1 / 71

EIGRP

EIGRP. EIGRP (IPv4) Network Topology. 2. R1# show running-config interface GigabitEthernet0/0 ip address 172.16.1.1 255.255.255.0 ! interface Serial0/0/0 bandwidth 64 ip address 172.16.3.1 255.255.255.252 clock rate 64000 ! interface Serial0/0/1

dorisevans
Download Presentation

EIGRP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EIGRP

  2. EIGRP (IPv4) Network Topology 2

  3. R1# show running-config interface GigabitEthernet0/0 ip address 172.16.1.1 255.255.255.0 ! interface Serial0/0/0 bandwidth 64 ip address 172.16.3.1 255.255.255.252 clock rate 64000 ! interface Serial0/0/1 ip address 192.168.10.5 255.255.255.252 ! router eigrp 1 eigrp router-id 1.1.1.1 network 172.16.0.0 network 192.168.10.0 3

  4. R2# show running-config interface GigabitEthernet0/0 ip address 172.16.2.1 255.255.255.0 ! interface Serial0/0/0 bandwidth 64 ip address 172.16.3.2 255.255.255.252 ! interface Serial0/0/1 bandwidth 1024 ip address 192.168.10.9 255.255.255.252 clock rate 64000 ! interface Serial0/1/0 ip address 209.165.200.225 255.255.255.224 ! router eigrp 1 eigrp router-id 2.2.2.2 network 172.16.0.0 network 192.168.10.8 0.0.0.3 4

  5. R3# show running-config interface GigabitEthernet0/0 ip address 192.168.1.1 255.255.255.0 ! interface Serial0/0/0 ip address 192.168.10.6 255.255.255.252 clock rate 64000 ! interface Serial0/0/1 bandwidth 1024 ip address 192.168.10.10 255.255.255.252 ! router eigrp 1 eigrp router-id 3.3.3.3 network 192.168.1.0 network 192.168.10.4 0.0.0.3 network 192.168.10.8 0.0.0.3 5

  6. Automatic Summarization

  7. Route Summarization • Route summarization: • Groups contiguous networks together • Advertises them using a single summarized route • Summarization: • Decreases the number of entries in routing updates • Reduces bandwidth utilization for routing updates • Results in faster routing table lookups. • Note: • EIGRP for IPv4 only • IPv6 is classless and therefore no automatic summarization. 7

  8. Automatic Summarization at Classful Network Boundary I’m an EIGRP for IPv4 router configured for automatic summarization. IPv4 Routing Table 172.16.1.0/24 172.16.2.0/24 172.16.3.0/24 172.17.0.0/30 R1 R2 172.16.0.0/16 via R1 Summary Update: 172.16.0.0/16 Classful Networks Class A: 0.0.0.0 to 127.255.255.255 Default Mask: 255.0.0.0 or /8 Class B: 128.0.0.0 to 191.255.255.255 Default Mask: 255.255.0.0 or /16 Class C: 192.0.0.0 to 223.255.255.255 Default Mask: 255.255.255.0 or /24 • When enabled, EIGRP summarizes at classful boundaries. • EIGRP groups subnets into their Class A, B, or C network address and creates a single entry. 8

  9. 172.16.1.0/24 172.16.2.0/14 172.16.3.0/24 172.16.1.0/24 172.16.2.0/14 172.16.3.0/24 R3# show ip route eigrp <Output omitted> 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks D 172.16.1.0/24 [90/2170112] via 192.168.10.5, 02:21:10, Serial0/0/0 D 172.16.2.0/24 [90/3012096] via 192.168.10.9, 02:21:10, Serial0/0/1 D 172.16.3.0/30 [90/41024000] via 192.168.10.9, 02:21:10, Serial0/0/1 [90/41024000] via 192.168.10.5, 02:21:10, Serial0/0/0 R3# EIGRP for IPv4 automatic summarization defaults • Since IOS 15.0(1)M and 12.2(33), automatic summarization is disabled. • R1(config-router)# no auto-summary • Prior, automatic summarization was enabled. • R1(config-router)# auto-summary 9

  10. Verifying EIGRP Automatic Summarization R1# show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "eigrp 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP-IPv4 Protocol for AS(1) Metric weight K1=1, K2=0, K3=1, K4=0, K5=0 <Output omitted> Automatic Summarization: disabled Maximum path: 4 Routing for Networks: 172.16.0.0 192.168.10.0 <Output omitted> 10

  11. 172.16.0.0/16 172.16.0.0/16 R1(config)# router eigrp 1 R1(config-router)# auto-summary R1(config-router)# *Mar 9 19:40:19.342: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 192.168.10.6 (Serial0/0/1) is resync: summary configured *Mar 9 19:40:19.342: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 192.168.10.6 (Serial0/0/1) is resync: summary up, remove components *Mar 9 19:41:03.630: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 192.168.10.6 (Serial0/0/1) is resync: peer graceful-restart R2(config)# router eigrp 1 R2(config-router)# auto-summary R2(config-router)# R3(config)# router eigrp 1 R3(config-router)# auto-summary R3(config-router)# • When automatic summarization is enabled: • EIGRP for IPv4 automatically summarizes network addresses between different major class networks. 11

  12. Verifying Auto-Summary: Routing Table Automatic Summarization Disabled R3# show ip route eigrp <Output omitted> 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks D 172.16.1.0/24 [90/2170112] via 192.168.10.5, 02:21:10, Serial0/0/0 D 172.16.2.0/24 [90/3012096] via 192.168.10.9, 02:21:10, Serial0/0/1 D 172.16.3.0/30 [90/41024000] via 192.168.10.9, 02:21:10, Serial0/0/1 [90/41024000] via 192.168.10.5, 02:21:10, Serial0/0/0 R3# Automatic Summarization Enabled R3# show ip route eigrp <Output omitted> D 172.16.0.0/16 [90/2170112] via 192.168.10.5, 00:12:05, Serial0/0/0 192.168.10.0/24 is variably subnetted, 5 subnets, 3 masks D 192.168.10.0/24 is a summary, 00:11:43, Null0 R3# 12

  13. Verifying Auto-Summary: Topology Table Feasible Successor 172.16.0.0/16 Successor 172.16.0.0/16 R3# show ip eigrp topology all-links P 172.16.0.0/16, 1 successors, FD is 2170112, serno 9 via 192.168.10.5 (2170112/2816), Serial0/0/0 via 192.168.10.9 (3012096/2816), Serial0/0/1 <Output omitted> Successor Feasible Successor 13

  14. Verifying Auto-Summary: show ip protocols 192.168.10.0/24 172.16.0.0/16 R1# show ip protocols *** IP Routing is NSF aware *** <Output omitted> Automatic Summarization: enabled 192.168.10.0/24 for Gi0/0, Se0/0/0 Summarizing 2 components with metric 2169856 172.16.0.0/16 for Se0/0/1 Summarizing 3 components with metric 2816 <Output omitted> 14

  15. EIGRP automatically includes a Null0 summary: • There is at least one subnet that was learned via EIGRP. • There are two or more network EIGRP router configuration mode commands. • Automatic summarization is enabled. (By default with EIGRP) 192.168.10.0/24 172.16.0.0/16 Null0 Summary Routes on R1 R1# show ip route 172.16.0.0/16 is variably subnetted, 6 subnets, 4 masks D 172.16.0.0/16 is a summary, 00:03:06, Null0 C 172.16.1.0/24 is directly connected, GigabitEthernet0/0 L 172.16.1.1/32 is directly connected, GigabitEthernet0/0 D 172.16.2.0/24 [90/40512256] via 172.16.3.2, 00:02:52, Serial0/0/0 C 172.16.3.0/30 is directly connected, Serial0/0/0 L 172.16.3.1/32 is directly connected, Serial0/0/0 D 192.168.1.0/24 [90/2170112] via 192.168.10.6, 00:02:51, Serial0/0/1 192.168.10.0/24 is variably subnetted, 4 subnets, 3 masks D 192.168.10.0/24 is a summary, 00:02:52, Null0 C 192.168.10.4/30 is directly connected, Serial0/0/1 L 192.168.10.5/32 is directly connected, Serial0/0/1 D 192.168.10.8/30 [90/3523840] via 192.168.10.6, 00:02:59, Serial0/0/1 R1# The purpose of the Null0 summary route is to prevent routing loops for destinations that are included in the summary, but do not actually exist in the routing table. 15

  16. Example of a Routing Loop 9 Routing loop 7 8 I have a summary route for 172.16.0.0/16. I will send packets for 172.16.4.10 to Router B. I have a default route 0.0.0.0/0. I will send packets for 172.16.4.10 to Router A. IPv4 Routing Table IPv4 Routing Table 2 Routing Update: Default Route 0.0.0.0/0 via RouterA 172.16.1.0/24 172.16.2.0/24 172.16.3.0/24 1 0.0.0.0/0 via ISP 172.16.0.0/16 Via RouterB 3 RouterB RouterA 5 4 Summarized Update: 172.16.0.0/16 6 Internet ISP 16

  17. Null0 Route is used for Loop Prevention 8 9 I have a summary route for 172.16.0.0/16. I will send packets for 172.16.4.10 to Router B. I have a summary route for 172.16.0.0/16 via Null0. I drop packets for 172.16.4.10. IPv4 Routing Table IPv4 Routing Table 2 Routing Update: Default Route 0.0.0.0/0 via RouterA 172.16.1.0/24 172.16.2.0/24 172.16.3.0/24 172.16.0.0/16 via Null0 1 0.0.0.0/0 via ISP 172.16.0.0/16 Via RouterB 3 RouterB RouterA 6 4 Summarized Update: 172.16.0.0/16 7 5 Internet ISP 17

  18. EIGRP for IPv4Manual Route Summarization

  19. Manual Route Summarization • EIGRP manual summary routes used with or without auto-summary • EIGRP is a classless routing protocol - includes the subnet mask in the routing updates • Manual summarization can include supernet routes. • A supernet is an aggregation of multiple major classful network addresses • EIGRP manual summarization is configured on a specific EIGRP interface: • ip summary-address eigrpas-number network-address subnet-mask 19

  20. Loopback’s Added for Demonstration R3(config)# interface loopback 2 R3(config-if)# ip add 192.168.2.1 255.255.255.0 R3(config-if)# exit R3(config)# interface loopback 3 R3(config-if)# ip add 192.168.3.1 255.255.255.0 R3(config-if)# exit R3(config)# router eigrp 1 R3(config-router)# network 192.168.2.0 R3(config-router)# network 192.168.3.0 R3(config-router)# 20

  21. Additional Routes Verified on R1 and R2 R1# show ip route <Output omitted> D 192.168.1.0/24 [90/2170112] via 192.168.10.6, 00:47:39, Serial0/0/1 D 192.168.2.0/24 [90/2297856] via 192.168.10.6, 00:08:09, Serial0/0/1 D 192.168.3.0/24[90/2297856] via 192.168.10.6, 00:08:04, Serial0/0/1 R1# R2# show ip route <Output omitted> D 192.168.1.0/24 [90/3012096] via 192.168.10.10, 00:47:58, Serial0/0/1 D 192.168.2.0/24 [90/3139840] via 192.168.10.10, 00:08:28, Serial0/0/1 D 192.168.3.0/24 [90/3139840] via 192.168.10.10, 00:08:23, Serial0/0/1 R2# 21

  22. Calculating a Summary Route ip summary-address eigrp 1 192.168.0.0 255.255.252.0 • Use the same method is used to determine summary static routes: • Write out the networks to be summarized in binary. • To find the subnet mask for summarization, start with the far left bit. • Working from left to right, find all the bits that match consecutively. 22

  23. 192.168.0.0/22 192.168.0.0/22 Calculating a Summary Route R3(config)# interface serial 0/0/0 R3(config-if)# ip summary-address eigrp 1 192.168.0.0 255.255.252.0 R3(config)# interface serial 0/0/1 R3(config-if)# ip summary-address eigrp 1 192.168.0.0 255.255.252.0 R3(config-if)# 23

  24. Note: A Null Summary Route is added to R3’s routing table (not shown here). 192.168.0.0/22 192.168.0.0/22 Verifying Summary Route Received on R1 and R2 R1# show ip route <Output omitted> D 192.168.0.0/22 [90/2170112] via 192.168.10.6, 01:53:19, Serial0/0/1 R1# R2# show ip route <Output omitted> D 192.168.0.0/22 [90/3012096] via 192.168.10.10, 01:53:33, Serial0/0/1 R2# 24

  25. EIGRP for IPv6Manual Route Summarization

  26. EIGRP for IPv6 Topology 26

  27. Configure Loopbacks and enable EIGRP for IPv6 on each interface R3(config)# interface loopback 11 R3(config-if)# ipv6 address 2001:db8:acad:1::1/64 R3(config-if)# ipv6 eigrp 2 R3(config-if)# exit R3(config)# interface loopback 12 R3(config-if)# ipv6 address 2001:db8:acad:2::1/64 R3(config-if)# ipv6 eigrp 2 R3(config-if)# exit R3(config)# interface loopback 13 R3(config-if)# ipv6 address 2001:db8:acad:3::1/64 R3(config-if)# ipv6 eigrp 2 R3(config-if)# exit R3(config)# interface loopback 14 R3(config-if)# ipv6 address 2001:db8:acad:4::1/64 R3(config-if)# ipv6 eigrp 2 27

  28. Manual Route Summarization • EIGRP manual summarization can also be configured oin IPv6. • Configured on a specific EIGRP interface: • ipv6 summary-address eigrp as-number prefix/prefix-length 28

  29. A Null Summary Route is added to R3’s routing table. 2001:db8:acad::/48 2001:db8:acad::/48 Configuration and Verification of EIGRP for IPv6 Manual Summary Route R3(config)# interface serial 0/0/0 R3(config-if)# ipv6 summary-address eigrp 2 2001:db8:acad::/48 R3(config-if)# exit R3(config)# interface serial 0/0/1 R3(config-if)# ipv6 summary-address eigrp 2 2001:db8:acad::/48 R3(config-if)# end R3# show ipv6 route D 2001:DB8:ACAD::/48 [5/128256] via Null0, directly connected <Output omitted> 29

  30. 2001:db8:acad::/48 2001:db8:acad::/48 Verification of EIGRP for IPv6 Manual Summary Route R1# show ipv6 route | include 2001:DB8:ACAD: D 2001:DB8:ACAD::/48 [90/2297856] R1# 30

  31. Propagating a Default Route

  32. EIGRP for IPv4: Default Route to ISP 32

  33. Propagating a Default Route To create a default static route: ip route 0.0.0.0 0.0.0.0 next-hop | interface To propagate the default route into the EIGRP AS, use the: redistribute static router configuration command. Note: EIGRP also supports propagating the default route using the ip default-network network-numberglobal configuration command, but not recommended. Default Static Route Redistribute static Redistribute static R2(config)# ip route 0.0.0.0 0.0.0.0 serial 0/1/0 R2(config)# router eigrp 1 R2(config-router)# redistribute static 33

  34. Default Static Route Redistribute static Redistribute static R2’s Default Static Route R2# show ip route | include 0.0.0.0 Gateway of last resort is 0.0.0.0 to network 0.0.0.0 S* 0.0.0.0/0 is directly connected, Serial0/1/0 R2# R2# show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "eigrp 1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates Redistributing: static EIGRP-IPv4 Protocol for AS(1) <Output omitted> 34

  35. Default Static Route Redistribute static Redistribute static Verifying Default Route on R1 and R3 R1# show ip route | include 0.0.0.0 Gateway of last resort is 192.168.10.6 to network 0.0.0.0 D*EX 0.0.0.0/0 [170/3651840] via 192.168.10.6, 00:25:23, Serial0/0/1 R1# R3# show ip route | include 0.0.0.0 Gateway of last resort is 192.168.10.9 to network 0.0.0.0 D*EX 0.0.0.0/0 [170/3139840] via 192.168.10.9, 00:27:17, Serial0/0/1 R3# 35

  36. EIGRP for IPv6: Default Route 36

  37. Default Static Route Redistribute static Redistribute static R2 IPv6 Static Default Route Configuration and Propagation R2(config)# ipv6 route ::/0 serial 0/1/0 R2(config)# ipv6router eigrp 2 R2(config-router)# redistribute static Verifying Default Route on R1 and R3 R1# show ipv6 route Codes: C - ... EX - EIGRP external EX ::/0 [170/3523840] via FE80::3, Serial0/0/1 37

  38. Hello and Hold Time Intervals

  39. Configuring Hello Intervals and Hold Times Hello intervals and hold timesdo not have to match with other EIGRP routers to establish adjacencies. We will see later, OSPF’s Hello and other timers do need to match between neighbors. Range from 1 to 65,535 If you change the hello interval, make sure that you also change the hold time to a value greater than the hello interval. Otherwise, neighbor adjacency will go down after the hold time expires and before the next hello interval. Router(config-if)# ip hello-interval eigrpas-number seconds Router(config-if)# ip hold-time eigrp as-number seconds 39

  40. Configuring EIGRP for IPv4 Hello and Hold Timers R1(config)# interface serial 0/0/0 R1(config-if)# ip hello-interval eigrp 1 60 R1(config-if)# ip hold-time eigrp 1 180 R2(config)# interface serial 0/0/0 R2(config-if)# ip hello-interval eigrp 1 60 R2(config-if)# ip hold-time eigrp 1 180 40

  41. Configuring EIGRP for IPv6 Hello and Hold Timers R1(config)# inter serial 0/0/0 R1(config-if)# ipv6 hello-interval eigrp 2 60 R1(config-if)# ipv6 hold-time eigrp 2 180 R2(config)# inter serial 0/0/0 R2(config-if)# ipv6 hello-interval eigrp 2 60 R2(config-if)# ipv6 hold-time eigrp 2 180 41

  42. Load Balancing

  43. R3# show ip protocols *** IP Routing is NSF aware *** Routing Protocol is "eigrp 1" <Output omitted> Distance: internal 90 external 170 Maximum path: 4 Maximum hopcount 100 Maximum metric variance 1 Automatic Summarization: disabled Address Summarization: 192.168.0.0/22 for Se0/0/0, Se0/0/1 Summarizing 3 components with metric 2816 Maximum path: 4 <Output omitted> • Routes with a metric equal to the minimum metric are installed in the routing table. • Referred to as “equal-cost load balancing”. • All IP routing protocols on Cisco routers can perform equal-cost load balancing. • Themaximum-paths maximum-pathcommand can be used to allow up to 6 equal-cost paths. • Default is 4. • Setting themaximum-pathoption to 1 disables load balancing. 43

  44. R3 has equal cost paths to 172.16.3.0/30 because 64 kb/s is the slowest bandwidth used for the metric. R3# show ip route eigrp <Output omitted> Gateway of last resort is 192.168.10.9 to network 0.0.0.0 D*EX 0.0.0.0/0 [170/3139840] via 192.168.10.9, 00:14:24, Serial0/0/1 172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks D 172.16.1.0/24 [90/2170112] via 192.168.10.5, 00:14:28, Serial0/0/0 D 172.16.2.0/24 [90/3012096] via 192.168.10.9, 00:14:24, Serial0/0/1 D 172.16.3.0/30 [90/41024000] via 192.168.10.9, 00:14:24, Serial0/0/1 [90/41024000] via 192.168.10.5, 00:14:24, Serial0/0/0 D 192.168.0.0/22 is a summary, 00:14:40, Null0 R3# 44

  45. R3’s IPv6 Routing Table R3# show ipv6 route eigrp <Output omitted> EX ::/0 [170/3011840] via FE80::2, Serial0/0/1 D 2001:DB8:ACAD::/48 [5/128256] via Null0, directly connected D 2001:DB8:CAFE:1::/64 [90/2170112] via FE80::1, Serial0/0/0 D 2001:DB8:CAFE:2::/64 [90/3012096] via FE80::2, Serial0/0/1 D 2001:DB8:CAFE:A001::/64 [90/41024000] via FE80::2, Serial0/0/1 via FE80::1, Serial0/0/0 R3# 45

  46. Configuring and Verifying EIGRP Authentication 46

  47. Many routing protocols support authentication. This means that a router authenticates the source of each routing update packet that it receives. Without authentication, an attacker could introduce different or conflicting route information to corrupt the router resulting in a DoS attack. Router Authentication 47

  48. EIGRP MD5 Authentication EIGRP supports MD5 authentication. Router authenticates the source of each routing update packet that it receives. Configure a “key” (password) and key-id; each participating neighbor must have same key configured. 48

  49. EIGRP MD5 Authentication Example Compare Signatures Signatures Match! Routing Updates Authenticated • R3 processes the routing update (data) and key using MD5 to compute a hash signature. • The update is sent to R1 and includes the signature. • R3 repeats the MD5 process using its own key and the received data. R3 needs to send an update to R1. 49

  50. Step 1: Create a Keychain Router(config)# key chain name-of-chain Router(config-keychain)# key key-id Router(config-keychain-key)# key-string key-string-text • Before authentication is enabled, create a keychain and key. • Multiple keys can be configured. • Specify the key ID using a range of keys (0 to 2,147,483,647). • Recommended to use the same key number on all routers. • Enable EIGRP authentication on an interface and identify the keychain and key to use. • Specify the keychain that should be used for authentication. • The keychain and the routing update are processed using the MD5 algorithm to produce a unique signature. Step 2: Configure EIGRP Authentication Using Keychain and Key Router(config)# interface type number Router(config-if)# ip authentication mode eigrp as-number md5 Router(config-if)# ip authentication key-chain eigrp as-number name-of-chain 50

More Related