Building the EIGRP Topology Table

  • What are the pros of EIGRP?
    • backup routes (fast convergence, FS)
    • simple configuration
    • flexibility in summarization (no ABR, ASBR need)
    • unequal cost load-balancing
  • Distance Vector or Link-State protocol has more topology data on average?
    • Link-state (OSPF)
  • How does EIGRP loads it’s topology table?
    • first without learning routes from neighbors
    • prefixes of connected subnets for interfaces which EIGRP has been enabled (network or neighbor command)
      (The network command may not show the wildcard in the running config if you used the default subnet. ie.: 10.0.0.0   0.255.255.255 == 10.0.0.0 )
    • prefixes learned by redistribution from other routing protocols
  • Can EIGRP neighborship formed between different AS?
    • no
  • What basic protocol messages EIGRP has (5) ?
    • hello
    • update (RTP)
    • query (RTP)
    • reply (RTP)
    • ACK
  • What information does EIGRP update message have?
    • prefix
    • prefix length
    • metric components (bandwith, delay; reliability, load)
    • nonmetric: hopcount, MTU
  • What happens next after EIGRP filled it’s routing table with it’s own prefixes?
    • The router (R1) sends routing updates to it’s neighbors (R2) (whole topology table)
    • R2 will set the interface, where it receives the update, as “outgoing interface” for the new route.
    • R2 will increase the Delay component of the update with the delay of the receiving interface
    • R2 compares the Bandwith component of the Update and the bandwith of the interface and will choose the lower one
    • R2 also updates load, reliability, mtu and hop count
  • What unit does the delay command and the sho interfaces / sho ip eigrp topology uses (regarding delay)?
    • delay command: tens-of-microseconds
    • sho outputs: microseconds
  • How does the EIGRP update process work?
    • when a neighbor first comes up, the routers exchange full topology tables
    • after this there will be no periodic updates
    • in case of any changes the routers send partial updates
    • after this, if a router fails and recovers or new adjacency forms there will be full topology update sent
    • Split Horizon is active on most interfaces by default
  • What protocol does EIGRP uses for updates? Why?
    • RTP (Reliable Transport Protocol) – This is a Layer 4 protocol encapsulated inside of UDP.
    • This protocol acknowledges all Update messages with an ACK message
  • What issues occur when using multipoint subinterface with EIGRP?
    • routers at the end of a multipoint interface cannot become neighbors as routers do not forward hello packets
    • routing updates are not forwarded on multipoint subinterface either (by default) because of Split Horizon
      split-horizon.PNG
  • What is the solution for this problem (exact command)?
    • no ip split-horizon eigrp asn 
    • sho ip eigrp interfaces detail shows the state of Split Horizon
  • What is NBMA and why is it important to use EIGRP bandwith control in NBMA?
    • nonbroadcast multiaccess (frame relay)
    • the multicast messages are going to be sent as unicast and this increases the traffic
  • What is the default EIGRP management bandwidth consumption on an interface? How do you modify it?
    • 50 % of bandwith (bandwith is based on the bandwidth interface subcommand)
    • ip bandwidth-percent eigrp asn percent interface
  • By default what is the EIGRP management bandwidth in case of a multipoint subinterface configured with 10 PVC and bandwidth 100 command?
    • (100/10)/2 = 5

Building IP routing table

  • What is FD?
    • Feasible Distance: Integer metric for the route, from the local router’s perspective, used by the local router to choose the best route for that prefix.
  • What is RD (alias AD)?
    • Reported Distance or Advertised Distance: Integer metric for the route, from the neighboring router’s perspective.
  • Which route is going to be placed in the routing table?
    • When FD is calculated for all possible route, the router will add the one with the lowest FD (metric).
  • How does the router calculate?
    • Metric = 256 * [(10 7 / slowest-bandwidth) + cumulative-delay]
    • always the outgoing interface values (delay, bandwidth) are used
  • How can we influence the metric (by default)?
    • configuring bandwidth or delay
  • Which one is better?
    • delay is better as bandwidth is used by other protocols also and it is not always clear what value is the optimal (ie.: frame relay)
  • What is an EIGRP offset list?
    • It is a tool to manipulate EIGRP metrics.
  • How does it work?
    • match a prefix/prefix length using ACL
    • match the direction of the update message (in/out)
    • match the interface
    • set the integer metric added to the calculation for both FD and RD
    • Command: offset-list { access-list-number | access-list-name } { in | out } offset [interface-type interface-number ]
Example:
WAN1(config)# access-list 11 permit 10.11.1.0
WAN1(config)# router eigrp 1
WAN1(config-router)# offset-list 11 in 3 Serial0/0/0.1
WAN1(config-router)# end
!The offset adds 3 to AD and FD value which are calculated from the updates received on S0/0/0.1  (ACL need to match also).
  • How do you update all FD/AD regarding 10.1.1.0/24 prefix?
    • access-list 10 permit 10.1.1.0
      router eigrp 1
      offset-list 10 in 5
  • What is the AD of internal / external / summary route?
    • D 90
    • D EX 170 (ie.: redistributed routes)
    • summary: 5
  • How do you modify the AD?
    • eigrp subcommand: distance eigrp internal-value external-value
    • This only changes the AD locally !!

Unequal metric route load sharing

  • Is there equal cost load balancing in EIGRP?
    • Yes. If 2 routes have the exact same metric (rare) then it will automatically use Equal cost loadbalancing (you can turn it off: maximum-path 1). In this case there can be more Successors.
  • What are the 2 benefits of load sharing?
    • traffic  goes on unused links also
    • fast convergence
  • How do you configure?
    • Need to set how many routes are allowed for a prefix
    • maximum-paths number
    • Only feasible successor routes can be used for multiple path.
  • What is variance command good for? How does it work?
    • Without this command only equal cost load balancing is working.
    • The variance is multiplied by the current FD (the metric of the best route to reach a subnet).
    • Any FS routes whose calculated metric is less than or equal to the product of variance and FD are added to the IP routing table, assuming that the maximum-paths setting allows more routes.
    • Routes that are neither successor nor feasible successor routes can never be added to the IP routing table, regardless of the variance setting.
    • NOTE: the FD will not change in the routing table!
  • What can block load balancing? Why?
    • CEF
      When the router processed a packet CEF remembers which next-hop is used for that prefix. This way it won’t use the other link. It is need to be disabled (global or interface)
  • How do you know the ratio of traffic over each path?
    • sharecount.jpg

Optimizing EIGRP Convergence

  • What is a successor and how does EIGRP chooses successor?
    • EIGRP chooses the route with the lowest FD as best route. The next-hop of the best route is the successor.
  • What is a feasible successor?
    • The next best route. The next-hop of this route is the feasible successor.
  • How the router chooses the feasible successor?
    • If a nonsuccessor route’s RD is less than the successor’s FD, the route is a feasible successor route.
      WAN1# show ip eigrp topology
      IP-EIGRP Topology Table for AS(1)/ID(10.9.1.1)
      Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
      r - reply Status, s - sia Status
      P 10.11.1.0/24, 1 successors , FD is 2172419
       via 10.1.1.2 (2172419/28163), Serial0/0/0.1   <<< successor
       via 10.9.1.2 (2174976/2172416), FastEthernet0/0   <<< feasible successor
  • How can you verify the successor and also the feasible successor routes?
    • sho ip eigrp topology
  • How do you verify all received routes (even the ones which are not successor/feasible successor)?
    • sho ip eigrp topology all-links
  • How could you force the 10.9.1.2 neighbor to be feasible successor?
    • WAN1# show ip eigrp topology all-links
      IP-EIGRP Topology Table for AS(1)/ID(10.9.1.1)
      Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status
      P 10.11.1.0/24 , 1 successors , FD is 2172416, serno 45
       via 10.1.1.2 ( 2172416 /28160), Serial0/0/0.1
       via 10.9.1.2 (2174976/ 2172416 ), FastEthernet0/0
    • Solution:
      access-list 10 10.11.1.0
      router eigrp 1
      offset-list 10 in 1 Serial0/0/0.1
  • How many successor/FS has the below example?
    R1#sho ip eigrp top
    IP-EIGRP Topology Table for AS(2)/ID(192.18.18.15)
    
    Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
     r - reply Status, s - sia Status
    
    P 0.0.0.0/0, 1 successors, FD is 15365120
     via 192.18.24.57 (15365120/2565120), Fa0/1
     via 192.18.28.57 (28165120/2565120), Fa0/2
    • 1 successor (it is also printed)
    • 1 FS ( since we used “eigrp topology” and not “eigrp topology all” command, only successors and feasible successor will be shown)
  • What happens when EIGRP removes the successor route and there is no feasible successor route?
    • EIGRP is going “Active” on the route and starts the process which discovers alternative loop-free route to the prefix.
    • sho ip eigrp topology – the route state changes from p (passive) to a (active)
    • EIGRP sends queries to every neighbor (except the one where the route failed) to discover new loop-free route
      • If the neighbor has a loop-free route, it sends a Reply message telling the original router that it does has a route. Moreover it will not forward the Query message.
      • If the neighbor doesn’t know a route it will forward the Query to it’s neighbors. Doesn’t send Reply to the original router, but waits for reply to it’s own Query messages.
    • R1 send a Query message to R2 then R2 send Quary message to R3,R4,R5. R2 cannot send Reply message to R1 until it receives Replies to all it’s Queries.
  • What is an EIGRP stub router?
    • A stub router is a router which doesn’t forward traffic between two remote EIGRP learned subnets. They do not advertise the routes what they learned from neighbors.
    • The nonstub routers recognize the stub routers and do not send them Query messages!
  • How do you configure and EIGRP stub router?
    • eigrp stub
    • The command has subcommands where you can specify which routes not to advertise: receive-only, static, connected, summary, redistributed, leak-map
  • What happens when a router receives a Query message for a prefix but there is no exact match in the routing table? Only a summary route match.
    • It will send a Reply message with the summary.
  • What happens when a routers sends 20 Query messages for a prefix and receives on Reply with a good route?
    • It cannot use any alternative paths until all replies received.
  • What happens if the router do not receive Reply message?
    • There is an “active timer” which is set to 3 minutes by default. In case there is no reply after 3 minutes the router will consider the route Stuck-in-Active (SIA).
  • What happens when a route is SIA?
    • The router will send stuck in active query to the neighbor that has not replied yet. If the neighbor is still waiting for its own Queries it sends a SIA-Reply. If the neighbor does not send SIA-Reply, the original router will consider the neighbor failed.
  • How do you know if a route is Active or SIA?
    • sho ip eigrp topology – the route is marked with “A” or “s”

Route Filtering

  • How can you perform filtering on EIGRP?
    • distribute-list acl/prefix-list/route-map in/out interface
    • (neighbor  x.x.x.x route-map command is NOT available in EIGRP)
  • How do you filter an outgoing route for all neighbors with one commands?
    • distribute-list 10 out
      The absence of interface name in the command means all interfaces.
  • How do you configure a prefix-list?
    • ip prefix-list list-name [ seq seq-value ] { deny | permit prefix / prefix-length } [ ge ge-value ] [ le le-value ]
  • How do a route match to the prefix-list?
    • The route’s prefix must be within the range of prefix/prefix-length parameter
    • The route’s prefix length must be within the range of prefix-length ge and le.
      prefix-list
  • What does 0.0.0.0/0 prefix mean?
    • default route
  • What does 0.0.0.0/0 le 32
    • all ipv4 IP addresses
  • How does the route-map logic works?
    • if there is a match for a specific route then the route-map can permit/deny and perform some action on it (ie.: set parameters for route)
    • Cisco IOS stop processing the route which has already matched once
    • The absence of match command means: match all
    • In the end of the route-map there is an implicit deny (like ACL)

Route Summarization

auto-summary.PNG

Routing table when auto-summary enabled:

D 20.0.0.0/8 [90/156160] via 10.0.0.5, 00:00:20, FastEthernet0/0
 [90/156160] via 10.0.0.1, 00:00:20, FastEthernet0/1

Routing table when auto-summary disabled:

 20.0.0.0/16 is subnetted, 3 subnets
D 20.2.0.0 [90/156160] via 10.0.0.1, 00:00:28, FastEthernet0/1
D 20.3.0.0 [90/156160] via 10.0.0.5, 00:00:15, FastEthernet0/0
D 20.4.0.0 [90/156160] via 10.0.0.5, 00:00:15, FastEthernet0/0
  • What are the pros and cons of route summarization?
    • Pros:
      • smaller routing tables
      • reduced Query scope: EIGRP Query stops at a router that has summary routeyy
      • EIGRP support summarization at any location of the network (OSPF supports only at ABR, ASBR)
      • the summary has the metric of the best subnet beeing summarized
    • Cons
      • can cause suboptimal routing
      • packets destined for inaccessible destinations will flow to the summarizing route before being discarded
  • When does a summary route fail?
    • when all of the routes which are in the summarized route failed
  • How do you configure a summarized route with EIGRP?
    • interface subcommand: ip summary-address eigrp asn prefix subnet-mask
  • What happens first when you configure a summarized route/distribute list in EIGRP?
    • the router brings down and then back up all eigrp neighbor (not necessary all)
  • What else happen after summary route is configured?
    • The router advertises the summary route (in case there is at least one route within the summary)
    • The router do not advertise the more specific routes (the ones which are “within” the summary route)
    • The router adds an entry in it’s routing table for the summary route using the null interface as next-hop
  • What is the AD of EIGRP summary route?
    • 5
  • What do you know about EIGRP auto-summary?
    • it is turned on by default  (to turn off: no ip summary-address)
      In most cases it is recommended to turn it off!
    • with auto-summary enabled, EIGRP acts like classful routing protocols in one specific way: They do not support discontiguous networks. To support discontiguous networks with EIGRP, simply disable auto-summary.
      Discontiguous network example:
      discontingus-network.PNG

Default Route

  • How many default routes can be in a network?
    • any number, the closest will be the exit point
  • How do you configure a static route?
    • ip route 0.0.0.0 0.0.0.0 interface IP
  • How do you advertise a static route?
    • network 0.0.0.0
  • How do you configure a default network?
    • global: ip default-network x.x.x.x
  • What is the difference between a static default route and a default network?
    • The EIGRP neighbors will use the default network as next-hop.
    • On the originated router the default network is only a “Candidate default route”:
      test.PNG
  • What is the difference between OSPFdefault-information originate alwaysand EIGRPip default-network x.x.x.x ?
    • if the route x.x.x.x is deleted from the routing table, EIGRP will stop advertising the default network
    • OSPF keep advertising the default route regardless of the routing table

EIGRP Security

  • How do you protect yourself from unwanted neighbors?
    • passive-interface default
  • What is the difference between authentication and encryption?
    • encryption makes the packet (data) unreadable
    • authentication only verifies us that the packet is originated from the right source (the packet has a hashed part which will match if you have the same key, otherwise the packet is “clear text”)
  • How do you configure authentication?
!R4
 key chain OTHER-KEY
 key 1
 key-string sninja
 !
 interface FastEthernet0/0
 ip address 10.0.0.2 255.255.255.252
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 OTHER-KEY

!R1
 key chain FIRST-KEY
 key 1
 key-string sninja
 !
 interface FastEthernet0/0
 ip address 10.0.0.1 255.255.255.252
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 FIRST-KEY
Advertisements