Pages

Showing posts with label EIGRP. Show all posts
Showing posts with label EIGRP. Show all posts

Monday, May 9, 2011

EIGRP Authentication PPPoFR Virtual-template

Example of EIGRP authentication by using different passwords for each neighbor in frame relay network.

R1 - R2  
using md5 and CISCO12 as a password.
R1 - R3
using md5 and CISCO13 as a password.
Note
We are not allowed to use sub-interface at R1



Configuration

R1

key chain MY_KEY13
 key 1
   key-string CISCO13
!
key chain MY_KEY12
 key 1
   key-string CISCO12


interface Serial0/0
 ip address 192.168.1.1 255.255.255.0
 encapsulation frame-relay
 clock rate 2000000
 frame-relay interface-dlci 102 ppp Virtual-Template1
 frame-relay interface-dlci 103 ppp Virtual-Template2
 frame-relay lmi-type ansi
!

interface Virtual-Template1
 ip address 192.168.1.1 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 MY_KEY12
!
interface Virtual-Template2
 ip address 192.168.1.1 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 MY_KEY13
!
router eigrp 1
 network 0.0.0.0
 auto-summary
 
R2
key chain MY_KEY
 key 1
   key-string CISCO12

interface Serial0/0
 ip address 192.168.1.2 255.255.255.0
 encapsulation frame-relay
 clock rate 2000000
 frame-relay interface-dlci 201 ppp Virtual-Template1
!
!
interface Virtual-Template1
 ip address 192.168.1.2 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 MY_KEY
!
router eigrp 1
 network 0.0.0.0
 auto-summary

R3
key chain MY_KEY
 key 1
   key-string CISCO13
!
!
!

interface Serial0/0
 ip address 192.168.1.3 255.255.255.0
 encapsulation frame-relay
 clock rate 2000000
 frame-relay interface-dlci 301 ppp Virtual-Template1
!

interface Virtual-Template1
 ip address 192.168.1.3 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 MY_KEY
!
router eigrp 1
 network 0.0.0.0
 auto-summary


Posted by BBru at 1:58 PM 0 comments
Labels: , ,

Sunday, February 27, 2011

EIGRP Neighbor

EIGRP sends hello packets every 5 seconds on high bandwidth links and every 60 seconds on low bandwidth multipoint links.


Common reasons of eigrp neighbor adjacency are as followings.

  • Unidirectional link
  • Uncommon subnet, primary, and secondary address mismatch
  • Mismatched masks
  • K value mismatches
  • Mismatched AS numbers
  • Stuck in active
  • Layer 2 problem
  • Access list denying multicast packets
  • Manual change (summary router, metric change, route filter)


***For this post, we will talk about K-value mismatch****


Example

R1#show ip protocols
Routing Protocol is "eigrp 1"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: eigrp 1
  EIGRP NSF-aware route hold timer is 240s
  Automatic network summarization is in effect
  Automatic address summarization:
    192.168.2.0/24 for FastEthernet0/0, Loopback0
    192.168.1.0/24 for FastEthernet0/1, Loopback0
    1.0.0.0/8 for FastEthernet0/0, FastEthernet0/1
      Summarizing with metric 128256
  Maximum path: 4
  Routing for Networks:
    1.0.0.0
    192.168.1.0
    192.168.2.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    Gateway         Distance      Last Update
    (this router)         90      00:11:26
    192.168.2.2           90      00:07:45
    192.168.1.2           90      00:07:45
  Distance: internal 90 external 170


Change Metric to mismatch condition

router eigrp 1
 network 1.0.0.0
 network 192.168.1.0
 metric weights 0 1 1 1 0 0

Logging  (Neighbor relationship down)

3w2d: EIGRP: Received HELLO on Ethernet0 nbr 192.168.1.2
3w2d:   AS 100, Flags 0x0, Seq 0/0 idbQ 0/0
3w2d:        K-value mismatch
3w2d: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 192.168.1.2 (Ethernet0) is down:
 K-value mismatch

In sum, the K-value of these eigrp processes need to be matched.

Reference


Posted by BBru at 11:40 PM 0 comments
Labels:

Monday, February 14, 2011

EIGRP Stub feature

EIGRP Stub routing is one of the feature of EIGRP routing protocol to improve the stability and reduce resource utilization. EIGRP stub routing is often used in the hub and spoke topology where the eigrp stub is enabled on the spoke routers. Also, EIGRP stub can limit the query when the upstream routers go to Active state searching for the route.

When configuring EIGRP stub, the default value of cisco IOS is "eigrp stub connected summary" which means the stub router will advertise only connected and summary routes to the upstream routers. However, we can change this setting by adding the following option to the eigrp stub.

eigrp stub[receive-only | connected | static |summary]

Example
In this example, we will have 2 scenarios. 

Scenario 1
R1 is configured as a stub router and use the default value which is connected and summary. All of the routers in this scenario are in the EIGRP domain. 


Before EIGRP stub enabled on R1, we can see the routing table of R3 that it has route to network 10.1.1.0/24. However, when we configure stub on R1, because 10.1.1.0/24 network is not connected or summary on R1, it will not be advertised to R3. Therefore, after enabling stub command, we do not see 10.1.1.0/24 network on R3

Before enabling eigrp stub on R1
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       1.1.1.0/24 is directly connected, Loopback0
D       1.0.0.0/8 is a summary, 00:14:46, Null0
     2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       2.2.2.0/24 is directly connected, Loopback1
D       2.0.0.0/8 is a summary, 00:14:46, Null0
D    10.0.0.0/8 [90/435200] via 192.168.1.2, 00:01:25, FastEthernet0/0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
D    192.168.2.0/24 [90/307200] via 192.168.1.2, 00:12:05, FastEthernet0/0

Enabling EIGRP Stub

R1
router eigrp 1
 network 0.0.0.0
 auto-summary
 eigrp stub connected summary

R3 routing table  ( no network 10.1.1.0/24 in its routing table )
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       1.1.1.0/24 is directly connected, Loopback0
D       1.0.0.0/8 is a summary, 00:15:44, Null0
     2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       2.2.2.0/24 is directly connected, Loopback1
D       2.0.0.0/8 is a summary, 00:15:44, Null0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
D    192.168.2.0/24 [90/307200] via 192.168.1.2, 00:00:24, FastEthernet0/0


Scenario 2:
We enable EIGRP stub on R2. However this time, we configured EIGRP stub on R2. but we chose option received-only, which means R2 will not advertise any of its route to R1 (upstream router) 


Before configuring EIGRP stub received-only on R2

R1 routing table
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

D    1.0.0.0/8 [90/409600] via 192.168.1.1, 00:02:51, FastEthernet0/0
D    2.0.0.0/8 [90/409600] via 192.168.1.1, 00:02:51, FastEthernet0/0
D    10.0.0.0/8 [90/409600] via 192.168.2.2, 00:00:11, FastEthernet0/1
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, FastEthernet0/1



After configuring EIGRP stub receive-only on R2

router eigrp 1
 network 10.0.0.0
 network 192.168.2.0
 auto-summary
 eigrp stub receive-only


R1 routing table. As expected, we do not have 10.1.1.0/24 in R1 routing table
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

D    1.0.0.0/8 [90/409600] via 192.168.1.1, 00:01:08, FastEthernet0/0
D    2.0.0.0/8 [90/409600] via 192.168.1.1, 00:01:08, FastEthernet0/0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
C    192.168.2.0/24 is directly connected, FastEthernet0/1




Posted by BBru at 11:18 PM 0 comments
Labels:

Monday, February 7, 2011

EIGRP leak-map

EIGRP leak-map allows sub-networks in the summary address of EIGRP leaked. The command we use is "ip summary eigrp x.x.x.x y.y.y.y leak-map <route-map>

Example


R2 will advertise summary address (192.168.0.0/22) to R1. However, 192.168.2.0 is required to leaked out from the summary address.



Configuration


R2

ip summary-address eigrp 1 192.168.0.0 255.255.252.0 5 leak-map allow-2


ip access-list standard allow-2
 permit 192.168.2.0
!
route-map allow-2 permit 10
 match ip address allow-2
!




Verify Configuration


R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.1.0 is directly connected, FastEthernet0/0
D    192.168.2.0/24 [90/409600] via 172.16.1.2, 00:00:08, FastEthernet0/0
D    192.168.0.0/22 [90/409600] via 172.16.1.2, 00:03:25, FastEthernet0/0

Posted by BBru at 10:29 PM 1 comments
Labels:
Subscribe to: Posts (Atom)