Posts Tagged ‘show ip eigrp topology’

Articles

EIGRP

In EIGRP on May 11, 2011 by carlosfvc Tagged: , , , , , , , , , , , , , , , , , , , ,

EIGRP

- Fast Convergence:
Uses Dual
Store all the network topology

- Partial Updates
Triggered updates only changes occurred
Consumes less bandwidth

- Multiple network layer support
IPV4 and IPV 6 support

- Use of multicast and unicast
Address is 224.0.0.10

- Variable-lenght subnet masking (VLSM) support

- Operates in same way on LAN and WAN environments

- Sophisticated metric
Unequal load balancing (improve use of traffic)

- Protocols number is 88

- Summarization can be enable in any interface. (decrease the size of the routing table)

- Uses Hello packets to ensure the neighbor is still alive

- Reliable Transport Protocol (RTP) responsible for guarantee the EIGRP packets delivery to all neighbors

EIGRP Terminology

- Neighbor table
- Topology table (all the destinations advertised by the neighbors)
- Advertised distance (cost between the local router and the next-hop router)
- Feasible distance  ( sum of these ADs costs is referred to as the feasible distance (FD)
- Successor (Installed in the routing table)

Verifying

show ip eigrp topology all-links (all the IP entries in the topology table)
show ip eigrp topology  ( only the successors and feasible successors)

Routers states :

Active or passive.
Considered passive when the router is not performing recomputation on that route. A route is active when it
is undergoing recomputation

EIGRP sends out five different types of packets:

hello, update, query, reply, and acknowledge (ACK).

- Hello and Hold Intervals

The time interval of hello packets varies depending on the medium. By default, hello packets are sent every 60 seconds on T1 or slower NBMA interfaces and every 5 seconds on other serial interfaces and on LANs.

The default hold-time value is 15 seconds on LAN and fast WAN interfaces and 180 seconds on slower WAN interfaces

Changing
ip hello-interval eigrp as-number seconds
ip hold-time eigrp as-number seconds

Tip
Two routers can become EIGRP neighbors even though the hello and hold time values do not match. This means that the hello interval and hold-time values can be set independently on different routers.

Verify
show ip eigrp neighbors

Neighborship

1. A new router (Router A in Figure 2-4) comes up on the link and sends out a hello packet through all of its EIGRP-configured interfaces.
2. Routers receiving the hello packet on an interface (Router B in Figure 2-4) reply with update packets that contain all the routes they have in their routing table, except those learned through that interface(because of the split horizon rule). Router B sends an update packet to Router A, but a neighbor relationship is not established until Router B sends a hello packet to Router A. The update packet from Router B has the initial bit set, indicating that this is the initialization process. The update packet contains information about the routes that the neighbor (Router B) is aware of, including the metric that the neighbor is advertising for each destination.
3. After both routers have exchanged hellos and the neighbor adjacency is established, Router A replies to Router B with an ACK packet, indicating that it received the update information.
4. Router A inserts the update packet information in its topology table. The topology table includes all destinations advertised by neighboring (adjacent) routers. It is organized so that each destination is listed, along with all the neighbors that can get to the destination and their associated metrics.
5. Router A then sends an update packet to Router B.
6. Upon receiving the update packet, Router B sends an ACK packet to Router A. After Router A and Router B successfully receive the update packets from each other, they are ready to chose the successor (best) and FS (backup) routes in the topology table, and offer the successor routes to the routing table.

Neighborhip notes:

- If the EIGRP topology table has many entries that have an equal cost FD to a given destination network, all successors (up to four by default) for that destination network are installed in the routing table.

- If the EIGRP topology table has many entries that have an equal cost FD to a given destination network, all successors (up to four by default) for that destination network are installed in the routing table.

- To qualify as an FS, a next-hop router must have an AD less than the FD of the current successor route for the particular network. This is known as the feasibility condition.

- The cost to reach the next-time must be smaller than the cost of the successors to reach the desired network.

EIGRP Metric Calculation

DUAL selects routes based on the EIGRP composite metric. Five criteria are associated with the EIGRP composite metric, but EIGRP uses only two by default:

Bandwidth— The smallest (slowest) bandwidth between the source and destination
Delay— The cumulative interface delay along the path

The following criteria, although available, are not commonly used, because they typically result in frequent
recalculation of the topology table:

Reliability— The worst reliability between the source and destination, based on keepalives.
Loading— The worst load on a link between the source and destination based on the packet rate and
the interface’s configured bandwidth.
Maximum transmission unit (MTU)— The smallest MTU in the path. (MTU is included in the EIGRP update but is actually not used in the metric calculation.) EIGRP calculates the metric by adding together weighted values of different variables of the path to the network in question. The default constant weight values are K1 = K3 = 1, and K2 = K4 = K5 = 0.

- Mismatched K values can cause a neighbor to be reset

Planning EIGRP Routing Implementations

- When preparing to deploy EIGRP in a network, you first need to gather the requirements, determine the existing network state, and consider different deployment options.

Considerations for EIGRP include the following:
• IP addressing plan
• Network topology
• EIGRP traffic engineering

- Create the implementation plan

Information needed:

• The IP addresses to be configured on individual router interfaces.
• The EIGRP autonomous system number, used to enable EIGRP. The autonomous system number
must be the same on all the routers in the EIGRP domain.
• A list of routers on which EIGRP is to be enabled along with the connected networks that are to run
EIGRP and that need to be advertised (per individual router).
• Metrics that need to be applied to specific interfaces, for EIGRP traffic engineering. The required
metric and the interface where the metric needs to be applied should be specified.

Tasks:

- Enabling the EIGRP routing protocol
- Configuring the proper network statements
- Optionally configuring the metric to appropriate interfaces

Verification
tasks include the following:
• Verifying the EIGRP neighbor relationships
• Verifying that the EIGRP topology table is populated with the necessary information
• Verifying that IP routing table is populated with the necessary information
• Verifying that there is connectivity in the network between routers and to other devices
• Verifying that EIGRP behaves as expected in a case of a topology change, by testing link failure and
router failure events.

Configuring eigrp

interface FastEthernet0/0
ip address 172.16.1.1 255.255.255.0

interface Serial0/0/1
bandwidth 512
ip address 192.168.1.101 255.255.255.224

interface Serial0/0/1
ip address 172.16.5.1 255.255.255.0

router eigrp 110
network 172.16.1.0 0.0.0.255
network 192.168.1.0

Verifying

Show commands:

Neighborship
show ip eigrp neighbors
show ip eigrp neighbors details
Routes
show ip route
show ip route eigrp
show ip protocols
show ip eigrp interfaces
show ip eigrp topology
show ip eigrp traffic

Debug Commands

debug eigrp packets
debug ip eigrp
debug ip eigrp summary
debug eigrp neighbors

Tips :

Two routers must have identical K values for EIGRP to establish an adjacency. The show ip protocols command is helpful in determining the current K value settings before an adjacency is attempted.

Router ID

The EIGRP router ID is chosen as the highest IP address on an active interface on the router, unless loopback interfaces are configured, in which case it is the highest IP address assigned to a loopback interface. Alternatively, if the eigrp router-id ip-address router configuration command.

The metric
value (4,294,967,295) is the highest possible value for a 32-bit number—it indicates that the route is unreachable.

Passive interface

The passive-interface {type number} | default router configuration command prevents a routing protocol’s routing updates from being sent through the specified router interface. This command is used to set either a particular interface or all router interfaces to passive; use the default option to set all router interfaces to passive.

For EIGRP, the passive-interface command does the following:
• It prevents a neighbor relationship from being established over a passive interface.
• It stops routing updates from being processed or sent over passive interface.
• It allows a subnet on a passive interface to be announced in an EIGRP process.

- Used in the ip default-network network-number global configuration command. A router configured with this command considers the network-number the last-resort gateway that it will announce to other routers with the exterior flag set.

- Use the show ip route command to view the routing table.

Summarization

- EIGRP automatic summarization on the major network boundary can be turned on or off.
- EIGRP has added functionality to allow administrators to create one or more summary routes within a network on any bit boundary, on any router within the network,as long as a more specific route exists in the routing table. EIGRP has added functionality to allow administrators to create one or more summary routes within a network on any bit boundary, on any router within the network,as long as a more specific route exists in the routing table.

- To turn off automatic summarization, use the no auto-summary router configuration command. Use the ip summary-address eigrp as-number address mask [admin-distance] interface configuration command to manually create a summary route at an arbitrary bit boundary.

- IP EIGRP summary routes are given an administrative distance value of 5.

Configuring and Verifying EIGRP in an Enterprise WAN

To emulate the LAN broadcast capability that is required by IP routing protocols (for example, to send EIGRP hello or update packets to all neighbors reachable over an IP subnet), the Cisco IOS implements pseudobroadcasting, in which the router creates a copy of the broadcast or multicast packet for each neighbor reachable through the WAN media, and sends it over the appropriate PVC for that neighbor.

Pseudo-broadcasting can be controlled with the broadcast option on static maps in a Frame Relay configuration. However, pseudo-broadcasting cannot be controlled for neighbors reachable through dynamic maps created via Frame Relay Inverse Address Resolution Protocol (ARP). Dynamic maps always allow pseudo-broadcasting. Dynamic maps always allow pseudo-broadcasting.

R1#show run
<output omitted>
interface Serial0/0
encapsulation frame-relay
ip address 192.168.1.101 255.255.255.0
frame-relay map ip 192.168.1.101 101
frame-relay map ip 192.168.1.102 102 broadcast
frame-relay map ip 192.168.1.103 103 broadcast

- Split horizon is disabled by default on Frame Relay physical interfaces.

Multipoint subinterfaces

are configured with the interface serial number.subinterface number multipoint command. For Frame Relay, the IP address-to-DLCI mapping on multipoint subinterfaces is done by either specifying the local DLCI value (using the frame-relay interface-dlci dlci command) and relying on Inverse ARP, or using manual IP address-to-DLCI mapping.

- Split horizon is enabled by default on Frame Relay multipoint subinterfaces.

- To disable use no ip split-horizon eigrp as-number command

Verify commands

show ip eigrp neighbors

EIGRP on Frame Relay Point-to-Point Subinterfaces

Point-to-point subinterfaces are created with the interface serial number.subinterface-number point-to-point
command. For Frame Relay, IP address-to-DLCI mapping on point-to-point subinterfaces is done by
specifying the local DLCI value, using the frame-relay interface-dlci dlci command

Configuration example:

interface Serial0/0
no ip address
encapsulation frame-relay
!
interface Serial0/0.1 point-to-point
ip address 192.168.3.103 255.255.255.0
frame-relay interface-dlci 130
!
router eigrp 110
network 172.16.3.0 0.0.0.255
network 192.168.3.0

Verify

show ip eigrp
neighbors command can be used to verify the operation of the EIGRP routing protocol over the Frame Relay
point-to point subinterface.

MPLS

MPLS is an Internet Engineering Task Force (IETF) standard architecture that combines the advantages of
Layer 3 routing with the benefits of Layer 2 switching.
With MPLS, short fixed-length labels are assigned to each packet at the edge of the network. Rather than
examining the IP packet header information, MPLS nodes use this label to determine how to process the
data.

This process results in a more scalable and flexible WAN solution. The MPLS standards evolved from the
efforts of many companies, including Cisco’s tag-switching technology.
MPLS enables scalable VPNs, end-to-end quality of service (QoS), and other IP services that allow efficient
utilization of existing networks with simpler configuration, management, and quicker fault correction.
MPLS Operation
MPLS is a connection-oriented technology whose operation is based on a label attached to each packet as it
enters the MPLS network. A label identifies a flow of packets (for example, voice traffic between two nodes),
also called a forwarding equivalence class (FEC). An FEC is a grouping of packets. Packets belonging to the
same FEC receive the same treatment in the network. The FEC can be determined by various parameters,
including source or destination IP address or port numbers, IP protocol, IP precedence, or Layer 2 circuit
identifier. Therefore, the FEC can define the flow’s QoS requirements. In addition, appropriate queuing and
discard policies can be applied for FECs.
The MPLS network nodes, called label-switched routers (LSRs), use the label to determine the next hop for
the packet. The LSRs do not need to examine the packet’s IP header; rather, they forward it based on the
label.
After a path has been established, packets destined to the same endpoint with the same requirements can be
forwarded based on these labels without a routing decision at every hop. Labels usually correspond to Layer
3 destination prefixes, which makes MPLS equivalent to destination-based routing.
A label-switched path (LSP) must be defined for each FEC before packets can be sent. It is important to note
that labels are locally significant to each MPLS node only. Therefore, the nodes must communicate what label
to use for each FEC. One of two protocols is used for this communication: the Label Distribution Protocol or
an enhanced version of the Resource Reservation Protocol. An interior routing protocol, such as OSPF or
EIGRP is also used within the MPLS network to exchange routing information.
A unique feature of MPLS is its capability to perform label stacking, in which multiple labels can be carried in
a packet. The top label, which is the last one in, is always processed first. Label stacking enables multiple
LSPs to be aggregated, thereby creating tunnels through multiple levels of an MPLS network.

The Layer 2 MPLS VPN provides a Layer 2 service across the backbone, where Routers R1 and R2 are
connected together on the same IP subnet.Figure 2-28 represents connectivity through the backbone as a
Layer 2 switch.
The Layer 3 MPLS VPN provides a Layer 3 service across the backbone, where Routers R1 and R2 are
connected to ISP edge routers. On each side, a separate IP subnet is used. Figure 2-28 represents
connectivity through the backbone as a router.

EIGRP Equal-Cost Load Balancing
Equal-cost load balancing is a router’s capability to distribute traffic over all the routers that have the same
metric for the destination address. All IP routing protocols on Cisco routers can perform equal-cost load
balancing.

Load balancing increases the utilization of network segments, thus increasing effective network bandwidth.
By default, the Cisco IOS balances between a maximum of four equal-cost paths for IP. Using
the maximum-paths maximum-path router configuration command, you can request that up to 16 equally
good routes be kept in the routing table. Set the maximum-path parameter to 1 to disable load balancing.

Note
Load balancing is performed only on traffic that passes through the router, not traffic generated by the
router.

EIGRP Unequal-Cost Load Balancing
EIGRP can also balance traffic across multiple routes that have different metrics—this is called unequal-cost load balancing. The degree to which EIGRP performs load balancing is controlled by the variance multiplier router configuration command. The multiplier is a variance value, between 1 and 128, used for load balancing. The default is 1, which means equal-cost load balancing. The multiplier defines the range of metric values that are accepted for load balancing. Setting a variance value greater than 1 allows EIGRP to install multiple loopfree routes with unequal cost in the routing table. EIGRP will always install successors (the best routes) in the routing table. The variance allows feasible successors to also be installed in the routing table.

EIGRP Link Utilization
By default, EIGRP uses up to 50 percent of the bandwidth declared on an interface or subinterface. EIGRP uses the bandwidth of the link set by the bandwidth command, or the link’s default bandwidth if none is configured, when calculating how much bandwidth to use.

Configuration template:

Router(config)#interface serial0/0/0
Router(config-if)#bandwidth 20
Router(config-if)#ip bandwidth-percent eigrp 1 200

The Cisco IOS assumes that point-to-point Frame Relay subinterfaces are operating at the default speed of the interface. In many implementations, however, only fractional speeds (such as a fractional T1) are available. Therefore, when configuring these subinterfaces, set the bandwidth to match the contracted CIR.

Configuring and Verifying EIGRP Authentication

By default, no authentication is used for routing protocol packets. Without neighbor authentication,
unauthorized or deliberately malicious routing updates could compromise the security of network traffic.

Routers use two types of authentication:
• Simple password authentication (also called plain-text authentication)— Supported by
Integrated System-Integrated System (IS-IS) Protocol, OSPF, and Routing Information Protocol
Version 2 (RIPv2)
• MD5 authentication— Supported by OSPF, RIPv2, BGP, and EIGRP

At a high level, configuring EIGRP MD5 authentication requires the following steps:
Step 1. Configure the authentication mode for EIGRP.
Step 2. Configure the key chain.
Step 3. Optionally configure the keys’ lifetime parameters.
Step 4. Enable authentication to use the keys in the key chain.

Configuration

Step 1. Enter configuration mode for the interface on which you want to enable authentication.

Step 2. Specify MD5 authentication for EIGRP packets using the ip authentication mode eigrp autonomous-system md5 interface configuration command. The autonomous-system is the EIGRP autonomous system number in which authentication is to be used.

Step 3. Enter the key-chain configuration mode for the key chain (that you will later configure on the
interface) using the key chain name-of-chain global configuration command.

Step 4. Identify a key ID to use and enter configuration mode for that key (the key-chain-key configuration mode) using the key key-id key-chain configuration command. The key-id is the ID number of an authentication key on a key chain. The range of keys is from 0 to 2147483647. The key ID numbers need not be consecutive.

Step 5. Identify the key string (the password) for this key using the key-string key key-chain-key configuration command. The key is the authentication key-string that is to be used to authenticate sent and received EIGRP packets. The key string can contain from 1 to 80 uppercase and lowercase alphanumeric characters, except that the first character cannot be a number. The key string for a given key ID must be the same on neighboring routers and is case sensitive.

Step 6. Optionally specify the time period during which this key will be accepted for use on received packets using the accept-lifetime start-time{infinite | end-time | duration seconds} key-chain-key configuration command. Table 2-9 describes the parameters for this command.

Step 7. Optionally specify the time period during which this key can be used for sending packets using the send-lifetime start-time {infinite |end-time | duration seconds} key-chain-key configuration.

Step 8. Enable the authentication of EIGRP packets with a key specified in a key chain by using the ip authentication key-chain eigrp autonomous-system name-of-chain interface configuration command. The autonomous-system parameter specifies the EIGRP autonomous system number in which authentication is to be used. The name-of-chain parameter specifies the name of the configured key chain from which a key is to be obtained for this interface.

If the service password-encryption command is not used when implementing EIGRP authentication, the key string will be stored as plain text in the router configuration.

Configuration authentication:

R1#show running-config
<output omitted>
key chain R1chain
key 1
key-string firstkey
accept-lifetime 04:00:00 Jan 1 2009 infinite
send-lifetime 04:00:00 Jan 1 2009 04:00:00 Jan 31 2009
key 2
key-string secondkey
accept-lifetime 04:00:00 Jan 25 2009 infinite
send-lifetime 04:00:00 Jan 25 2009 infinite
<output omitted>
interface FastEthernet0/0
ip address 172.16.1.1 255.255.255.0
!
interface Serial0/0/1
bandwidth 64
ip address 192.168.1.101 255.255.255.224
ip authentication mode eigrp 100 md5
ip authentication key-chain eigrp 100 R1chain
!
router eigrp 100
network 172.16.1.0 0.0.0.255
network 192.168.1.0
auto-summary
EIGRP

EIGRP MD5 Authentication Verification

show ip eigrp neighbors and show ip route commands

show key chain

show ip eigrp interface detail

Troubleshooting MD5 Authentication

debug eigrp packets authentication messages

Stuck-in-Active Connections in EIGRP
Because of the reliable multicast approach used by EIGRP when searching for an alternative to a lost route, it is imperative that a reply be received for each query generated in the network. In other words, when a route goes active and queries are initiated, the only way this route can come out of the active state and transition to passive state is by receiving a reply for every generated query. If the router does not receive a reply to all the outstanding queries within 3 minutes (the default time), theroute goes to the SIA state.
Note
You can change the active-state time limit from its default of 3 minutes using the timers active-time [timelimit | disabled] router configuration command. The time-limit is in minutes.

Limiting the EIGRP Query Range

• Configure route summarization using the ip summary-address eigrp command on the outbound
interfaces of the appropriate routers.
• Configure the remote routers as stub EIGRP routers.

Follow

Get every new post delivered to your Inbox.