EIGRP

Enhanced Interior Gateway Routing Protocol, or EIGRP, is a Cisco proprietary, advanced distance vector dynamic routing protocol. EIGRP Characteristics Fast Convergence EIGRP uses the DUAL algorithm to converge very quickly. It does this by knowing neighbor routers routing tables and predefining primary and secondary routes to every destination network. Triggered Updates EIGRP uses partial triggered updates to its directly connected neighbors rather than periodically sharing its entire routing table. This saves link bandwidth because updates are only sent if a change is incurred, only the changes are sent in the update, and lastly the updates are only sent to a routerss affected neighbors. Very efficient! Protocol Independent Enhanced Interior Gateway Routing Protocol supports more than just IPv4. It supports IPv4, IPv6, IPX, and AppleTalk. Multicast EIGRP sends route updates, hellos, and queries to its neighbors using the multicast address 224.0.0.10 so end hosts are not affected. Hellos are sent out every 5 seconds by default to learn about new neighbors and make sure existing neighbors are still available. VLSM Variable length subnet masking is supported by EIGRP because it is a classless routing protocol. That means subnet masks are included in route updates. Terminology Feasible and advertised distance EIGRPs DUAL algorithm determines the best route to a particular network by using distance information, known as cost or metric. DUAL determines the lowest cost path by adding up the cost to the destination network. Neighbors exchange the cost to every route they know of when a neighbor adjacency is formed. A router then uses that information to calculate their own cost to the same network by adding the

cost between themselves and their neighbor, then adding that to the neighbors advertised cost. So, (the cost between neighbors) + (the neighbors cost to the destination network) = the total cost to the remote network, or the feasible distance. The cost the neighbor advertised to the remote network is known as theadvertised distance. See the diagram below.

Successor Think of the successor as the active, or primary, route to a destination for EIGRP. The successor is actually the neighbor router that has the least-cost path to a destination network (a.k.a. has the lowest feasible distance). Successor routes are added directly to the routing table. You should also know that multiple successors can exists if they have identical feasible distance values. Feasible Successor This is more like the backup route EIGRP chooses to a destination network. The feasible successor feature is what makes EIGRP convergence so unique and so fast. It always tries to find a backup route. In the event that the successor fails, it can immediately switch over to the feasible successor (backup) route with very little delay. To qualify as a feasible successor, the AD must be less than the successors FD. This helps ensure a loop-free layer 3 path.

Tables Neighbor Table EIGRP discovers neighbors by sending out hellos every 5 seconds. When a routers receives a hello with the same AS number defined, it forms an adjacency and adds the local interface it used to reach it as well as the neighbors IP address to the EIGRP neighbor table. Topology Table When routers form an adjacency, they exchange route information. That information is transferred to the EIGRP topology table, which contains all the destinations advertised by a routers neighbors. There are two different types of entries in the topology table, active and passive. Now you may think that the active entry is the preferred or actively-in-use route, but surprisingly, the opposite is true. The route in the topology table that is in the active state signifies that it is actively looking for an alternative path to a destination because the successor has failed and no FS exists. Obviously this is not an ideal scenario. If a routers successor route becomes unavailable, but has a feasible successor the FS will immediately become the successor and there is almost no delay incurred. This is the primary reason EIGRP convergence times tend to be some of the fastest of all the dynamic routing protocols. If, however, a routers successor becomes unavailable and does not have a FS to the destination, it will send query messages to all of its neighbors asking if they know of a path to the destination. The neighbors will either respond with a path or forward the query to all of their neighbor routers until a path is identified and relayed back to the original requester or no more neighbor routers exist. During the time the router is waiting back for a response, it is unable to forward traffic to the destination network, which can hurt EIGRPs convergence time. Passive entries represent routes that have at least a single successor and perhaps a feasible successor. They are what you should see in a normal, stable topology. Notice the Ps in the output from the show eigrp topology command below. They indicate that the entries in the EIGRP topology table are in the passive (read: normal) state. R1#sh ip eigrp topology

IP-EIGRP Topology Table for AS(1)/ID(10.1.1.1) Codes: P - Passive, A - Active, U - Update, Q Query, R - Reply, r - reply Status, s - sia Status P 10.1.3.0/24, 1 successors, FD is 156160 via 10.1.100.3 (156160/128256), FastEthernet0/0 P 10.1.2.0/24, 1 successors, FD is 156160 via 10.1.100.2 (156160/128256), FastEthernet0/0 via 10.1.200.2 (2297856/128256), Serial1/0 P 10.1.1.0/24, 1 successors, FD is 128256 via Connected, Loopback1 P 192.168.100.0/24, 1 successors, FD is 156160 via 10.1.100.3 (156160/128256), FastEthernet0/0 P 10.1.100.0/24, 1 successors, FD is 28160 via Connected, FastEthernet0/0 P 10.1.200.0/24, 1 successors, FD is 2169856 via Connected, Serial1/0

EIGRP Messages Hello EIGRP hello packets are sent out every 5 seconds by default using multicast address 224.0.0.10 to maintain and discover neighbor relationships. On slower (T1 and below) and NBMA links, hellos are sent every 60 seconds to conserve bandwidth. EIGRP hello packets also contain a hold timer which lets the router know if a neighbor is down. The hold timer is set to 15 seconds normally (~3 unresponsive hellos), and 180 seconds for slower WAN links. When a router receives a hello packet from another router with the same AS (Autonomous System) number, it automatically forms a neighbor relationship (also known as an adjacency). Update During the EIGRP start-up process on a router, an update message is sent out to its neighbors containing the contents of the routers routing table. The only other time an update packet is sent is when network changes occur on a router and it then sends out an update message to its neighbors who the route change would affect. Query When EIGRP looses its successor route and does not have a FS, it sends out a query message to all of its neighbors asking if they know a path. (See topology section above) Ack Acknowledgement packets are sent in response to update, query, or reply packets. Reply When a router responds to a neighbor router looking for a route (query), it sends it in the form of a reply. Graceful Shutdown When an EIGRP process is shut down, the router sends out goodbye messages to its neighbors (ironically in the form of hello packets). The neighbors can then immediately begin recalculating paths to destinations that went through the shutdown router without having to wait for the hold timer to expire.

EIGRP Metrics There are 5 descriptives EIGRP uses to calculate its metric, although Cisco generally does not recommend tuning these metrics unless you have a very specific purpose. You should be aware that only the bandwidth and delay numbers factor into the default formula.

Bandwidth the lowest bandwidth value between the source and destination Delay the cumulative delay along a series of links Reliability Load MTU EIGRP Configuration Step 1. Define EIGRP as the routing protocol with a predefined Autonomous System ID. Routers will not form a neighbor relationship if their AS numbers do not match. Example: R3(config)# router eigrp 1 Step 2. Define the attached networks you want to participate in EIGRP Add each network to the EIGRP process with the network prefix mask command for each network. The mask is an inverted mask, like ACLs use. Example, a /24 mask would be 0.0.0.255. The network prefix mask command tells the router which local interfaces will then participate in EIGRP. This can be very useful if you do not want specific interfaces to participate in EIGRP. Using the mask statement will define how you want the routes summarized if you turn off auto summarization. If you choose not to use the mask, EIGRP will assume the networks are part of the major networks (class A,B,C boundaries) and could cause potential problems.

Example: R3(config-router)#router eigrp 1 R3(config-router)# network 10.1.100.0 0.0.0.225 R3(config-router)# network 192.168.100.0 0.0.0.3 R3(config-router)# network 192.168.100.4 0.0.0.3 R3(config-router)# no auto-summary The output of R3s running configuration can be seen below. R3#sh run | begin router eigrp 1 router eigrp 1 network 10.0.0.0 network 192.168.100.0 0.0.0.3 network 192.168.100.4 0.0.0.3 no auto-summary EIGRP Verification show ip eigrp neighbors Displays EIGRP neighbors a router has discovered. R3#sh ip eigrp neighbors IP-EIGRP neighbors for process 1

H Address Uptime SRTT (ms)

Interface RTO Q Seq

Hold (sec)

Cnt Num Fa0/0 0 0 21 Fa0/0 22 14 13

1 10.1.100.2 00:12:23 737 4422 0 10.1.100.1 00:12:29 535 3210

show ip eigrp topology Displays the output of the EIGRP topology tables including successor and feasible successor routes. R3#sh ip eigrp topology IP-EIGRP Topology Table for AS(1)/ID(192.168.100.5) Codes: P - Passive, A - Active, U - Update, Q Query, R - Reply, r - reply Status, s - sia Status P 192.168.100.4/30, 1 successors, FD is 128256 via Connected, Loopback15 P 10.1.3.0/24, 1 successors, FD is 128256 via Connected, Loopback3 P 10.1.2.0/24, 1 successors, FD is 156160

via 10.1.100.2 (156160/128256), FastEthernet0/0 P 10.1.1.0/24, 1 successors, FD is 156160 via 10.1.100.1 (156160/128256), FastEthernet0/0 P 192.168.100.0/30, 1 successors, FD is 128256 via Connected, Loopback11 P 10.1.100.0/24, 1 successors, FD is 28160 via Connected, FastEthernet0/0 P 10.1.200.0/24, 2 successors, FD is 2172416 via 10.1.100.1 (2172416/2169856), FastEthernet0/0 via 10.1.100.2 (2172416/2169856), FastEthernet0/0

show ip route Shows the ip routing table entries for all routing protocols. R3#sh ip route Codes: C - connected, S - static, R - RIP, M mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0/24 is subnetted, 5 subnets C 10.1.3.0 is directly connected, Loopback3

D 10.1.2.0 [90/156160] via 10.1.100.2, 00:14:46, FastEthernet0/0 D 10.1.1.0 [90/156160] via 10.1.100.1, 00:14:55, FastEthernet0/0 C 10.1.100.0 is directly connected, FastEthernet0/0 D 10.1.200.0 [90/2172416] via 10.1.100.2, 00:14:46, FastEthernet0/0 [90/2172416] via 10.1.100.1, 00:14:46, FastEthernet0/0 192.168.100.0/30 is subnetted, 2 subnets C 192.168.100.4 is directly connected, Loopback15

C 192.168.100.0 is directly connected, Loopback11

show ip route eigrp Displays the EIGRP routes that the routing table is using. All internal EIGRP routes will be marked with a D (as in DUAL) at the beginning. R3#sh ip route eigrp 10.0.0.0/24 is subnetted, 5 subnets D 10.1.2.0 [90/156160] via 10.1.100.2, 00:16:49, FastEthernet0/0 D 10.1.1.0 [90/156160] via 10.1.100.1, 00:16:57, FastEthernet0/0 D 10.1.200.0 [90/2172416] via 10.1.100.2, 00:16:49, FastEthernet0/0 [90/2172416] via 10.1.100.1, 00:16:49, FastEthernet0/0

Additional EIGRP Configuration Options EIGRP Default Routes Defaults routes make life easier in many situations. They can decrease the size (and complexity) of the routing table by providing a path to all unspecified destinations. One option is to use a static default route with the ip route 0.0.0.0 0.0.0.0 interface/address statement as discussed in the Routing Fundamentals page. This must be configured on every router that will use that default route.

Another option if you are running EIGRP is to use the ip default-network network-number command in global configuration mode. Any network that is reachable within the local routers routing table is eligible to be used by EIGRP as a default route. Once configured, EIGRP will advertise the route to its EIGRP neighbors as a default route. ** If you want to use this method, in conjunction with a static route you will have to first redistribute the static route into EIGRP. ** Once you use the ip default-network command to define a default route for EIGRP, the router creates a static route in the configuration without notifying you. That means in order to remove the default route, you must use the no ip route command instead of no ip default-network.

Summarization EIGRP summarizes routes by their major classful boundaries, which can be problematic and cause specific subnets to not be advertised correctly. To disable automatic summarization: R1(config)# router eigrp 1 R1(config-router)# no auto-summary It is also possible to manually summarize routes with EIGRP out specific interfaces. Under the interface configuration mode, use the ip summaryaddress eigrp autonomous-system command.

R1(config)# intferface s0/0/0 R1(config-if)# ip summary-address eigrp 1 10.1.2.0 255.255.255.0 EIGRP over WAN Networks EIGRP + MPLS MPLS defines the customers WAN routers as CE, or customer edge routers and the carriers border routers as PE, or providers edge routers. The CE routers appear to each other as directly connected peers. When CE West sends information to CE East, PE West intercepts the data, strips the

Ethernet frame, encapsulates it into a MPLS packet, and forwards it over the service providers network to PE East. PE East strips off the MPLS information, re-encapsulates it into an Ethernet frame and forwards it on to CE East. This transparent transport allows an EIGRP neighbor relationship to form between the two customer routers.

EIGRP + Frame Relay Lets face it; frame relay is a dying WAN technology. Other, more current WAN options like MPLS and metro Ethernet have taken over, but Cisco thinks its important for us to understand the underlying framework of how frame relay works. Frame relay works using switched, virtual circuits through the service provider network. One of the advantages of Frame Relay is that it allows multiple logical circuits to be configured on a single physical interface. Each VC is identified with a locally-significant DLCI, or Data-Link Connection Identifier. The layer 2 virtual circuit must then be mapped to a layer three neighbor, which can be either dynamic or static. Frame relay is able to emulate point-to-point links by using multiple subinterface on a single physical interface (often used on hub-and-spoke topologies). This allows neighbors to be identified as down much more quickly for two reasons: 1. The default timers are shorter (5 sec hold timer, 15 second dead timer). 2. The subinterface is marked down whenever its local DLCI goes down.

Static To configure frame relay statically, configurations must be done on the interface level. The broadcast descriptive is required at the end of the statement because frame relay defaults to a non-broadcast medium. Also, static mappings can be applied to both multipoint interfaces as well as subinterfaces on a single physical port. R1(config-if)# frame-relay map ip remote-ip-address loacl-dlci broadcast Dynamic Dynamic mappings use inverse ARP. In this case, routers only form EIGRP neighbor relationships with other routers they connect to using a frame relay virtual circuit. No IP split horizon When running EIGRP on frame relay multipoint subinterfaces, a major communication problem can occur. Split-horizon is a method of preventing routing loops in distance-vector routing protocols by prohibiting a router from advertising a route back onto the interface from which it was learned. When a hub and spoke frame relay topology exists, multipoint subinterfaces are configured on the hub router. The issue is that split horizon is enabled by default, so in the example below, if R2 learns routes from R1, it cannot then pass those on to R3 because split horizon would prevent the advertisement from going out the same physical interface. This results in R2 being able to communicate with the spoke routers networks, but R3 and R1 are unable to communicate with each other.

To remedy the situation, split horizon must be disabled on the R2 EIGRP process.

R2(config-if)# no ip split-horizon EIGRP as-number Managing EIGRP Bandwidth There are two important points to remember when running EIGRP over WAN links. The first is that EIGRP assumes that WAN interfaces run at T1 speed (1544 kbs). The second is that EIGRP will allocate up to 50% of a links bandwidth for EIGRP control traffic. These two combined can be problematic on links that are slower than a T1 (like a 64k fractional T1 for example). In that situation, EIGRP messages could choke out data traffic quickly. To control that, the bandwidth command should be used in WAN links to tell EIGRP what the actual link bandwidth is. R1(config)# int serial 0/0/0 R1(config-if)# bandwidth 64 EIGRP is often used on frame relay for this reason alone. The ability to control the routing protocols usable bandwidth so simply makes it a popular choice. More EIGRP options Passive Interfaces Not to be confused with the passive (healthy) topology table entries, interfaces with the passive-interfacecommand applied do not allow any routing updates or hellos out the interface. For EIGRP, this means that the router will not form adjacencies with connected routers on that particular port. R1(config)# router eigrp 1 R1(config-router)# passive-interface gig 3/1 Unicast

EIGRP uses multicast address 224.0.0.10 when sending messages to its neighbors. You should be aware that EIGRP can also use a unicast address when communicating with a specific neighbor. To configure it: R1(config)#router eigrp 1 R1(config-router)# neighbor ip-address The IP address used must be in one of the same subnet ranges as one of the routers interfaces. EIGRP load balancing Out of the box, EIGRP will automatically load balance across equal-cost paths with no special configuration. EIGRP is unique, however, in its ability to load balance across unequal-cost paths with a single command. The variance command allows unequal-cost load balancing over up to 6 different paths. But heres the key, it only works when the cost of the path is lower than the variance number multiplied by the best metric. Here is an example scenario.

R1 will by default use the path through R3 because it has the lowest metric. To enable unequal-cost load balancing, we can use the following command:

R1(config)#router eigrp 1 R1(config-router)# variance 2 The variance command multiplies the best cost (10,000) by 2 (20,000) and will begin load balancing across all paths with a FD less than that which includes the path through R2(15,000). This will load balance the traffic in proportion to each paths metric. Maximum-paths By default, Cisco IOS will load balance across 4 equal-cost paths only. Using the maximum-paths command, you can configure the router to load balance over up to 16 paths. Setting it to 1 disables the load balancing. R1(config)#router eigrp 1 R1(config-router)# maximum-paths number-of-paths EIGRP Authentication EIGRP supports authentication of its messages using an MD5 hash. When configured, if an incoming EIGRP packets hash does not match the local hash, the packet is silently dropped. Authentication configuration steps: 1. Configure a key chain to group the keys (read: passwords). 2. Create a key(s) inside the keychain. The router will look inside the keychain and compare the keys against incoming packets. 3. Enable authentication and assign a key to an interface. 4. Indicate MD5 as the authentication type. Example R1(config)# key chain TEST R1(config-keychain)# key 1 R1(config-keychain-key)# key-string samplepassword

R1(config-keychain-key)# exit R1(config)# interface gig 1/12 R1(config-if)# ip authentication mode eigrp 10 md5 R1(config-if)# ip authentication key-chain eigrp 10 TEST

EIGRP Stub Routing If a router is a spoke in a hub-and-spoke router topology, it is considered a stub router. It is not a transit router and usually has only a single neighbor router, sometimes two. Within EIGRP you can define a router as a stub router to limit the EIGRP queries. This saves bandwidth and prevents neighbor routers from requesting alternate routes when a path fails. If you have many spoke routers, this can dramatically improve EIGRP reconvergence time. The EIGRP stub router still receives all route updates from its neighbor(s) by default. R1(config)#router eigrp 1 R1(config-router)# eigrp stub [receive-only | connected | static | summary | redistributed]

EIGRP Best Practices Summarize routes when possible. Limit the network depth to 7 hops. Limit the scope of EIGRP queries. ======================================================

All the Best, Maher Abdelshkour