EIGRP
When you redistribute a prefix into EIGRP, you must assign a metric. The metric can be assigned in at least three ways:
1). as a parameter of the redistribution command
2). as a default-metric under the “router eigrp” configuration mode
3). using a route-map
You cannot use the auto-summary command on EIGRP external routes.
Archive for December, 2008
EIGRP metrics and redistribution.
Posted by Peter Kurdziel on December 22, 2008
Posted in Routing & Switching Lab | Leave a Comment »
EIGRP stub
Posted by Peter Kurdziel on December 21, 2008
(connected, static, and summary) If any of these three keywords is used individually with the eigrp stub command, connected and summary routes will not be sent automatically.
The connected keyword will permit the EIGRP Stub Routing feature to send connected routes. If the connected routes are not covered by a network statement, it may be necessary to redistribute connected routes with the redistribute connected command under the EIGRP process. This option is enabled by default.
The static keyword will permit the EIGRP Stub Routing feature to send static routes. Without this option, EIGRP will not send any static routes, including internal static routes that normally would be automatically redistributed. It will still be necessary to redistribute static routes with the redistribute static command.
The summary keyword will permit the EIGRP Stub Routing feature to send summary routes. Summary routes can be created manually with the summary address command or automatically at a major network border router with the auto-summary command enabled. This option is enabled by default.
eigrp stub Command: Example
In the following example, the eigrp stub command is used to configure the router as a stub that advertises connected and summary routes:
router eigrp 1
network 10.0.0.0
eigrp stub
eigrp stub connected static Command: Example
In the following example, the eigrp stub connected static command is used to configure the router as a stub that advertises connected and static routes (sending summary routes will not be permitted):
router eigrp 1
network 10.0.0.0
eigrp stub connected static
eigrp stub receive-only Command: Example
In the following example, the eigrp stub receive-only command is used to configure the router as a stub, and connected, summary, or static routes will not be sent:
router eigrp 1
network 10.0.0.0
eigrp stub receive-only
Posted in EIGRP, Routing & Switching Lab | Leave a Comment »
EIGRP ou should not use the ip summary-address eigrp summarization command to generate the default route (0.0.0.0) from an interface.
Posted by Peter Kurdziel on December 21, 2008
Note 
You should not use the ip summary-address eigrp summarization command to generate the default route (0.0.0.0) from an interface. This causes the creation of an EIGRP summary default route to the null 0 interface with an administrative distance of 5. The low administrative distance of this default route can cause this route to displace default routes learned from other neighbors from the routing table. If the default route learned from the neighbors is displaced by the summary default route, or if the summary route is the only default route present, all traffic destined for the default route will not leave the router, instead, this traffic will be sent to the null 0 interface where it is dropped.
The recommended way to send only the default route out a given interface is to use a distribute-list command. You can configure this command to filter all outbound route advertisements sent out the interface with the exception of the default (0.0.0.0).
Posted in EIGRP, Routing & Switching Lab | Leave a Comment »
EIGRP floating summary route
Posted by Peter Kurdziel on December 21, 2008
http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_cfg_eigrp_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1054611
Configuring Floating Summary Routes
You can also use a floating summary route when configuring the ip summary-address eigrp command. This enhancement was introduced in Cisco IOS Release 12.2. The floating summary route is created by applying a default route and administrative distance at the interface level. The following scenarios illustrates the behavior of this enhancement.
Figure 1 shows a network with three routers, Router-A, Router-B, and Router-C. Router-A learns a default route from elsewhere in the network and then advertises this route to Router-B. Router-B is configured so that only a default summary route is advertised to Router-C. The default summary route is applied to interface 0/1 on Router-B with the following configuration:
Router(config)# interface Serial 0/1 Router(config-if)# ip summary-address eigrp 100 0.0.0.0 0.0.0.0 25
Figure 1 Floating Summary Route Is Applied to Router-B
The configuration of the default summary route on Router-B sends a 0.0.0.0/0 summary route to Router-C and blocks all other routes, including the 10.1.1.0/24 route, from being advertised to Router-C. However, Bhis also generates a local discard route on Router-B, a route for 0.0.0.0/0 to the null 0 interface with an administrative distance of 5. When this route is created, it overrides the EIGRP learned default route. Router-B will no longer be able to reach destinations that it would normally reach through the 0.0.0.0.0/0 route.
This problem is resolved by applying a floating summary route to the interface on Router-B that connects to Router-C. The floating summary route is applied by applying an administrative distance to the default summary route on the interface of Router-B with the following statement:
Router(config-if)# ip summary-address eigrp 100 0.0.0.0 0.0.0.0 250
The administrative distance of 250, applied in the above statement, is now assigned to the discard route generated on Router-B. The 0.0.0.0/0, from Router-A, is learned through EIGRP and installed in the local routing table. Routing to Router-C is restored.
If Router-A loses the connection to Router-B, Router-B will continue to advertise a default route to Router-C, which allows traffic to continue to reach destinations attached to Router-B. However, traffic destined to networks to Router-A or behind Router-A will be dropped when it reaches Router-B.
Figure 2 shows a network with two connections from the core, Router-A and Router-D. Both routers have floating summary routes configured on the interfaces connected to Router-C. If the connection between Router-E and Router-C fails, the network will continue to operate normally. All traffic will flow from Router-C through Router-B to the hosts attached to Router-A and Router-D.
Figure 2
Floating Summary Route Applied for Dual-Homed Remotes
However, if the link between Router-D and Router-E fails, the network may blackhole traffic because Router-E will continue to advertise the default route(0.0.0.0/0) to Router-C, as long as at least one link, (other than the link to Router-C) to Router-E is still active. In this scenario, Router-C still forwards traffic to Router-E, but Router-E drops the traffic creating the black hole. To avoid this problem, you should configure the summary address with an administrative distance on only single-homed remote routers or areas where there is only one exit point between to segments of the network. If two or more exit points exist (from one segment of the network to another), configuring the floating default route can cause a black hole to be formed.
Posted in Routing & Switching Lab | Leave a Comment »
Troubleshooting EIGRP
Posted by Peter Kurdziel on December 21, 2008
SEE http://www.ciscosystems.com/en/US/tech/tk365/technologies_tech_note09186a0080094613.shtml for interactive links.
IP Routing
Troubleshooting EIGRP
Downloads |
Document ID: 21324
<!– –>
Interactive: This document offers customized analysis of your Cisco device.
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Main Troubleshooting Flowchart
Neighbor Check
Redistribution Check
Route Check
Reasons for Neighbor Flapping
EIGRP Neighbors are not Recognized
NetPro Discussion Forums – Featured Conversations
Related Information
Introduction
This document provides troubleshooting information for common problems with Enhanced Interior Gateway Routing Protocol (EIGRP). For more information, or to go to the next flowchart, refer to the links provided in this section.
If you have the output of a show interfaces serial , show ip eigrp neighbors , show tech-support , or a show ip eigrp topology command from your Cisco device, you can use Output Interpreter ( registered customers only) to display potential issues and fixes.
In order to use Output Interpreter, you must be a <a href=”http://www.cisco.com/register”>registered</a> customer, be logged in, and have JavaScript enabled.
Prerequisites
Requirements
Readers of this document should have a good understanding of how EIGRP works and a good knowledge of Configuring EIGRP.
Components Used
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
For more information on document conventions, refer to the Cisco Technical Tips Conventions.
Main Troubleshooting Flowchart
In order to troubleshoot EIGRP, use this flowchart, starting at the box marked Main. Depending on the symptoms, the flowchart might refer to one of the three flowcharts later in this document or to other relevant documents on Cisco.com. There are some problems that might not be resolvable here. In these cases, links are provided to Cisco Technical Support. In order to open a service request, you must have a valid service contract.
Neighbor Check
| Flowchart Notes | |
|---|---|
| 1 | Issue the show ip eigrp interface command to verify. |
| 2 | Issue the show interface serial command to verify. |
| Flowchart Notes | |
|---|---|
| 3 | Issue the show ip interface command to verify. |
Redistribution Check
| Flowchart Notes | |
|---|---|
| 4 | Issue the show ip eigrp topology net mask command to verify. |
Route Check
| Flowchart Notes | |
|---|---|
| 5 | Issue the show ip route eigrp command to verify. |
| 6 | Issue the show ip eigrp topology command to verify. If routes are not seen in the topology table, issue the clear ip eigrp topology command. |
| Flowchart Notes | |
|---|---|
| 7 | Issue the show ip eigrp topology net mask command, to find the Router ID (RID). You can find the local RID with the same command on the locally generated external router. In Cisco IOS Software Release 12.1 and later, the show ip eigrp topology command shows the RID. |
Reasons for Neighbor Flapping
The stability of the neighbor relationship is of primary concern. A failure in the neighbor relationship is accompanied by increased CPU and bandwidth utilization. EIGRP neighbors can flap for these reasons:
- Underlying link flaps. When an interface goes down, EIGRP takes down the neighbors that are reachable through that interface and flushes all routes learned through that neighbor.
- Misconfigured hello and hold intervals. The EIGRP hold interval can be set independently of the hello interval if you issue the ip hold-time eigrp command. If you set a hold interval smaller than the hello interval, it results in the neighbors flapping continuously. Cisco recommends that the hold time be at least three times the hello interval. If the value is set less than 3 times the hello interval, there is the chance for link flapping or neighborship flapping.
- Loss of hello packets: Hello packets can be lost on overly congested links or error-prone links (CRC errors, Frame errors, or excessive collisions).
- Existence of unidirectional links. A router on a unidirectional link can be able to receive hello packets, but the hello packets sent out are not received at the other end. The existence of this state is usually indicated by the retry limit exceeded messages on one end. If the routers generating retry limit exceeded messages has to form neighborship, then make the link bidirectional for both unicast and multicast. In case tunnel interfaces are used in the topology make sure that the interfaces are advertised properly.
- Route goes stuck-in-active. When a router enters the stuck-in-active state, the neighbors from which the reply was expected are reinitialized, and the router goes active on all routes learned from those neighbors.
- Provision of insufficient bandwidth for the EIGRP process. When sufficient bandwidth is not available, packets can be lost, which causes neighbors to go down.
- Bad serial lines.
- Improperly set bandwidth statements.
- One-way multicast traffic.
- Stuck in active routes.
- Query storms.
EIGRP Neighbors are not Recognized
The EIGRP neighbor relationship is not established over the multipoint GRE tunnel if there is an incorrect NHRP association in the spoke. Next Hop Resolution Protocol (NHRP) is used to discover the addresses of other routers and networks behind the routers that are connected to a nonbroadcast multiaccess (NBMA) network. When a network statement under Eigrp covers both the physical interface and tunnel interface (tunnel interface ip address and physical interface ip address belong to the same major class) and if the phyiscal interface is the source of the tunnel, then the both interfaces have to be separately advertised in the Eigrp to avoid issues with DMVPN. The best practice is to advertise the interfaces using specific subnet advertisements.
This issue can be resolved when you clear the NHRP associations with this command:
Router#clear ip nhrp
Posted in FRAME-RELAY, Routing & Switching Lab, Uncategorized | Leave a Comment »
CCIE COMMAND MEMORIZER
Posted by Peter Kurdziel on December 19, 2008
For a limited time configureterminal.com is offering all their stuff for a monthly cancel anytime subscription of $9.99.
I went through the EIGRP section quickly. I liked the tool but have to enter configure terminal was annoying .
I’m looking forward to the working on the other subjects.
Posted in Other, Routing & Switching Lab | Leave a Comment »
EIGRP notes
Posted by Peter Kurdziel on December 17, 2008
EIGRP notes
conf t
router eig 100
no auto
net 131.1.1.0 0.0.0.255
———————————
configure the hello and dean interval to 20 and 80
int s1/0.12
ip hello-intercal eigrp 300 20
ip hold-time eigrp 300 80
—————————————-
change the k values
router eigrp 100
metric weight 0 1 0 0 0 0
———————————————-
as200 using only the delay parameter to calulate their composite metric
router eigrp 100
metric weight 0 0 0 1 0 0
—————————————————-
1 – advertise a summary route
int s1/0.12ip summary-address eigrp 300 1.1.0.0 255.255.252.0
2 – only one summary cmd per neightbor
int s1/0.13
no ip add
int virtual-template 13
ip address 131.1.13.1 255.255.255.0
ip summary-address eigrp 300 1.1.0.0 255.255.252.0 leak-map R1-R3
route-map R1-R3 perm 10
match ip add 1
access-list 1 per 1.1.1.0 0.0.0.255
———whatever is permitted in the acl will be leaked along the summary route.
eg..
D 1.1.0.0/22 [90/2297856] via 131.1.100.1, 00:00:06, Serial1/2
D 1.1.1.0/24 [90/2297856] via 131.1.100.1, 00:00:49, Serial1/2
———————————————
R1 should avcertise the summary route plus all the specific networks to R4
int s1/0.14
no ip address
int virtual-template 14
ip summary-address eigr p300 1.1.0.0 255.255.252.0 leak-map R1-4
int s1/0.14
frame-relay dlci 104 ppp virtual-template 14
—–note: if a leak-map references a route-map with no acl or and acl that does not exist, the summary plus all specific routes are advertised.
———————————————————–
unequal cost load balancing.
— in order to perform unequal cost load balancing, the advertised distance of the worst route should be lower then the feasible distance.
eg.
R4(config-fr-dlci)#do sho ip eigrp 400 topo 131.1.56.0/24
IP-EIGRP (AS 400): Topology entry for 131.1.56.0/24
State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2195456 <<<<<<<<<<<<<<<<<<<<<<< FD
Routing Descriptor Blocks:
131.1.46.6 (Serial1/0.46), from 131.1.46.6, Send flag is 0×0
Composite metric is (2195456/281600), Route is Internal
Vector metric:
Minimum bandwidth is 1544 Kbit
Total delay is 21000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1
131.1.45.5 (Serial1/0.45), from 131.1.45.5, Send flag is 0×0
Composite metric is (5537536/281600), Route is Internal <<<<<<<<
Vector metric:
Minimum bandwidth is 512 Kbit
Total delay is 21000 microseconds
Reliability is 255/255
Load is 1/255
Minimum MTU is 1500
Hop count is 1
———–now divide the worst route by the best route.
5537536(worst) / 2195456(best) = 2.522 – round up to 3
router eigrp 400
variance 3
sho ip route ei 400
131.1.0.0/16 is variably subnetted, 14 subnets, 2 masks
D 131.1.56.0/24 [90/2195456] via 131.1.46.6, 00:00:31, Serial1/0.46
[90/5537536] via 131.1.45.5, 00:00:31, Serial1/0.45
———————————————————————-
disable the stuck in active timer for as 300 and set the SIA timer for 60 min for AS 100.
router eigrp 300
timers active-time disabled.
router eigrp 100
timers actiive-time 60
————————————————————-
configure authentication
r1
key chain R1-2
key 1
key-string cisco12
int s1/0.12
ip authenti key-chain eigrp 300 R1-2
ip authenti mode eigrp 300 md5
sh ip eigrp int detail <– to see the authentication
sh ip route eigrp 300
—————————————————————-
bb2 should avdertise eigrp routes with greater then 110 hops as unreachable
router eigrp 200
metric maximum-hops 110
—————————————————————
change the admin distance; internal 95 / external 138
router eigrp 100
distance eigrp 95 138
————————————————————–
use 30% of e0/0′s link for exchanging updates.
int e0/0
ip bandwidth-percent eigrp 200 30
———————————————————–
bb1 should use 15 mbps of it’s links bandwidth do not use ip bandwidth-percent command.
int e0/0
bnadwidth 30000
———–by default eigrp uses 50% of the bnadwidth
——————————————————————-
bb1 should receive routes from R1 but not advertise routes to R1. Do not use any global config cmd.
router eigrp 100
eigrp stub receive-only
—————————————————
config loop1 151.1.112.112/24 in bb2 and advertise this route in as 200. the route should appear as an external route.
int loop1
ip address 151.1.112.112 255.255.255..0
access-list 1 permit 151.1.112.0 0.0.0.255
route-map EX_ROUTE perm 10
mathc ip add 1
router eig 200
redistribue connected route-map EX_ROUTE
———————————————————–
config a statis route on bb2 for 161.1.112.0/24 to null0. redistribute into eigrp with a metric of bandwidth 1500, load-1, delay -20000, reliability – 255, mtu 1500
ip route 161.1.112.0 255.255.255.0 null0
router ei 100
default-metric 1500 20000 255 1 1500
redistibute static
———————————————————–
config bb2 so that it only advertises static routes that are redistributed and connected networks that are advertised in EIGRP. do not use a global cmd.
router eigrp 200
eigrp stub connected static
—————————————————————-
config r5 not to log changes in eigrp nei adj
router ei 400
no eigrp log-neighbor-changes
—————————————————-
config r6 to log nei warning messages for eigrp 400 and repeat the warning every 5 min.
router eigrp 400
eigrp log-neighbor-warning 300
——————————————————
config r3 to add a delay of 50 to allthe routes learned from R1 through it’s FR connecton
router eigrp 300
offset-list 0 in 50 virtual-template 31
——————————————————
config r4 to redistibute between as30 and as 400
router eigrp 300
redistribute eigrp 400
router eigrp 400
redistribute ei 300
———————————————–
config r 2 ri inject a default route into as200 – do not use any global config cmd.
int e0/0
ip summary-address eigrp 200 0.0.0.0 0.0.0.0
the other way is through a global cmd – redistribute static
—————————————————————–
config r1 to redisribute between as 100 and as 300, in the future there wil be anoher redistribution point, the router must prevent feed back when the second redistribution point is added.
route-map 100-300 deny 10
match tag 300
route-map 100-300 permit 20
set tag 100
route-map 300-100 deny 10
match tag 100
route-map 300-100 per 20
set tag 300
router eigrp 100
redistribute eigrp 300 route-map 300-100
router eigrp 300
redistribute eigrp 1oo route-map 100-300
———————————————————————
configure mutual redistribution between ospf and eigrp
router ospf 1
redistribute eigrp 100 subnets
router eigrp 100
redistribute ospf 1 metric 1 1 1 1 1 <— must specify a metric
——————————————————————-
advertise only directly conencted interfaces that are advertised with a network command.
router ei 100
eigrp stub connected
—————————————————————-
config r1 so that r2 and r3 have netw 2.2.2.2/24 and 3.3.3.3/24 in thier routing table. do not use remove ei stub connect.
access-list 1 per 2.2.2.0 0.0.0.255
access-list 1 per 3.3.3.0 0.0.0.255
route-map LEAK per 10
match ip add 1
eigrp 100
eigrp stub connected leak-map
————————————————
reconfig r1 so r2 only gets 2.2.2.0/24 and r3 only gets 3.3.3.0/24- do not remove eigrp stub connected
access-list 2 per 2.2.2.0 0.0.0.255
access-list 3 per 3.3.3.0 0.0.0.255
route-map LEAK per 10
match ip add 2
match inter s0/0.12
route-map LEAK per 20
match ip add 3
match int s1/0.13
——————————————————————–
advertise directly connected interfaces
rouer ei 100
no auo
net 2.0.0.0
net 10.1.12.1 0.0.0.0
————————————————
config r1 2.0.0.0/8 as a candidate default route for r2/r3
ip default-network 2.0.0.0
———————————————————-
config r2 so that r3 does not user net 2.0.0.0/8 as the candidate default
router ei 10
no default-informaton allowed out < – this disables redistribution of a default route
——————————————————
new cmd
sho ip eigrp event
—————————————————
whats the difference between network 2.0.0.0 and network 2.0.0.0 0.0.0.0?
net 2.0.0.0 0.0.0.0 will not work.
int loop 2
ip add 2.2.2.2 255.0.0.0
router ei 100
net 2.0.0.0 or net 2.2.2.2 will be net 2.0.0.0 or you can enter net 2.0.0.0 0.255.255.255 eigrp will convert to net 2.0.0.0
—> network 2.0.0.0 0.0.0.0 <— 0.0.0.0 will match only 2.0.0.0
————————————————————–
advertise a candidate default router
ip default-network 1.0.0.0
sh ip route eigrp
D* 1.0.0.0/8……..
—————————————–
config r2 to use 2.0.0.0/8 & r3 to use 3.0.0.0/8 as the candidate default.
r2
access-list 2 permit 2.0.0.0
router eigr 100
default-information allowed in 2
r3
access-list 3 permit 3.0.0.0
router ei 100
default-information allowed in 3
—————————————————-
configure r2 so that r3 does not use net 2.0.0.0/8 as the candidate default
router ei 100
no default-information allowed out < — this disables the redistribution of default route, r3 will no longer use network 2.0.0.0/8 as its candidate default, but it will still have that network in it’s routing table.
do clear ip eigrp nei
————————————————-
remove no default-information allowed out from r2 and config r3 to deny the candidate default 2.0.0.0/8
router eigrp 100
default-information allowed in
do clear ip eigrp nei
——————————————————–
2 ways to injet a default route
ip summary-dadress eigrp 0.0.0. 00.0.0.0
ip route x.x.x.x 0.0.0.0 0.0.0.0
router ei 100
redistribute static
———————————————————-
no ip split-horizon – enable on multipoint interfaces – always enable on NBMA-multipoint interfaces.
——————————————————
advertise 10.1.1.1/32
router eigrp 1
net 10.1.1.1 0.0.0.0
—————————————-
advertise connected and summary routes
router ei 1
eigrp stub
———————————————–
advertise connected and static routes
router ei 1
eigrp stub connected static
—————————————–
connected, summary, and static routes will not be sent
eigrp stub receive-only
—————————————————-
eigrp mutual redistribution, tag routes example
router eigrp 100
net 10.1.1.0 0.0.0.255
redistribut eigrp 200 route-map 200to100
route-map 200to100 deny 10
match tag 100
route-map 200to100 permit 20
set tag 200
router eigrp 200
net 10.1.2.0 0.0.0.255
redistribute ei 100 route-map 100to200
route-map 100to200 deny 10
match tag 200
route-map 100to200 permit 20
set tag 100
——————————————–
eigrp should use bandwidth, load, and delay in route calculation
metric weights 0 1 1 1 0 0
—k1 = bandwidth, k2 = load, k3 = delay, k4 = reliability & k5 = MTU.
——————————————–
summary route creates a route to null0
Note You should not use the ip summary-address eigrp summarization command to generate the default route (0.0.0.0) from an interface. This causes the creation of an EIGRP summary default route to the null 0 interface with an administrative distance of 5. The low administrative distance of this default route can cause this route to displace default routes learned from other neighbors from the routing table. If the default route learned from the neighbors is displaced by the summary default route, or if the summary route is the only default route present, all traffic destined for the default route will not leave the router, instead, this traffic will be sent to the null 0 interface where it is dropped.
The recommended way to send only the default route out a given interface is to use a distribute-list command. You can configure this command to filter all outbound route advertisements sent out the interface with the exception of the default (0.0.0.0).
you can get rid of it by using the admin distance
int s1/0
ip summary-address ei 10 0.0.0.0 0.0.0.0 250
—————————————————–
calcualting the composite metric along the path for 150.1.111.0/24
Ethernet0/0 is up, line protocol is up
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
10,000,000 / slowest BW 10000 = 1000
sum of all interface delays 1000 = 1000 / 10 = 100
(1000+100)*256=281600 but since we told eigrp to only use bandwidth via metric weights 0 1 0 0 0 0 command in a previous task we see:
(1000)*256+256000 in the routing table
D 150.1.111.0 [90/256000] via 131.1.111.111, 00:01:22, Ethernet0/0
————————————————————
show ip eigrp neighbor detail
debug eigrp packet stub
————————————-
You can enter a subnet mask or a wildcard mask
router ei 3
net 10.1.1.0 0.0.0.255 or net 10.1.1.0 255.255.255.0
————————————————————————————
ip summary-address eigrp
To configure a summary aggregate address for a specified interface, use the ip summary-address eigrp command in interface configuration mode. To disable a configuration, use the no form of this command.
ip summary-address eigrp as-number ip-address mask [admin-distance] [leak-map name]
no ip summary-address eigrp as-number ip-address mask
Syntax Description
|
|
|
|
as-number |
Autonomous system number. |
|
ip-address |
Summary IP address to apply to an interface. |
|
mask |
Subnet mask. |
|
admin-distance |
(Optional) Administrative distance. A value from 0 to 255. |
|
leak-map name |
(Optional) Route-map reference to configure route leaking through the summary. |
Defaults
•An administrative distance of 5 is applied to Enhanced Interior Gateway Routing Protocol (EIGRP) summary routes.
•EIGRP automatically summarizes to the network level, even for a single host route.
•No summary addresses are predefined.
•The default administrative distance metric for EIGRP is 90.
Usage Guidelines
The ip summary-address eigrp command is used to configure interface-level address summarization. EIGRP summary routes are given an administrative distance value of 5. The administrative distance metric is used to advertise a summary without installing it in the routing table.
By default, EIGRP summarizes subnet routes to the network level. The no auto-summary command can be entered to configure subnet level summarization.
EIGRP Support for Leaking Routes
Configuring the leak-map keyword allows to advertise a component route that would otherwise be suppressed by the manual summary. Any component subset of the summary can be leaked. A route map and access list must be defined to source the leaked route.
The following is default behavior if an incomplete configuration is entered:
•If the leak-map keyword is configured to reference a nonexistent route map, the configuration of this keyword has no effect. The summary address is advertised but all component routes are suppressed.
•If the leak-map keyword is configured but the access-list does not exist or the route map does not reference the access list, the summary address and all component routes are sent.
Examples
The following example configures an administrative distance of 95 on interface Ethernet 0/0 for the 192.168.0.0/16 summary address:
Router(config)# router eigrp 1 Router(config-router)# no auto-summary Router(config-router)# exit Router(config)# interface Ethernet 0/0 Router(config-if)# ip summary-address eigrp 1 192.168.0.0 255.255.0.0 95
The following example configures the 10.1.1.0/24 subnet to be leaked through the 10.0.0.0 summary address:
Router(config)# router eigrp 1 Router(config-router)# exit Router(config)# access-list 1 permit 10.1.1.0 0.0.0.255 Router(config)# route-map LEAK-10-1-1 permit 10 Router(config-route-map)# match ip address 1 Router(config-route-map)# exit Router(config)# interface Serial 0/0 Router(config-if)# ip summary-address eigrp 1 10.0.0.0 255.0.0.0 leak-map LEAK-10-1-1 Router(config-if)# end ---------------------------------------------------
variance (EIGRP)
To control load balancing in an internetwork based on the Enhanced Interior Gateway Routing Protocol (EIGRP), use the variance command in router configuration mode. To reset the variance to the default value, use the no form of this command.
Syntax Description
|
|
|
|
Metric value used for load balancing. It can be a value from 1 to 128. The default is 1, which means equal-cost load balancing. |
|
Defaults
Command Modes
Usage Guidelines
Setting a variance value enables EIGRP to install multiple loop-free routes with unequal cost in a local routing table. A route learned through EIGRP must meet two criteria to be installed in the local routing table:
•The route must be loop- free. This condition is satisfied when the reported distance is less than the total distance or when the route is a feasible successor.
•The metric of the route must be lower than the metric of the best route (the successor) multiplied by the variance configured on the router.
Thus, if the variance is set to 1, only routes with the same metric as the successor are installed in the local routing table. If the variance is set to 2, any EIGRP-learned route with a metric less than 2 times the successor metric will be installed in the local routing table.
Note EIGRP does not load-share between multiple routes; it only installs the routes in the local routing table. Then, the local routing table enables switching hardware or software to load-share between the multiple paths.
Examples
The following example sets a variance value of 4:
router eigrp 109 variance 4
The following example sets a variance value of 2:
ipv6 router eigrp 11 variance 2
timers active-time
To adjust routing wait time, use the timers active-time command in router configuration mode. To disable this function, use the no form of the command.
timers active-time [time-limit | disabled]
no timers active-time
Syntax Description
Defaults This command is disabled by default. Usage Guidelines In EIGRP, there are timers that control the time the router waits (after sending a query) before declaring the route to be in the stuck in active (SIA) state.
Examples
In the following example, the routing wait time is 200 minutes on the specified route:
router eigrp 5 timers active-time 200
In the following example, the routing wait time is indefinite on the specified route:
router eigrp 5 timers active-time disabled
In the following example, the routing wait time is 100 minutes on the specified route:
ipv6 router eigrp 1 timers active-time 100 ----------------------------------------------------- When you adjust the ip hello-intervalyou also need to adjust the ip hold-time eigrp. -----------------------------------------------------------------------------------------
- EIGRP does not build peer relationships over secondary addresses
- EIGRP and Frame-relay you need to use broadcast keyword in the frame map statements, (without broadcast keyword the adjacencies will not form)
- Don’t forget to disable split horizon on the hub no ip split-horizon eigrp – fyi ip split-horizon has nothing to do with no ip split-horizon eigrp
- adjust delay to manipulate the path
- eigrp uses the minimum bandwidth on the path to a destination network and the total delay to compute routing metrics. (config on int)
- bandwidth = 1,000,000/bandwidth(i))*256 – where (i) is the lowest bandwidthof al loutgoping interfaces on the orut to the destination represented in kilobits.
- delay = delay(i) *256 – where (i) is the sum of the delays configured on the interfaces on the route to the destination network in tens of microseconds, so you must divide by 10 before you use it in this formula.
- to determine total metric – metric=[k1*bandwidth+(k2*bandwidth)/(256-load_+k3*delay]*[k5/(reliability +k4)]
- mismatched K vlaues will prevent a neightbot relatioinship from being built.
- default k values k1 =1 k2=0 k3=1 k4=0 k5=0
- to simplify metric = bandwidth + delay
feasible distance = the best metric along the path to a destination network, including the metric to the neighbor advertising that path.
reported distance = is the total metric along the path to a destinatipon network as advertised byu the upstream neighbor.
feasible successor = is a path whose reported distance is less than the feasible distance (the current best path)
You can see the routes that are not feasible successors using sh ip eigrp topology all-links
SIA happens when a query takes to long to be answered. Usually querys are not answered due to high cpu, memory problems, circuit issue, and unidirectional links.
Troubleshooting SIA
- find the routes that are consistently being reproted as SIA – sho ip eigrp topo active
- find the router thsi is consistently failing to answer the queries for these routes
- find the reason that router is ntot receiving or answering queries
If you see and R then the neighbors have not replied yet. Pay attention to Active for 2-3 min & outstanding replies.
—————————————————————————————————————
redistribution between 2 eigrp AS’s
router ei 200
redistribute eigrp 100 route-map to-eigrp200
network 10.1.1.0 0.0.0.255
router ei 100
redistribute eigrp 200 route-map to-eigrp100
net 172.16.1.0 0.0.0.255
route-map to-eigrp100 deny 10
match tag 100
route-map to-eigrp100 permit 20
set tag 200
route-map to-eigrp200 deny 10
match tag 200
route-map to-eigrp200 permit 20
set tag 100
NOTE: routes from eigrp 100 are tagged 100 before redistributing them to eigrp 200. When the routes from eigrp 200 are redistributed back to eigrp 100, the routes with 100 tags are denied to ensure a loop-free topology.
————————————————————————————————————————-
always use a default metric when redistributing eigrp into other routing protocols. routes redistributed into eigrp are not always summarized. external eigrp routes have an admin distance of 170.
————————————————————————————-
if you create a static route (ip route 10.1.1.0 255.255.255.0 serial 1) and also use a network statement under router eigrp (network 10.0.0.0) then the router will redistribute the route even though it is not redistributing static routes!
————————————————————————————————————–
if you use auto summary you will see routes to Null0 to see all the routes use no auto.
—————————————————————————————————-
inter s1
ip bandwidth-percent eigrp 2 <1-999999 max bandwidth % to use>
———————————————————–
2 ways to inject a default route into eigrp
redistribute static – use this method when you want to advertise connections to the internet.
ip route 0.0.0.0 0.0.0.0 x.x.x.x (next hop to the internet)
router ei 1
redistribute static
default-metric 1000 1 255 1 1500
note: if you use a network other then 0.0.0.0/0 then you must use the IP DEFAULT-NEWORK command to mark the network as a default network.
summarize to 0.0.0.0/0 – use this method if you want to provide remote sites with a default route.
note: a summary to 0.0.0.0/0 overrides a default route learned from any other routing protocal.
note: don’t worry about distribute lists because you are using this on an interface so it won’t be progate to the core
route ei 1
net 10.0.0.0
int s0
encap frame
no ip add
inter s 0.1 point-to-point
ip address 10.1.1.1
frame-relay interface-dlci 10
ip summary-address eigro 1 0.0.0.0 0.0.0.0
—————————————————————–
eigrp will load balance up to 4 equal cost paths. if you use max-paths then you can use up to 6 routes of equal cost
ex with unequal cost paths
path 1 : 1100
path 2: 1100
path3: 2000
path4:4000
ny default the router will place traffic on path1 and path 2. You can have the router use all 4 paths by using the VARIANCE command. VARIANCE is a multiplier.
eg.. to load balance with paths 1, 2 and 3 use variance 2 (1100×2=2200 which is higher then the metric of path 3.)
eg..to load balance with path 1,2,3 & 4 use variance 4 (1100×4 = 4400 which is higher then the metric of path 4.)
—————————————————————————————————————————————————-
when manipulating metrics always set the true bandwidth of the interface. The delay should always be used to influence EIGRP routing decisions.
————————————————————-
By default eigrp will accept is 100. You can set the max t0 220 with metric maximum hops.
——————————
When redistributing eigrp into ospf make sure you use the SUBNETS keyword.
router ospf 1
redistribute eigrp 1 subnets
note: When routes are redistributed into OSPF, only routes that are not subnetted are redistributed if the subnets keyword is not specified
—————————————————————————–
The metric value specified in the redistribute command supersedes the metric value specified using the default-metric command.
————————————————————
Troubleshooting.
When you ping 224.0.0.10 does the neightbor reply?
———————————————————————
Just keep in mind they may tell you to perform this load-balancing over X
number of paths, but the only variance value to fit this requirement will
actually cause you to exceed you path requirement. In that case you may
need a variance value AND a maximum-paths value.
————————————————————————————–
Posted in EIGRP, Routing & Switching Lab | Leave a Comment »
RIP notes
Posted by Peter Kurdziel on December 12, 2008
change the default rip timers – sh ip proto to see what they are.
router rip
ver 2
timers basic 60 360 360 480
————————————————-
delay a regular periodic update by 100 ms after receiving an update
router rip
ver 2
timers basic 60 360 360 480 100 < — this is the sleep timer.
—————————————————————
supress a flash update if the regular update is due in 10 seconds or less
router rip
ver 2
flash-update-theshold 10
——————————————————————–
md5 authentication in ripv2
key chain MD5
key 1
key-string ciscomd5
int e0/0
ip rip authentication key-chain MD5
ip rip authentication mode md5
———————————————————————–
R1 and bb1 are in different rip domains but you still want to receive rip routes from bb1
router rip
ver 2
no validate-update-source
——————————————————————-
allow only prefix-length of /10 – /26 in the routing table- do not use neighbor to accomplish this task.
ip prefix-list NET seq 5 permit 0.0.0.0/0 ge 10 le 26 <– this identify’s routes with that have a prefix length of /10 – /26
ip prefix-list BB1 seq 5 permit 131.1.1.1.1/32 < — identify’s BB1 prefix
router rip
distribute-list prefix NET gateway BB1 in e0/0
——————————————————————————
Router(config-router)# offset-list [access-list-number | access-list-name] {in | out} offset [interface-type interface-number]
——————————————————–
conf t
router eig 100
no auto
net 131.1.112.0 0.0.0.255
inject a default route into rip v2 if one of the 2 networks are advertised by bb2 are in the routing table.
access-list 1 permit 11.1.1.0 0.0.0.255
access-list 1 perm 12.1.1.0 0.0.0.255
route-map MATCHIPINTABLE
match ip add 1
router rip
default-information originate route-map MATCHIPINTABLE
do not allow r4 to advertise networks from bb1 to downstream neighbors. Anything past a hop count of 15 will be dropped.
access-list 1 permit 103.0.0.0 0.63.255.255 log
access-list 1 permit 104.0.0.0 0.31.255.255
access-list 1 permit 105.0.0.0 0.3.255.255 log
access-list 1 permit 107.1.1.0 0.0.0.63
access-list 1 permit 108.1.1.64 0.0.0.63
access-list 1 permit 109.1.4.0 0.0.3.255
router rip
version 2
timers basic 60 360 360 480
offset-list 1 out 12 Serial1/0.12 < — offset the routing metric by 12 so next hope will be 14
offset-list 1 out 13 Serial1/0.14 < — offset the routing metric by 12 so next hope will be 15
no validate-update-source <——- do not validate the route’s update source.
——————————————–
supress periodic ripv2 uipdates. routers should only send updates if there is a topology change.
int s1/0./13
ip rip triggered
——————————————–
send unicast updates
conf t
router rip
passive int e0/1
nei 131.1.24.2
———————————–
send via rip2 updates via broadcast
int e0/0
ip rip v2-broadcast
debug ip rip
RIP protocol debugging is on
R6(config-if)#
*Mar 1 00:58:38.799: RIP: sending v2 update to 255.255.255.255 via Ethernet0/0 (131.1.56.6
————————-
advertise a single summary address
150.1.0.3 /24
150.1.1.3 /24
150.1.2.3 /24
150.1.3.3 /24
int s1/0.31
ip summary-address rip 150.1.0.0 255.255.252.0
———————————————-
r1 is a high speed rtr. r3 is a slow rtr
config r1 to wait 10msec between rip packets
config r3 to increase its RIP queue depth to 75
r1
conf t
router rip
output-delay 10
r3
conf t
router rip
input-queue 75
————————-
configure r6 so that r4 recieves even routers from r6 and odd routes from r5.
Loopback0 160.1.0.6 YES manual up up
Loopback1 160.1.1.6 YES manual up up
Loopback2 160.1.2.6 YES manual up up
Loopback3 160.1.3.6 YES manual up up
Loopback9 160.1.9.6 YES manual up up
access-list 1 permit 160.1.1.0 0.0.254.255
access-list 2 permit 160.1.0.0 0.0.254.255
router rip
ver 2
offset-list 2 out 15 e0/0 <- to r5 -since it’s 15 this will drop even routes to r5, sending odd routes
offset-list 1 out 15 s1.0.64 <- to r4 -since it’s 15 this will drop odd routes to r4, sending even routes
net 160.1.0.0
R4(config-router)#do sho ip route 160.1.0.0 ?
% Unrecognized command
R4(config-router)#do sho ip route 160.1.0.0
Routing entry for 160.1.0.0/24, 5 known subnets
Redistributing via rip
R 160.1.1.0 [120/2] via 131.1.45.5, 00:00:02, Serial1/0.45 — = r5
R 160.1.0.0 [120/1] via 131.1.46.6, 00:00:39, Serial1/0.46 — = r6
R 160.1.3.0 [120/2] via 131.1.45.5, 00:00:02, Serial1/0.45 — = r5
R 160.1.2.0 [120/1] via 131.1.46.6, 00:00:39, Serial1/0.46 — = r6
R 160.1.9.0 [120/2] via 131.1.45.5, 00:00:02, Serial1/0.45 — = r5
—————————————————————————————————————–
config r2 so that it advertises all rip routes to bb3 without chaning the vlan info on cat
router rip
no validate-update-source
net 131.1.0.0
sw-1
conf t
monitor session 1 source inter f1/3 both
monitor session 2 destination inter f1/11
——————————————————————–
configure clear text authentication ———(FYI with clear text authentication the numbers do not need to match)
config t
key chain CLEAR
key 1
key-string cisco
int e0/0
ip rip authen key-chain CLEAR
————————————————————————-
conifg ripv2 MD5 authentication
key chain MD5
key 1
key-string cisco23
int e0/1
ip rip authentica key-chain MD5
ip rip authentica mode md5
——————————————————————————
configure r2 so that it receives all routes form R3. R3 ignores all v2 packets fomr R2 because of invalid authentication.
r2
key chain MD5
key 2 <—————-
key-string cisco23
———————– in ripv2 md2 if the keys do not match the higher key will receive all the routes and it will
polulate all the received routes in the routing table. The router with the lower key will totally ignore all routes received
for the other router.
——————————————————————————————————————-
if the interface is configured in a multipoint using a sub interface manner then IP split horizon is ENABLED.
sh ip int int s1/0.23
split horizon is enabled
if the interface is configured in a multipoing using the physical interface then IP split horizon is DISABLED.
sh ip int s1/0
split horizon is diabled
———————————————————————————————–
ppp over frame-relay
conf t
int virtual-template 123
ip address 10.1.1.1 255.255.255.0
int s1/0
frame-relay interface-dlci 102 ppp virtual-template 123
————————————————————–
Posted in RIP, Routing & Switching Lab | Leave a Comment »
Using Extended Access-Lists In A Distribute-List
Posted by Peter Kurdziel on December 10, 2008
- Using distribute-list with extended ACL is a bit tricky, as different
routing protocols may interpret the exended ACL in different ways. This use is
very poorly docummented in DOC CD. Maybe, because this use is a legacy one,
and not recommended anymore.
There’s a good blog entry by Brian M. (from IE) on this topic at the following
URL:
http://blog.internetworkexpert.com/2008/01/04/using-extended-access-lists-in-
a-distribute-list/
Using Extended Access-Lists In A Distribute-List
Hi Brian,
I’m trying to create a distribute-list in RIP to allow only even routes to be received. I can do it successfully with a standard ACL, however if I use an extended ACL I can’t get any routes at all. I’ve heard that extended ACLs are better because they also check the netmask. What am I doing wrong?
Using an extended access-list with a distribute-list is supported, however the syntax can be a little confusing because it means different things for different applications. When using an extended ACL for a distribute-list in BGP it acts like a prefix-list. This means that you can match on both the address of the prefix and the subnet mask. In other words if you have prefixes 10.0.0.0/8 and 10.0.0.0/16 you can distinguish between them by saying not only must the address be 10.0.0.0 but the subnet mask must be /8. In prefix-list syntax this is very straightforward, as to match this prefix we would use the following:
ip prefix-list PREFIX1 permit 10.0.0.0/8
When using an extended access-list in BGP the syntax of the list changes in that we are not matching source and destination pairs, but instead are matching the address and netmask. In extended ACL syntax the above prefix-list would read:
access-list 100 permit ip host 10.0.0.0 host 255.0.0.0
This means that the address must be exactly 10.0.0.0 and the subnet mask must be exactly 255.0.0.0. By changing the “host” keyword to a wildcard mask we can do fuzzy binary matches. For example the following syntax means check any address that starts with “192.168” and has a subnet mask of /24:
access-list 101 permit ip 192.168.0.0 0.0.255.255 host 255.255.255.0
In other words this list matches 192.168.0.0/24, 192.168.100.0/24, 192.168.200.0/24, etc.
This extended access-list syntax can also be used in a route-map for redistribution filtering in both IGP and BGP. For example if we took the previous access-list 101 and matched it in a route-map as follows:
route-map OSPF_TO_RIP permit 10 match ip address 100 ! router rip redistribute ospf 1 metric 1 route-map OSPF_TO_RIP
This syntax would say that we want to redistribute OSPF routes into RIP, but only those which are 192.168.X.X/24.
The confusion for this extended access-list implementation is that when it is called as a distribute-list in IGP the syntax changes. In the previous examples the normal “source” field in the ACL represents the network address, where the “destination” field represents the subnet mask. In IGP distribute-list application the “source” field in the ACL matches the update source of the route, and the “destination” field represents the network address. This implementation allows us to control which networks we are receiving, but more importantly who we are receiving them from. Take the following topology:
R1, R2, and R3 share an Ethernet network 123.0.0.0/8 that is running RIP. Both R1 and R2 are advertising the identical prefixes 10.0.0.0/8 and 20.0.0.0/8 to R3. Their configurations are as follows:
R1#show ip int brief | exclude unassigned
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 123.0.0.1 YES manual up up
Loopback0 10.0.0.1 YES manual up up
Loopback1 20.0.0.2 YES manual up up
R1#show run | begin router rip
router rip
version 2
network 10.0.0.0
network 20.0.0.0
network 123.0.0.0
R2# show ip int brief | exclude unassigned
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 123.0.0.2 YES manual up up
Loopback0 10.0.0.1 YES manual up up
Loopback1 20.0.0.2 YES manual up up
R2#sh run | begin router rip
router rip
version 2
network 10.0.0.0
network 20.0.0.0
network 123.0.0.0
R3#show ip route rip
R 20.0.0.0/8 [120/1] via 123.0.0.2, 00:00:00, Ethernet0/0
[120/1] via 123.0.0.1, 00:00:00, Ethernet0/0
R 10.0.0.0/8 [120/1] via 123.0.0.2, 00:00:00, Ethernet0/0
[120/1] via 123.0.0.1, 00:00:00, Ethernet0/0
From this output we can see that R3 has the two prefixes installed twice, once from R1 and once from R2. Now let’s suppose that prefix 10.0.0.0/8 we only want to receive from R1, while prefix 20.0.0.0/8 we only want to receive from R2. We can accomplish this with an extended access-list as follows:
R3#conf t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#access-list 100 permit ip host 123.0.0.1 host 10.0.0.0 R3(config)#access-list 100 permit ip host 123.0.0.2 host 20.0.0.0 R3(config)#router rip R3(config-router)#distribute-list 100 in Ethernet0/0 R3(config-router)#end R3#clear ip route * R3#show ip route rip R 20.0.0.0/8 [120/1] via 123.0.0.2, 00:00:00, Ethernet0/0 R 10.0.0.0/8 [120/1] via 123.0.0.1, 00:00:00, Ethernet0/0
We can see now R3 only has one entry for each prefix, with the 10.0.0.0/8 coming only from R1 and the 20.0.0.0/8 coming only from R2. The disadvantage of this application however is that we cannot distinguish prefixes based on their netmask. For example we could not say that we want to receive prefix 172.16.0.0/16 from only R1 and prefix 172.16.0.0/24 only from R2. For this implementation in IGP we would use a prefix-list that is called from a distribute-list with the “distribute-list prefix” syntax under the routing process.
Reference: http://blog.internetworkexpert.com/2008/01/04/using-extended-access-lists-in-a-distribute-list/
Posted in IP Services | Leave a Comment »
spanning tree uplink fast
Posted by Peter Kurdziel on December 7, 2008
spanning tree uplink fast – takes approximately 1 to 5 seconds.
spanning tree backcone fast – move immediately to the listening state without waiting for the maximum aging time for the interface to expire.
Posted in CATALYST, Routing & Switching Lab | Leave a Comment »
