config you go into Named Mode (shown below), and it can really save your butt, for example as seen below I forgot to IP Address the routers before beginning so I had to “shut” my initial two EIGRP Named Processes down until I addressed routers then a “no shut” brought them right back up and Adjacencies formed without missing a beat.
So that is a very very very cool feature I kind of mocked until I needed it 🙂
Without further ado lets get right into configuration of EIGRP starting with ABRs
On Looped-ABR1 I jump right into EIGRP name (NAME) mode:
Looped-ABR1(config)#router eigrp ABR1
Looped-ABR1(config-router)#?
Router configuration commands:
address-family Enter Address Family command mode
default Set a command to its defaults
exit Exit from routing protocol configuration mode
no Negate a command or set its defaults
service-family Enter Service Family command mode
shutdown Shutdown this instance of EIGRP
Looped-ABR1(config-router)#
You will probably use address-family mode to get to either IPv4 / IPv6 EIGRP configuration, however I did see service-family that I am not sure what it is, and also there is a “shutdown” at almost every level of Named Mode and I want to see what it does at this level, like does it completely remove the EIGRP name mode instance or what:
Looped-ABR1(config-router)#shutdown
Looped-ABR1(config-router)#do sh ip proto
*** IP Routing is NSF aware ***
Routing Protocol is “ospf 1”
(OSPF Info)
Distance: (default is 110)
Looped-ABR1(config-router)#
Note we are still in the “router eigrp (name)” prompt, so I’ll no shut the instance and keep on moving, kind of an interesting feature to turn off but not delete the IGP instance.
Configuring IPv4 AS 100 in Address-Family mode
Looped-ABR1(config-router)#address-family ?
ipv4 Address family IPv4
ipv6 Address family IPv6
Looped-ABR1(config-router)#address-family ipv4 ?
autonomous-system Specify Address-Family Autonomous System Number
multicast Address Family Multicast
unicast Address Family Unicast
vrf Specify a specific virtual routing/forwarding instance
Looped-ABR1(config-router)#address-family ipv4 unicast ?
autonomous-system Specify Address-Family Autonomous System Number
vrf Specify a specific virtual routing/forwarding instance
Looped-ABR1(config-router)#address-family ipv4 unicast autonomous-system ?
<1-65535> Autonomous System
Looped-ABR1(config-router)#address-family ipv4 unicast autonomous-system 100 ?
<cr>
Looped-ABR1(config-router)#address-family ipv4 unicast autonomous-system 100
Looped-ABR1(config-router-af)#
Notice that EIGRP Named mode is hierarchical in its configuration, I’ll walk through it here first, then post a visual demonstration of all tables (that are relevant to us) within the hierarchy of EIGRP Named mode configuration.
Next lets look at our options in AF IPv4 AS 100 config mode
Looped-ABR1(config-router-af)#?
Address Family configuration commands:
af-interface Enter Address Family interface configuration
default Set a command to its defaults
eigrp EIGRP Address Family specific commands
exit-address-family Exit Address Family configuration mode
help Description of the interactive help system
maximum-prefix Maximum number of prefixes acceptable in aggregate
metric Modify metrics and parameters for address advertisement
neighbor Specify an IPv4 neighbor router
network Enable routing on an IP network
no Negate a command or set its defaults
shutdown Shutdown address family
timers Adjust peering based timers
topology Topology configuration mode
Looped-ABR1(config-router-af)#
Shutdown makes the list again, EIGRP Named mode just wants you to shut it down!
The nice thing about shutdown is that I’ve had to use it when I realized I was missing IP Addresses, and it was nice to be able to just temporarily disable EIGRP, rather than completely remove it or configure IP Addresses with console messages flying around!
So the shutdown command is kind of funny at first, but incredibly useful in a pinch!
I highlighted in green the two commands that will drop you another level deeper into configuration / a new mode prompt, along with the “network” command I will be using myself at this level to keep this config moving along here:
Looped-ABR1(config-router-af)#network 192.168.2.0 0.0.0.255
Looped-ABR1(config-router-af)#
Amazing, I know. All interfaces in the 192.168.2.0/24 range are now in EIGRP IPv4 AS 100!
I don’t need anything else here as its all just messing with defaults, lets take a look at the Address-Family Interfaces commands (I apologize for this huge Interface output):
Looped-ABR1(config-router-af)#af-interface ?
FastEthernet FastEthernet IEEE 802.3
default Address-family default interface configuration
Looped-ABR1(config-router-af)#
There was about 50 interface types, but being I will ONLY be using these two (for now), I won’t spam this post with every interface type known to man kind – However I did want to point out that there is a “default” af-interface option that means ALL interfaces associated with this Address-Family!
The “default” option is much less intentional, but makes it so much easier to configure ALL EIGRP Interfaces on a router in one spot, for example configuration in one place instead of a bunch of different interfaces is pretty cool (which I will do here shortly).
Lets take a look at all options for EIGRP AF-Interface config mode
Looped-ABR1(config-router-af)#af-interface default
Looped-ABR1(config-router-af-interface)#?
Address Family Interfaces configuration commands:
authentication authentication subcommands
bandwidth-percent Set percentage of bandwidth percentage limit
bfd Enable Bidirectional Forwarding Detection
dampening-change Percent interface metric must change to cause update
dampening-interval Time in seconds to check interface metrics
default Set a command to its defaults
exit-af-interface Exit from Address Family Interface configuration mode
hello-interval Configures hello interval
hold-time Configures hold time
next-hop-self Configures EIGRP next-hop-self
no Negate a command or set its defaults
passive-interface Suppress address updates on an interface
shutdown Disable Address-Family on interface
split-horizon Perform split horizon
Looped-ABR1(config-router-af-interface)#
Tons of stuff, including our old friend “shutdown” wanting to shut down your EIGRP Interfaces this time instead of the Address-Family or EIGRP Process itself!
I’ll be configuring “authentication” but wanted to highlight “bfd” (what I broke Dynamips with in my last post), Hello and Hold timers (must match between remote interfaces), next-hop-self (had to turn off for DMVPN to go from Phase 1 to Phase 2), passive-interface, and split-horizon.
You can apply these interface-level commands to all interfaces in this AS 100 using “default” or go “af-int fa#/#” if you only need to fine tune a single interface.
However I am doing authentication across the entire EIGRP Domain so:
Looped-ABR1(config-router-af-interface)#auth ?
key-chain key-chain
mode authentication mode
Ahhhhh I forgot even in this mode I require a separate key-chain be made, which I’ll jump into Global Config to pound out quick as its good practice.
Note we are back at Global-Config prompt to start
Looped-ABR1(config)#key chain ?
WORD Key-chain name
Looped-ABR1(config)#key chain EIGRPAuth
Looped-ABR1(config-keychain)#key 1
Looped-ABR1(config-keychain-key)#?
Key-chain key configuration commands:
accept-lifetime Set accept lifetime of key
default Set a command to its defaults
exit Exit from key-chain key configuration mode
key-string Set key string
no Negate a command or set its defaults
send-lifetime Set send lifetime of key
Looped-ABR1(config-keychain-key)#key-string L00p3dB@ck!!! ?
LINE <cr>
Looped-ABR1(config-keychain-key)#key-string L00p3dB@ck!!!
Looped-ABR1(config-keychain-key)#end
Looped-ABR1#
I made a copy of this to throw on all EIGRP routers in the EIGRP Domain, and when trying to enter it on the MPLS PE Routers via the VRF Address-Family, but forgot that in classic mode all options are in the Address-Family config:
R5-PE(config-router-af)#?
Address Family configuration commands:
auto-summary Enable automatic network number summarization
bfd BFD configuration commands
default Set a command to its defaults
default-information Control distribution of default information
default-metric Set metric of redistributed routes
distance Define an administrative distance
distribute-list Filter entries in eigrp updates
eigrp EIGRP specific commands
exit-address-family Exit Address Family configuration mode
help Description of the interactive help system
maximum-paths Forward packets over multiple paths
maximum-prefix Maximum number of prefixes acceptable in aggregate
metric Modify metrics and parameters for advertisement
neighbor Specify a neighbor router
network Enable routing on an IP network
no Negate a command or set its defaults
offset-list Add or subtract offset from EIGRP metrics
passive-interface Suppress routing updates on an interface
redistribute Redistribute IPv4 routes from another routing protocol
shutdown Shutdown address family
summary-metric Specify summary to apply metric/filtering
timers Adjust routing timers
traffic-share How to compute traffic share over alternate paths
variance Control load balancing variance
R5-PE(config-router-af)#
There is no “Topology” or “Interface” configuration modes with Classic, its all either in this single list of options, or commands entered directly on the interface which I have to do on Int Fa4/0 pointed into the EIGRP Domain:
R5-PE(config)#int fa4/0
R5-PE(config-if)#ip auth key-chain eigrp 100 EIGRPAuth
R5-PE(config-if)#ip auth mode eigrp 100 md5
R5-PE(config-if)#
That has also been added to R1-PE MPLS Router, and those will be left to be for now.
I won’t re-visit this again though as that just perfectly demonstrated Classic vs Named mode EIGRP, that interface commands are not a config-level away in Classic mode, and ALL commands are lumped into one list whereas Named Mode uses hierarchy!
Anyways, back to configuration of ABR1 with “af-interface default” configuration:
Looped-ABR1(config-router-af-interface)#auth ?
key-chain key-chain
mode authentication mode
Looped-ABR1(config-router-af-interface)#auth key ?
WORD name of key-chain
Looped-ABR1(config-router-af-interface)#auth key EIGRPAuth ?
<cr>
Looped-ABR1(config-router-af-interface)#auth key EIGRPAuth
Looped-ABR1(config-router-af-interface)#auth mode ?
hmac-sha-256 HMAC-SHA-256 Authentication
md5 Keyed message digest
Looped-ABR1(config-router-af-interface)#auth mode md5 ?
<cr>
Looped-ABR1(config-router-af-interface)#auth mode md5
Looped-ABR1(config-router-af-interface)#
That is all there is too it, now if this had 5 interfaces, all of them would be running Authentication with this same configuration. Makes deploying things like Authentication to large scale Topologies much easier to do because there is one central place to do it!
Do remember all the other things found under this configuration mode:
Looped-ABR1(config-router-af-interface)#?
Address Family Interfaces configuration commands:
authentication authentication subcommands
bandwidth-percent Set percentage of bandwidth percentage limit
bfd Enable Bidirectional Forwarding Detection
dampening-change Percent interface metric must change to cause update
dampening-interval Time in seconds to check interface metrics
default Set a command to its defaults
exit-af-interface Exit from Address Family Interface configuration mode
hello-interval Configures hello interval
hold-time Configures hold time
next-hop-self Configures EIGRP next-hop-self
no Negate a command or set its defaults
passive-interface Suppress address updates on an interface
shutdown Disable Address-Family on interface
split-horizon Perform split horizon
Those are a lot of important features for advanced Topologies, so keep in mind where they reside, and speaking of where stuff resides we have one more mode to check out:
The “topology” mode and the configs it contains!
It was actually a bit more work to get there then initially thought:
Looped-ABR1(config-router-af)#topology ?
WORD Topology name
base Base Topology
Looped-ABR1(config-router-af)#topology CCIE ?
tid Topology Identification
Looped-ABR1(config-router-af)#topology CCIE tid ?
<1-65535> tid
Looped-ABR1(config-router-af)#topology CCIE tid 1233 ?
<cr>
Looped-ABR1(config-router-af)#topology base
Looped-ABR1(config-router-af-topology)#
I had to go down that rabbit hole of what on Earth the other “topology” option was, and its nothing I probably ever really need to know about, so I stuck with “topology base” and now am in “topology” config mode as indicated by the highlighted green text!
Configs in Topology Base mode:
Looped-ABR1(config-router-af-topology)#?
Address Family Topology configuration commands:
auto-summary Enable automatic network number summarization
default Set a command to its defaults
default-information Control distribution of default information
default-metric Set metric of redistributed routes
distance Define an administrative distance
distribute-list Filter entries in eigrp updates
eigrp EIGRP specific commands
exit-af-topology Exit from Address Family Topology configuration mode
fast-reroute Configure Fast-Reroute
maximum-paths Forward packets over multiple paths
metric Modify metrics and parameters for advertisement
no Negate a command or set its defaults
offset-list Add or subtract offset from EIGRP metrics
redistribute Redistribute IPv4 routes from another routing protocol
snmp Modify snmp parameters
summary-metric Specify summary to apply metric/filtering
timers Adjust topology specific timers
traffic-share How to compute traffic share over alternate paths
variance Control load balancing variance
Looped-ABR1(config-router-af-topology)#
There is a LOT of important stuff in here, but it is aptly named the Topology configuration mode, as these features WILL change how the Topology of EIGRP is!
We will be spending a bit of time in here once we get into topics like Redistributing Routes, filtering routes, changing some metrics on Internal / External routes, its going to be a great time once we fiiiiiinally get a base EIGRP Named config across this domain!
(This is the point I remember I have IP’d almost NOTHING in the EIGRP Domain)
I actually have not IP’d anything beyond testing in the OSPF Routing Domain either, so I am going to spend some time skulking router to router getting EVERYTHING at least IP Addressed, so I don’t run into this again in future posts – So be back in a few here!
One nice thing I thought of while configuring “BackSite2” for EIGRP named mode, that a) making the EIGRP Domain 192.168.0.0/24 by design was genius so no wildcard masking at all for the “network” statements, sweeeet!
Now to get some EIGRP Named Mode configurations kicking here!
BackSite2
Back-Site2(config)#router eigrp BackSite2
Back-Site2(config-router)#address-family ipv4 unicast autonomous-system 100
Back-Site2(config-router-af)#network 192.168.2.0
Back-Site2(config-router-af)#network 192.168.20.0
Back-Site2(config-router-af)#network 192.168.200.0
Back-Site2(config-router-af)#network 192.168.221.0
Back-Site2(config-router-af)#network 192.168.21.0
Back-Site2(config-router-af)#af-interface default
Back-Site2(config-router-af-interface)#auth key EIGRPAuth
Back-Site2(config-router-af-interface)#auth mode md5
Back-Site2(config-router-af-interface)#
*Dec 17 23:05:46.315: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 192.168.2.1 (FastEthernet4/0) is up: new adjacency
Back-Site2(config-router-af-interface)#^Z
Back-Site2#
*Dec 17 23:05:49.943: %SYS-5-CONFIG_I: Configured from console by console
Back-Site2#wr
Building configuration…
[OK]
Back-Site2#
Note that the Adjacency didn’t form until the Auth was configured on “default” interface.
ABR1 – That I ‘shut’ at AF level to assign IP Addy’s
Looped-ABR1(config-if)#router eigrp ABR1
Looped-ABR1(config-router)#no shut
Looped-ABR1(config-router)#
*Dec 17 23:18:25.723: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 192.168.200.2 (FastEthernet6/0) is up: new adjacency
Looped-ABR1(config-router)#
Shutdown in no parts of the EIGRP Address-Family gives a special console message, but will form EIGRP Neighborship messages as they are formed when “no shut” is issued.
I won’t throw EVERY configuration on this post as its just wasted space, but here is one last Named Mode config on a Transit Router I’ll be playing with path manipulation over:
Transit1
Back-Transit1(config)#router eigrp Transit1
Back-Transit1(config-router)#$ily ipv4 unicast autonomous-system 100
Back-Transit1(config-router-af)#network 192.168.0.0
Back-Transit1(config-router-af)#network 192.168.12.0
Back-Transit1(config-router-af)#network 192.168.21.0
Back-Transit1(config-router-af)#af-int default
Back-Transit1(config-router-af-interface)#auth key EIGRPAuth
Back-Transit1(config-router-af-interface)#auth mode md5
Back-Transit1(config-router-af-interface)#^Z
Back-Transit1#
*Dec 17 23:26:55.151: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 192.168.0.1 (FastEthernet0/0) is up: new adjacency
*Dec 17 23:26:55.551: %DUAL-5-NBRCHANGE: EIGRP-IPv4 100: Neighbor 192.168.21.1 (FastEthernet2/0) is up: new adjacency
Back-Transit1#wr
After running through and configuring everything, our Stub Router all the way on the other side of the Topology from which we began now shows this for routes:
Back1-Stub# sh ip route eigrp
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
+ – replicated route, % – next hop override
Gateway of last resort is not set
D 192.168.0.0/24 [90/204800] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.1.0/24 [90/153600] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.2.0/24 [90/204800] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.12.0/24 [90/153600] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.20.0/24 [90/256000] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.21.0/24 [90/204800] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.100.0/24 [90/153600] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.122.0/24 [90/153600] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.200.0/24 [90/256000] via 192.168.10.1, 00:07:06, FastEthernet5/0
D 192.168.221.0/24 [90/204800] via 192.168.10.1, 00:07:06, FastEthernet5/0
Back1-Stub#
Though being this is a STUB router for EIGRP, I don’t believe it needs to fully participating in all this EIGRP Routing as it only has one way out of the network.
I’ll work on making those EIGRP Stub routers actual stub routers at another time, but I think this is a pretty good point to conclude the Named Mode tirade, IPv6 is basically the same as IPv4 AF mode with its few own IPv6 fine tuning knobs available.
!!! Just to reveiw the EIGRP Authentication piece real quick entirely !!!
First you must make a key chain from Global Config to be used:
conf t
key chain EIGRPAuth
key 1
key-string L00p3dB@ck!!!
end
If applying directly to an interface (outside of Named Mode):
ip auth key-chain eigrp 100 EIGRPAuth
ip auth mode eigrp 100 md5
If applying to one or many interfaces inside of EIGRP Named Mode:
auth key EIGRPAuth
auth mode md5
Both of these require that key chain configuration from Global Configuration, but in EIGRP Named Mode config its much easier (especially if using default interface to configure 5 interfaces for Authentication at once)!
A reference for the EIGRP Named Mode tables and commands
Not sure how well this will show up on the page (tons of info jammed into this illustration), but wanted to throw this up as a quick reference for Named mode:
Here is an actual readable list of all commands, going left to right from the graphic:
af ipv4 AS # configs
Address Family configuration commands:
af-interface Enter Address Family interface configuration
default Set a command to its defaults
eigrp EIGRP Address Family specific commands
exit-address-family Exit Address Family configuration mode
help Description of the interactive help system
maximum-prefix Maximum number of prefixes acceptable in aggregate
metric Modify metrics and parameters for address advertisement
neighbor Specify an IPv4 neighbor router
network Enable routing on an IP network
no Negate a command or set its defaults
shutdown Shutdown address family
timers Adjust peering based timers
topology Topology configuration mode
af-interface configs
Address Family Interfaces configuration commands:
authentication authentication subcommands
bandwidth-percent Set percentage of bandwidth percentage limit
bfd Enable Bidirectional Forwarding Detection
dampening-change Percent interface metric must change to cause update
dampening-interval Time in seconds to check interface metrics
default Set a command to its defaults
exit-af-interface Exit from Address Family Interface configuration mode
hello-interval Configures hello interval
hold-time Configures hold time
next-hop-self Configures EIGRP next-hop-self
no Negate a command or set its defaults
passive-interface Suppress address updates on an interface
shutdown Disable Address-Family on interface
split-horizon Perform split horizon
topology base configs
Address Family Topology configuration commands:
auto-summary Enable automatic network number summarization
default Set a command to its defaults
default-information Control distribution of default information
default-metric Set metric of redistributed routes
distance Define an administrative distance
distribute-list Filter entries in eigrp updates
eigrp EIGRP specific commands
exit-af-topology Exit from Address Family Topology configuration mode
fast-reroute Configure Fast-Reroute
maximum-paths Forward packets over multiple paths
metric Modify metrics and parameters for advertisement
no Negate a command or set its defaults
offset-list Add or subtract offset from EIGRP metrics
redistribute Redistribute IPv4 routes from another routing protocol
snmp Modify snmp parameters
summary-metric Specify summary to apply metric/filtering
timers Adjust topology specific timers
traffic-share How to compute traffic share over alternate paths
variance Control load balancing variance
A quick peak at “service-family …” config in Address Family mode
For EIGRP it is a whittled down version of address-family, I am actually not sure why anyone would use this option at all, so for other protocols this must be packed with different service options that are mind blowing.
However, not for EIGRP:
Back1-Stub(config-router)#service-family ipv4 autonomous-system 100
Back1-Stub(config-router-sf)#?
Service Family configuration commands:
default Set a command to its defaults
eigrp EIGRP Service Family specific commands
exit-service-family Exit Service Family configuration mode
help Description of the interactive help system
maximum-service Maximum number of services acceptable in aggregate
metric Modify metrics and parameters for address advertisement
neighbor Specify a IPv4 service neighbor
no Negate a command or set its defaults
remote-neighbors Specify IPv4 service remote neighbors
sf-interface Enter Service Family interface configuration
shutdown Shutdown service family
timers Adjust peering based timers
topology Topology configuration mode
Back1-Stub(config-router-sf)#sf-int default
Back1-Stub(config-router-sf-interface)#?
Service Family Interfaces configuration commands:
authentication authentication subcommands
bandwidth-percent Set percentage of bandwidth percentage limit
dampening-change Percent interface metric must change to cause update
dampening-interval Time in seconds to check interface metrics
default Set a command to its defaults
exit-sf-interface Exit from Service Family Interface configuration mode
hello-interval Configures hello interval
hold-time Configures hold time
no Negate a command or set its defaults
shutdown Disable Service-Family on interface
split-horizon Perform split horizon
Back1-Stub(config-router-sf-interface)#exit
Back1-Stub(config-router-sf)#topology base
Back1-Stub(config-router-sf-topology)#?
Service Family Topology configuration commands:
default Set a command to its defaults
eigrp EIGRP specific commands
exit-sf-topology Exit from Service Family Topology configuration mode
metric Modify metrics and parameters for advertisement
no Negate a command or set its defaults
timers Adjust topology specific timers
Back1-Stub(config-router-sf-topology)#
I won’t go through highlighting and comparing them, I’ll let you compare for yourself, but its just like “address-family” only missing a lot of commands / functionality.
Wanted to just touch on that as it peaked my curiosity – That does it for this post!
Until next time!
The DEVNET GRIND! 