eigrp notes pdf download - NetworkBlackbelt

cloutedcoughNetworking and Communications

Oct 28, 2013 (3 years and 8 months ago)

143 views

EIGRP

EIGRP FEATURES

EIGRP is an advanced distance vector routing protocol
, as it combines distance vector and link
-
state
features
. EI
GRP link
-
state attributes include dynamic neighbor discovery.

EIGRP supports all data
-
link
(layer 2) protocols and topologies.

Feature Summary:

Transport

IP, protocol type 88 (does not use UDP or TCP)

Metric

Bandwidth and delay (optionally load/reliability)

Hello
-
Interval

Interval between sending Hello Packets



60
seconds on T1 or slower NBMA interfaces



5 seconds on
fast
serial interfaces and LANs



ip hello
-
interval eigrp

as
-
number seconds

! command
adjust
s

per interface

Hold timer

Timer used to determine if a route has failed, based on not receiving Hello
packets
.

If a packet is not received by hold time, the neighbor adjacency is
reset, and topology entries from that neighbor are removed.

If the route was
a successor, those routes are removed from the IP table



Default is 3 times the hello
-
interval



ip hold
-
time
eigrp

as
-
number seconds

! command to adjust
hold time

Update destination
address

Multicast sent to 224.0.0.10, retransmissions unicast to neighbor IP

Full or partial updates

Full updates for new adjacencies, partial updates after

Authentication

MD5

VLS
M/Classless

Includes mask with each route; supports discontiguous networks and VLSM

Route Tags

Allows EIGRP to tag routes as they are redistributed into EIGRP

Next
-
hop field

Supports the advertisement of routes with a different next
-
hop router than
the
advertising router

Manual route
summarization

Allows route summarization at any point in the EIGRP network

Automatic
Summarization

Performs auto
-
summary at classfull network boundary by default

Multiprotocol


Supports IPv4, IPv6,; and legacy protocols I
PX, and AppleTalk

Administrative Distance
(AD)



EIGRP summary routes: AD = 5



EIGRP internal routes: AD = 90



EIGRP external routes

(redistribution)
: AD = 170

Load Balancing

Supports up to 16 equal
-
cost paths using the
maximum
-
paths

router
configuration com
mand


EIGRP Four key technologies include:



Neighbor discovery/recovery mechanism

-

Dynamic neighbor discover using Hello packets



Reliable Transport Protocol (RTP)

-

Reliable EIGRP packet delivery




Diffusing Update Algorithm (DUAL)

-

Decision process for route calculations



Protocol
-
D
ependent Modules (PDM)
-

Multiprotocol support

EIGRP
TERMINOLOGY



Neighbor Table

-

built from Hello packets; Neighbor Table includes the neighbor IP address and
local router interface receiving the neighb
or Hello packets



Topology Table

-

contains all destinations advertised by neighboring routers including the best
paths and loop free alternatives



Routing Table

-

best paths to each destination; contains the successor routes



Advertised Distance (AD)

-

the A
D is the reported distance to a destination by a neighbor



Feasible Distance (FD)

-

the FD is the end to end distance from the local router to the
destination



Successor

-

the successor is the neighbor router with the best metric to reach a destination
; the
forwarding path



Feasible Successor (FS)

-

the FS is a neighbor router with a backup

loop
-
free (loop free means:
does not loop back through the local router)

route, should the successor route fail
. For a router
to qualify as a FS for a path, it’s AD must be

less than the current successor ‘s FD



Feasibility Condition (FC)

-

the FC states if the neighbors AD is lower than this routers FD, it
must be a loop free path, and has met the feasibility condition



Router ID (RID)

-

The router ID uniquely identifies the
router. It
s

value is determined in the
following order:

o

Configured with the
eigrp router
-
id

ip
-
address

router configuration command

o

The highest numeric value
IP address on a Loopback interface

o

The highest numeric value
IP address on an up/up

interface

EIGRP INTERNALS



Neighbor discovery
: EIGRP uses Hello packets to discover neighbors and form adjacencies. The
metric weights (K values)

and ASN

must match (timer values are not required to match)



Topology exchange
: Neighbors exchange full topology updates w
hen the neighbor adjacency is
established; only partial updates are required after for network topology changes.



Choosing routes
: The lowest cost path for each destination is added to the IP routing table


DIFFUSING UPDATE ALGORITHM
(DUAL)

DUAL is a conver
gence algorithm that uses diffusing computations, to perform shortest
-
path routing and
avoid temporary routing loops.
DUAL uses the AD and FD of routers to determine the lowest cost (best
metric) path to a destination. The lowest cost path is the successor

route

inserted into the IP routing
table
; loop
-
free alternatives
that meet the FC are FS paths maintained in the topology table.

If a successor route is lost and a FS exist
s
, the FS is promoted to successor without
requiring DUAL

to

enter the active state
.

An EIGRP route is in a passive state (desired operational state), if no
computations are being performed. An EIGRP route is active, when no FS exists and DUAL is actively
computing for a new best path.


DUAL remains in the passive state while performing

local computations for a new FS (having promoted
the FS to successor); only if a FS is not found does the route enter the active state and being querying
neighbors for a FS path. If the neighbor has a FS it responds to the query with a reply. If the neigh
bor
does not have a FS path, it marks the route as active and also be
g
ins performing DUAL computations.

The query/reply process is complete when the router receives a reply to each query packet

sent
. If the
router does not receive
a reply
packet
within the

default active time (3 minutes), the route is marke
d
Stuck
-
in
-
active (SIA) and the adjacency to the neighbor that failed to reply is reset.

EIGRP
PACKET TYPES

EIGRP uses five packet types:



Hello

-

Used for neighbor discovery and
keepalive

mechanism, sent as multicast 224.0.0.10
, do
not require acknowledgement



Update

-

Reliably sends route change information



Query

-

Reliably requests specific route information, sent as multicast (retransmitted as a
unicast)



Reply

-

Reliably responds to a qu
ery



ACK

-

Acknowledgement used to acknowledge updates, queries, and replies

All reliable packets include a sequence number and require acknowledgement.

EIGRP
METRIC CALCULATION


The EIGRP metric calculation uses bandwidth and delay by default. The bandwidt
h is the configured
interface
bandwidth. Delay is the only recommended option for manipulating paths. The complete
metric formula:


The metric calculations uses:



Bandwidth

-

slowest link in path
, the bottleneck



Delay

-

cumulative delay along path



Reliability

-

the worst reliability between source and destination based on keepalives



Load

-

the worst load between source and destination based on packet rate and interface
configured bandwidth



Maximum Transmission Unit (MTU)

-

Smallest MTU, however not
actually used in calculation

The metric weights: K1 = K3 = 1, and K2 = K4 = K5 = 0



Note the EIGRP delay value is the sum of all delays in the path, in tens of microseconds x 256;
the
show interfaces

command displays delay in microseconds



Note the EIGRP ban
dwidth value is calculated using the minimum bandwidth link in the path
represented in kbps.
10
7
is divi
ded by this value, then the result x 256

PLANNING
EIGRP
ROUTING IMPLEMENTATIONS

Gather the following information:



Existing network setup and future
requirements

-

Document the IP addressing plan, network
topology, link types, bandwidth, and utilization. Design the IP addressing to allow
summarization.



Network design

-

A hierarchical network design can perform more efficiently



EIGRP scaling options

-

T
his includes summarization, stub areas, and interface metrics to
improve bandwidth utilization

The implementation plan must document: EIGRP AS number, topology type, IP address assignment, list
of EIGRP routers, and interface metrics. Additionally verifica
tion tasks must be documented including:
verifying neighbor adjacencies, IP routing tables, EIGRP topology tables, network connectivity, and
verifying EIGRP behaves as expected in case of topology change, by testing link/router failure.

EIGRP
CONFIGURATION

Basic EIGRP configuration:

router eigrp 123

! enabled the EIGRP routing process with Autonomous System Number 123

network 10.10.0.0 0.0.255.255

! matches all interfaces with prefix 10.10.0.0

network 20.0.0.0

! matches all interfaces with prefix 20.0.0.0

network 30.0.0.1 0.0.0.0

! matches the specific interface address 30.0.0.1

network 0.0.0.0 255.255.255.255

! matches all interfaces on the router

no auto
-
summary

! disables automatic summarization at the major network boundary


Configure interface
bandwidth:



Ethernet bandwidth is fixed,



PPP and HDLC set the bandwidth to the link speed



Frame Relay Point
-
to
-
Point set to the CIR



Frame Relay Multipoint set to sum of all CIR; or if the PVCs have different CIR set to the
lowest CIR multiplied by the total

number of PVCs (e.g. = 256k(lowest CIR) x 4 links (total
PVCs) = 1024 bandwidth)

interface serial 0/1

bandwidth 512

! sets the interface bandwidth to 512 kbps

ip address 20.0.0.1 255.255.255.252

! sets the interface prefix/mask


EIGRP
VERIFICATION

EIGR
P show commands:

show ip eigrp neighbors

Shows
the IP address of the
adjacent

EIGRP neighbor

and local
interface to reach neighbor


show ip route

Shows

the current
best routes (EIGRP successors) and other best
paths from configured routing protocols


show ip route eigrp

Shows

only the EIGRP current successor routes


show ip protocols

Verifies the EIGRP ASN, timer values,
metric weights (K Values),
identified networks, and EIGRP neighbors

IP addresses

(routing
information sources)
, Maximum Paths, Summa
rization info, and
Variance


show ip eigrp interfaces

Verifies all EIGRP configured interfaces
based on network
commands; omits passive
-
interfaces


show ip eigrp topology

Shows

the EIGRP topology table.
Verifies active or passive state

of
routes, the number of successors,

and the FD to the destination,
and RID of local router.
Note that only successor and feasible
successor routes are displayed. Add the
all
-
links

keyword

to
display all routes, including those not eligible to be successo
r or
feasible successor routes


show ip eigrp traffic

Shows the amount and type of EIGRP

hello packets, updates,
queries, replies, and acknowledgemen
ts, sent and received



EIGRP debug commands:

debug eigrp packets


Displays the types of EIGRP packets
sent and received. A maximum
of 11 packet types can be selected for individual or group display


debug ip eigrp

Displays packets that are sent and received on an interface.
T
his

command generates large amounts of output


debug ip eigrp summary


Displays

IP EIGRP summary route processing

debug eigrp neighbors


Displays neighbors discovered by EIGRP and the contents of the
Hello packets



passive
-
interface COMMAND WITH
EIGRP

The
passive
-
interface

command prevents routing updates or Hello messages from be
ing sent out
an interface. EIGRP does not send Hellos over a passive interface; thus cannot form adjacencies.

The
purpose of the
passive
-
interface

command is to allow the subnet to be advertised in the routing
protocol, but for the
passive

interfaces not t
o participate in the routing protocol.

Example

1:

router eigrp 123

passive
-
interface default

! sets all EIGRP interfaces to passive

no passive
-
interface fa0/0

! manually permits a specific interface NOT to be passive


Example

2:

router eigrp 123

passive
-
interface s0/1

! this variation of the command specifics a single interface to be passive


When using the
passive
-
interface

command: use
show ip eigrp neighbors

command to
verify neighbor relationships, and
show ip protocols

to verify interfaces c
onfigured as passive

EIGRP
DEFAULT ROUTE

Static IP route:

ip route 0.0.0.0 0.0.0.0 192.168.1.2

! the 0.0.0.0 0.0.0.0 matches any
destination

and sends
traffic not matche
d

with a more specific route to the next hop IP 192.168.1.2
. Note this command is not
r
edistributed into EIGRP
unless

the router is configured with the
network 0.0.0.0

statement under
the
router eigrp 123

process.


Default network:

router eigrp 123

network 10.0.0.0

! matches interfaces in the 10.0.0.0 network

exit

!

returns to global configuration mode

ip default
-
network 10.0.0.0

! sets the gateway of last resort to this network. EIGRP will
advertise this route to neighbors. The neighbors will set the next
-
hop IP to reach 10.0.0.0 as the gateway
of last resort

Note
to remove the default
-
network command, you must use
no ip route 10.0.0.0

EIGRP
ROUTE SUMMARIZATION

EIGRP auto
-
summary is enabled by default. Summarizing routes at major classful boundaries creates
smaller routing tables with smaller routing updates, result
ing in less bandwidth and CPU overhead.
When a summary route is configured on a router’s interface, a summary route is added to the IP routing
table with a next
-
hop interface of null0. null0 serves as a bit bucket for packets that match the
summary, yet do

not match any known specific route; this is a loop prevention feature. Discontiguous
subnets require disabling auto
-
summarization with the
no auto
-
summary

EIGRP router configuration
command. A router will only auto
-
summarize for directly connected network
s. A summary route can be
created as long as more specific route exists in the routing table.

ip summary
-
address example:

router eigrp 123

network 172.16.1.0

no auto
-
summary

! turns off auto
-
summarization

exit

interface fa0/1

! the summary
-
address command is an interface command

ip summary
-
address eigrp 123 172.
16.
0.0 255.255.0.0

! creates a summary address for
172.16.0.0 /16


EIGRP
OVER FRAME RELAY PHYSICAL INTERFACE

Frame Relay (FR) allows multiple logical virtual circuits
(VC) to be multiplexed over a single physical
interface. The VCs are identified by a Data
-
link Connection Identifier (DLCI); DLCIs are locally significant
between the local router and the frame switch. IP layer connectivity requires a mapping between IP
ad
dress and DLCI.



FR is a Non
-
Broadcast Multiaccess (NBMA) network where all routers are on the same IP subnet



To emulate broadcast/multicast capability; IOS uses pseudo
-
broadcasting
-
the router copies the
broadcast/multicast packet for each neighbor and send
s it across the FR link



Pseudo
-
broadcasting can be controlled with static FR map statements; however pseudo
-
broadcasting
cannot

be controlled when using FR dynamic maps (inverse ARP)



On a FR link, neighbor loss is detected only when the interface goes down

or the hold time
expires. An interface is UP if at least 1 PVC is active



Split
-
horizon is disabled by default on FR physical interfaces

Example EIGRP over FR Physical Interface with Dynamic Mapping:

interface s0/0

encapsulation frame
-
relay

! set the encap
sulation type on interface

ip address 172.16.1.1 255.255.255.252

exit

router eigrp 123

network 172.16.1.0 0.0.0.255

! enable the interface to participate in EIGRP

network 10.0.0.0

! Inverse ARP automatically maps the neighbor IP to the local DLCI

Dynamic

Mapping is the default
. Inverse ARP can only map neighbor IP to DLCI if the VC exists between
the local router and neighbor (it can’t map between neighbors if a VC doesn’t exist between them).

Example EIGRP over FR Physical Interface with Static Mapping:

R1#

interface s0/0

encapsulation frame
-
relay

ip address 172.16.1.1
01

255.255.255.0

frame
-
relay map ip 172.16.1.
10
1 101

! this map statement allows R1 to ping itself

frame
-
relay map ip 172.16.1.102 102 broadcast

! maps neighbor IP to the local DLCI 102

frame
-
relay map ip 172.16.1.103 103 broadcast

! maps neighbor IP to the local DLCI 103

exit

router eigrp 123

network 172.16.0.0


------------------------------

R2#

interface s0/1

ip address 172.16.1.102 255.255.255.0

encapsulation frame
-
relay

frame
-
relay

map ip 172.16.1.101 201 broadcast

! maps R1 to DLCI 201

exit

router eigrp 123

network 172.16.0.0

Note, the above example is for a
hub and spoke topology, with R1
the hub, and R2
(172.16.1.102)
and
R3
(172.16.1.103)
the spokes.

EIGRP
OVER FRAME RELAY
MULTIPOINT SUBINTERFACES

Multipoint subinterfaces are logical interfaces emulating a multiaccess network sharing the same subnet
between neighbors. FR multipoint is suitable to full and partial mesh topologies. EIGRP neighbor loss
detection is slow on low
-
speed WAN links taking up to 3 minutes to identify a neighbor is down.

Multipoint subinterfaces can be configured 1 of 2 ways:

1.

frame
-
relay interface
-
dlci
dlci

command and relying on Inverse ARP

2.

manual IP address to DLCI mappings

Manual IP address to DLCI
mapping example:

R1#

interface s0/0

no ip address

encapsulation frame
-
relay

interface s0/0.1 multipoint

! creates the logical multipoint interface

ip address 172.16.1.101 255.255.255.0

no ip split
-
horizon eigrp 123

!
this allows connectivity between R2 and

R3 from the R1 hub

frame
-
relay map ip 172.16.1.101 101

! this command allows R1 to ping itself

frame
-
relay map ip 172.16.1.102 102 broadcast

frame
-
relay map ip 172.16.1.103 103 broadcast

exit

router eigrp 123

network 172.16.0.0

Note, the above example is

for a hub and spoke topology, with R1 the hub, and R2 (172.16.1.102) and
R3 (172.16.1.103) the spokes.

EIGRP UNICAST NEIGHBORS



uses unicast packets instead of multicast



if an interface is configured with the neighbor command it will no longer accept unica
st Hello
packets; thus all neighbors on the segment must be configured with neighbor command or the
adjacency will fail

EIGRP Neighbor Command Example:

R1#

interface s0/0

no ip address

encapsulation frame
-
relay

interface s0/0.1 multipoint

ip

address 172.16.1.101 255.255.255.0

frame
-
relay map ip 172.16.1.102 102 broadcast

frame
-
relay map ip 172.16.1.103 103 broadcast

exit

router eigrp 123

network 172.16.0.0

neighbor 172.16.1.102 serial0/0.1

! this is the neighbor IP and local multipoint interf
ace

Note, the above example is for a hub and spoke topology, with R1 the hub, and R2 (172.16.1.102) and
R3 (172.16.1.103) the spokes.

EIGRP
OVER FRAME RELAY POINT
-
TO
-
POINT SUBINTERFACES

One or more point
-
to
-
point subinterfaces can be configured on a FR ph
ysical interface. Point
-
to
-
point
subinterfaces emulate a physical point
-
to
-
point link; each point
-
to
-
point subinterface requires its own
subnet. FR point
-
to
-
point links are suitable in a hub and spoke topology. Neighbor loss detection is fast
at 15 seconds

max. Additionally if the DLCI attached to the interface is lost, neighbor loss detection is
immediate; however this feature only works if the FR network supports end
-
to
-
end Local Management
Interface (LMI) signaling.

EIGRP over a Point
-
to
-
Point FR subinte
rface configuration example:

R#1

interface s0/0

no ip address

encapsulation frame
-
relay

! set the encap type on the physical interface

interface serial0/0.2 point
-
to
-
point


ip address 172.16.2.101 255.255.255.0

frame
-
relay interface
-
dlci 102

! maps DLCI 102 to this point
-
to
-
point subinterface

interface s0/0.3 point
-
to
-
point

ip address 172.16.3.101 255.255.255.
0

! each point
-
to
-
p subinterface is on a different
subnet

frame
-
relay interface
-
dlci 103

exit

router eigrp 123

network 172.16.3.0
0.0.0.255

network 172.16.2.0 0.0.0.255

Note, the above example is for a hub and spoke topology, with link between R1
--
>R2
on 172.16.2.0
/24
and the link between R1
--
>R3 on 172.16.3.0/24

EIGRP LOAD BALANCING

Equal
-
cost load balancing allows the router to di
stribute traffic to a destination across multiple equal
cost paths. Load balancing increases network utilization.



IOS supports a maximum of 16 equal
-
cost paths, with 4 paths the default. The number of
maximum
-
paths is set with the
maximum
-
paths

router conf
iguration command. A value of 1
disables load balancing.



By default, IOS balances traffic across routes on a per destination IP address basis (fast
-
switching); rather than per packet basis (process
-
switching)



Load balancing is performed for traffic flowing

through the router not generated by the router
itself

Unequal
-
cost load balancing allows the router to distribute traffic to a destination across multiple
unequal cost paths.



The
variance

command sets the number of unequal cost paths; by default
variance
=

1
indicating equal
-
cost load balancing
only
. The variance values range from 1
-
128



Setting a variance value of 2 or more allows EIGRP to install multiple loop
-
free paths into the IP
forwarding table.
Only FS can be considered for use with variance
, if a r
oute is not a FS the value
of the variance command does not matter as it cannot be guaranteed to be loop
-
free nor
considered for forwarding



Variance works by multiplying the value of the current successor metric by variance, if the result
is greater than t
he FS
FD; then any FS routes with a metric less than the product of variance * FD
is inserted into the IP routing table (up to the number of routes defined by max paths command)



Routers that are not successors or FS can never be added to the IP routing tab
le, regardless of
variance setting



IOS supports up to 6 unequal cost paths.



IOS default load balancing behavior distributes traffic ratio proportionately based on the
metrics of each path (ie: if one path has a metric of 100
0

and has a metric of 100, traffic would
be shared at a ratio of 1
0
:1) This behavior is controlled by the
traffic
-
share

router
configuration command

Load balancing configuration example:

router eigrp 123

network 10.0.0.0

network 172.16.0.0 0.0.255.255

maximum
-
paths 3

! sets the max paths value to 3

variance 2

! configures variance of 2
*

FD
;

so any FS routes less than 2

*

FD are used

traffic
-
share balanced

! this is the default described above;
min across
-
interfaces

option
allows backups to be used, bu
t only if the primary route becomes unavailable


EIGRP
BANDWIDTH

EIGRP uses up to 50% of the link bandwidth for EIGRP message traffic. In a NBMA network (FR) routers
must copy multicast and broadcast packets and forward to neighbors over the link; this ca
n overwhelm
the link with EIGRP message traffic.
EIGRP uses the

bandwidth

interface command combined with the

ip bandwidth
-
percent

eigrp

asn

percent

interface/subinterface subcommand
to

control EIGRP
message
traffic utilization
. IOS queues EIGRP messages i
n memory, delaying them to limit bandwidth
utilization.



IOS default bandwidth for serial and subinterfaces = 1544 Kbps



EIGRP limits the consumed bandwidth based on the percentage of interface/subinterface
bandwidth



Set bandwidth of point
-
to
-
point
subinterf
ace
links to the CIR of the PVC



Set bandwidth of multipoint

subinterface

links to the

total CIR of all VCs

Example EIGRP bandwidth configuration

example (all VCs with same CIR)
:

R1#

interface serial 0

encapsulation frame
-
relay

bandwidth 224

This example
uses R1 as the hub, with 4 spoke routers each with a CIR of 56Kbps (total 224)

Example EIGRP bandwidth configuration (multipoint VCs with a CIR different from point
-
to
-
point):

R1#

interface serial0/0.1 multipoint

bandwidth 768

frame
-
relay interface
-
dlci 10
1

interface serial0/0.2 point
-
to
-
point

bandwidth 56

frame
-
relay interface
-
dlci 201

R1 is the hub, 3 links exist off the multipoint subinterface with a CIR of 256Kbps each (total 768), and a
point
-
to
-
point link with a CIR of 56

Example Oversubscribed EIGRP

configuration example:

R1#

interface serial0/0.1 point
-
to
-
point

bandwidth 25

frame
-
relay interface
-
dlci 101

ip bandwidth
-
percent eigrp 123 128

In this example R1 is the hub, with 10 PVCs with 256Kbps total bandwidth (25Kbps per link). The links
are overs
ubscribed with a CIR of 64Kbps each. The
ip bandwidth
-
percent

command is set to 128%
in order to achieve the 50% EIGRP message traffic ratio of the CIR (in other words 32Kbps for EIGRP
message traffic). An alternative to setting the bandwidth per link is to set the bandwid
th on the physical
interface.

EIGRP

AUTHENTI
CATION

EIGRP supports plain text and MD5 authentication. With simple authentication (plain text) each
participating router is configured with the same password; the password
is sent
across the wire. MD5
authentication sends a message digest (hash) created
using the key and message appended to the
packet; the hash value is sent across the wire instead of the key itself. When receiving packets if the
hash matches the packet is accepted, if the hash does not match, the packet is dropped. Using MD5
authenticati
on prevents unauthorized routing updates from unapproved sources.



Each key has its own key ID, which is stored locally. The combination of key ID and interface
associated with the message uniquely identifies the MD5 authentication key in use.



When sending
keys, the keys are processed from lowest to highest and the first valid key is used;
when receiving packets,
all valid keys are checked until a match is found.



Configuring EIGRP requires the key ID (number), the key (password), and optionally lifetime of
k
ey (keys cannot be used for time periods they are not active; routing updates will fail)

EIGRP MD5 Authentication steps:

1.

Create the key chain using:
key chain ccnp
-
chain

command

2.

Create a key ID using:
key 1

command

3.

Create the password to be used between ne
ighbors:
key
-
string P@$$w0rd

4.

(Optional) Set the accept
-
lifetime

5.

(Optional) Set the send
-
lifetime

6.

Enable
MD5
authentication on the interface

using
ip authentication mode eigrp 123
md5

command

7.

Assign the key chain to the interface
:
ip

authentication key
-
chain eigrp 123 ccnp
-
keychain

command

EIGRP MD5 Authentication Example:

R1#

key chain ccnp
-
chain

! step 1

key 1

! step 2 (does not need to match on neighbor router)

key
-
string P@$$w0rd

! step 3

accept
-
lifetime

04:00:00 Jan 1 2013 infinite

! optional step 4

send
-
lifetime 04:00:00 Jan 1 2013 04:00:00 Jan 31 2013

! step 5, need keys for Jan31+

end

conf t

interface serial0/0

ip authentication mode eigrp 123 md5

! step 6

ip authentication key
-
chain eigrp 123 ccnp
-
ch
ain

! step 7


EIGRP authentication verification commands:



show key chain

-

displays the key chain values (accept/send and key id password values)



show ip eigrp neighbors

-

confirm neighbor relationships



debug eigrp packets

-

shows packet authentication i
nformation sent/received



show clock

-

verify the time on both routers

EIGRP
STUB

ROUTING

EIGRP stub routing improves network stability, utilization, and stub router configuration. A stub router
indicates in the Hello packet its status as a stub router. Any router that receives a packet informing it of
the neighbor router’s stub status
does not

query the stub router for any routes. Stub routers are not
queried, instead the hub router replies on behalf of the stub.



Only the remote routers are configured as stubs



A stub router is defined as a router connected to the hub, through which transit traf
fic should
not flow (stub routers should only have hub routers as neighbors)



Cisco recommends enabling summarization on the hub router; alternatively configure a default
route to advertise to the spokes. When using the default route, ensure the stub router
s are
configured with the
ip classless

command

Example stub configuration:

R2#

router eigrp 123

network 10.0.0.0

eigrp stub


Optional stub parameters:



eigrp stub receive only



prevents the stub from advertising any networks, including its
own. Cannot be
used with any other options



eigrp stub connected



advertises connected routes (must be included as a network
statement, or redistributed into EIGRP.
Enabled by default
)



eigrp stub static



advertises static routes; must be redistributed into EIGRP before
they
will advertise



eigrp stub summary



advertises manual and auto
-
summary routes;
enabled by default



eigrp

stub redistributed



advertises routes redistributed into EIGRP from another
protocol or AS

<eof>