EIGRP
Enhanced IGRP, like IGRP, is a proprietary Cisco protocol; other vendors' routers cannot support EIGRP, but that's about the only disadvantage. EIGRP provides excellent performance, easy configuration, VLSM support, and support for IPX and AppleTalk. It is a distance-vector protocol that also contains the characteristics of a link-state protocol. EIGRP uses the same compound metric as its predecessor, IGRP. And unlike IGRP, which is prone to routing loops, EIGRP is pretty much loop-free. The most unique feature of EIGRP is its dual finite state machine, which provides an extremely fast convergence time. Other features are partial routing table updates (less bandwidth and CPU are used on routing updates), automatic discovery of neighbors, and increased scalability.
9.3.1. Enabling EIGRP on the Network
Here are the EIGRP configurations for Router 1, Router 2, and Router 3 in Figure 9-1. By now, these configurations should look familiarthey're almost identical to the IGRP configurations, except for the name of the protocol.
The configuration for Router 1 is:
interface Ethernet0 ip address 172.16.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 192.168.3.1 255.255.255.0 ! interface Serial1 bandwidth 125 ip address 192.168.1.1 255.255.255.0 ! router eigrp 101 network 172.16.0.0 network 192.168.1.0 network 192.168.3.0
For Router 2, the configuration is:
interface Ethernet0 ip address 172.17.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 192.168.1.2 255.255.255.0 ! interface Serial1 bandwidth 125 ip address 192.168.2.1 255.255.255.0 ! router eigrp 101 network 172.17.0.0 network 192.168.1.0 network 192.168.2.0
And for Router 3, the configuration is:
interface Ethernet0 ip address 172.18.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 192.168.2.2 255.255.255.0 ! interface Serial1 bandwidth 125 ip address 192.168.3.2 255.255.255.0 ! router eigrp 101 network 172.18.0.0 network 192.168.2.0 network 192.168.3.0
Let's do some simple testing on Router 1 to make sure the routes are good:
Router1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set D 172.17.0.0/16 [90/21017600] via 192.168.1.2, 00:00:05, Serial1 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks D 172.16.0.0/16 is a summary, 00:00:03, Null0 C 172.16.1.0/24 is directly connected, Ethernet0 D 172.18.0.0/16 [90/21017600] via 192.168.3.2, 00:00:03, Serial0 C 192.168.1.0/24 is directly connected, Serial1 D 192.168.2.0/24 [90/21504000] via 192.168.1.2, 00:00:05, Serial1 [90/21504000] via 192.168.3.2, 00:00:05, Serial0 C 192.168.3.0/24 is directly connected, Serial0
From Router 1, ping Router 2's Ethernet interface:
Router1#ping 172.17.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
From Router 1, ping Router 3's Ethernet interface:
Router1#ping 172.18.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.18.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
From the output, you can see that Router 1's routing table has the expected routes. And the pings establish that Router 1 knows how to get to the Ethernet interfaces on both Router 2 and Router 3.
Comparing the output of show ip route to our previous examples, we see a new summary route for network 172.16.0.0/16 pointing to Null0. EIGRP creates this route by default; it helps to prevent possible black holes when default and summary routes are used. In our network from Figure 9-1, this summarization isn't a problem, due to our subnetting design.
9.3.2. EIGRP and Route Summarization
Figure 9-3 shows a network on which we are going to use EIGRP as a routing protocol. It's almost identical to the network in Figure 9-1; it differs primarily in that we are going to conserve some address space by using a /30 subnet on our shared serial links. We've also connected each router to a /24 subnet of the 172.16.0.0 network, which (to a classful routing protocol) has a 16-bit netmask. This network will allow us to demonstrate how EIGRP can handle classless routing, in addition to showing how it handles automatic route summarization.
Figure 9-3. A simple network using EIGRP
Here are the initial configurations for our three routers. The interface commands are included to better illustrate the entire configuration.
Here's the configuration for Router 1:
interface Ethernet0 ip address 172.16.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 192.168.1.13 255.255.255.252 ! interface Serial1 bandwidth 125 ip address 192.168.1.5 255.255.255.252 ! router eigrp 100 network 172.16.0.0 network 192.168.1.0 ! ip classless
For Router 2, the configuration is:
interface Ethernet0 ip address 172.16.2.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 192.168.1.6 255.255.255.252 ! interface Serial1 bandwidth 125 ip address 192.168.1.9 255.255.255.252 ! router eigrp 100 network 172.16.0.0 network 192.168.1.0 ! ip classless
Here's the configuration for Router 3:
interface Ethernet0 ip address 172.16.3.1 255.255.255.0 ! interface Serial0 ip address 192.168.1.10 255.255.255.252 ! interface Serial1 ip address 192.168.1.14 255.255.255.252 ! router eigrp 100 network 172.16.0.0 network 192.168.1.0 ! ip classless
This looks correct. We didn't need to specify classless routing explicitly, because it's the default for EIGRP, but it never hurts to make it clear how you expect your network to behave. However, if we look at the output from show ip route and a few pings, we will see that something is wrong:
Router1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks D 172.16.0.0/16 is a summary, 00:00:02, Null0 C 172.16.1.0/24 is directly connected, Ethernet0 192.168.1.0/30 is subnetted, 3 subnets D 192.168.1.8 [90/21504000] via 192.168.1.14, 00:00:02, Serial0 [90/21504000] via 192.168.1.6, 00:00:02, Serial1 C 192.168.1.12 is directly connected, Serial0 C 192.168.1.4 is directly connected, Serial1
From Router 1, try to ping Router 2's Ethernet interface:
Router1#ping 172.16.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
From Router 1, try to ping Router 3's Ethernet interface:
Router1#ping 172.16.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.3.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5)
Our attempts to ping the Ethernet interfaces of the other routers from Router 1 failed. If you look closely at the routing table, you can see why. EIGRP has summarized the entire 172.16.0.0/16 network for us and pointed the route to the null interface:
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks D 172.16.0.0/16 is a summary, 00:00:02, Null0 C 172.16.1.0/24 is directly connected, Ethernet0
This is actually how EIGRP is supposed to behave, strange as it may seem; the summary route is created because of the way we subnetted 172.16.0.0/16. The same summary route exists on Router 2:
Router2#show ip route ... Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks D 172.16.0.0/16 is a summary, 00:05:57, Null0 C 172.16.2.0/24 is directly connected, Ethernet0 192.168.1.0/30 is subnetted, 3 subnets C 192.168.1.8 is directly connected, Serial1 D 192.168.1.12 [90/21504000] via 192.168.1.5, 00:05:57, Serial0 C 192.168.1.4 is directly connected, Serial0
And we'd see the same thing on Router 3 if we took the time to look. Although EIGRP can handle classless addresses, it automatically summarizes routes to classful addresses and creates a summary route that points to the Null0 interface. EIGRP points the summary route to Null0 in order to prevent routing loops.
Route summarization occurs only on:
- Routes that are directly connected to this router
- Routes other than the current interface's network
The solution for this network is to disable auto-summary in EIGRP by adding the no auto-summary command to the EIGRP configuration on each router.
For Router 1, the EIGRP configuration now looks like this:
router eigrp 100 network 172.16.0.0 network 192.168.1.0 no auto-summary
After making this change on every router, we can do a show ip route on Router 1, which should look better. The summary route to Null0 is gone:
Router1#show ip route ... Gateway of last resort is not set 172.16.0.0/24 is subnetted, 3 subnets C 172.16.1.0 is directly connected, Ethernet0 D 172.16.2.0 [90/21017600] via 192.168.1.6, 00:00:23, Serial1 D 172.16.3.0 [90/21017600] via 192.168.1.14, 00:00:03, Serial0 192.168.1.0/30 is subnetted, 3 subnets D 192.168.1.8 [90/21504000] via 192.168.1.6, 00:00:03, Serial1 [90/21504000] via 192.168.1.14, 00:00:03, Serial0 C 192.168.1.12 is directly connected, Serial0 C 192.168.1.4 is directly connected, Serial1
Now we can ping Router 2's Ethernet interface from Router 1:
Router1#ping 172.16.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms
Router 3's Ethernet interface is also now reachable from Router 1:
Router1#ping 172.16.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
9.3.2.1. Enabling route summarization on a specific interface
Route summarization can also be controlled at the interface level. On ethernet0, we can apply the following command to summarize any route we want:
interface ethernet0 ip summary-address eigrp 100 10.101.1.0 255.255.255.0
When advertised out ethernet0, the 10.101.1.0 summary route is given the administrative distance of 5, which supersedes other EIGRP routes. Consult Chapter 8 for more information on administrative distances.
9.3.3. EIGRP Authentication
EIGRP's authentication prevents unauthorized routers from injecting routes on the network. Here's an example that shows how to enable authentication. First, we create a key-chain, which is a series of passwords we are willing to accept. We specify that these passwords have an infinite lifetimei.e., they will never expire. After the keys are defined, we can enable EIGRP authentication. Here's a configuration that defines a key-chain named group1, and then uses this key-chain for EIGRP process 100:
interface ethernet0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 group1 ! key-chain group1 key 1 key-string authme1 accept-lifetime 00:00:00 1 jan 1999 infinite key 2 accept-lifetime 00:00:00 1 jan 1999 infinite key-string authme2 ! router eigrp 100 network 10.10.0.0
In this configuration, all EIGRP updates are subject to authentication, which requires the key authme1 or authme2. We used MD5 so the keys won't be transmitted in clear text.
9.3.4. EIGRP Metrics
EIGRP metrics are identical to IGRP metrics, including the K values in the metric equation. The only difference between the two is that EIGRP's metric is multiplied by 256, which makes it a 32-bit integer instead of a 24-bit integer. Consult "IGRP'S metric" earlier in this chapter for more information on the metric calculation.
9.3.5. Tuning EIGRP
By default, EIGRP allows itself to use, at most, 50% of a link's maximum bandwidth. In some instances, you might want to change this value; for example, a change might be appropriate if for some reason you told a router that the link's bandwidth was something other than its actual bandwidth. To change the bandwidth usage, use the ip bandwidth-percent eigrp command. In this example, we change the bandwidth EIGRP can use to 65% (100 is the local-AS number, or process number, for the EIGRP process):
interface ethernet0 ip bandwidth-percent eigrp 100 65
Hello packets are sent out to discover new EIGRP devices. For most types of links, the default hello interval is five seconds. However, a longer interval might be appropriate for a slower link. To change the hello interval, use the ip hello-interval eigrp command:
interface ethernet0 ip hello-interval eigrp 100 10
By default, the time an EIGRP route is held is three times the hello interval (i.e., 15 seconds). Increasing the hold time can be beneficial if there is a great deal of latency on a network. However, changing the hold time is not generally recommended as a solution. The following command increases the hold time to 30 seconds:
interface ethernet0 ip hold-time eigrp 100 30
9.3.6. EIGRP show Commands
There are several show commands for EIGRP that are not available for other protocols. Here are some of the more useful commands.
9.3.6.1. show ip eigrp neighbors
This command shows us the EIGRP neighbors that our router knows about. On our network, Router 1 sees Routers 2 and 3. The Interface column shows which interface received the hello from the neighbor. Hold shows the hold time (in seconds) that the router waits to hear from the neighbor before declaring the neighbor down. Uptime is the amount of time elapsed since we first learned of this neighbor. Smooth Round Trip Time (SRTT) is the number of milliseconds it takes for the router to send an EIGRP packet to the neighbor and for the neighbor to respond. RTO indicates the retransmission timeout, which is the time (in milliseconds) that the router will wait before retransmitting a packet to the neighbor. Q Cnt is the number of queued EIGRP packets that the router is waiting to send. Finally, Seq Num shows the sequence number of the last packet received from the neighbor:
Router1#show ip eigrp neighbors IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 1 192.168.1.14 Se0 11 15:40:05 32 1164 0 7 0 192.168.1.6 Se1 10 15:40:22 434 2604 0 9
The EIGRP neighbor counters can be cleared with the command:
clear ip eigrp neighbors
Logging can be enabled with the following command:
eigrp log-neighbor-changes
Any neighbor changes are written to a log file, which means that you must have a valid syslog configuration if you enable logging.
9.3.6.2. show ip eigrp topology
This command gives us the router's view of the EIGRP network topology. Each entry in the topology has an associated state, which can be Passive, Active, Update, Query, Reply, or Reply Status. Passive means that no EIGRP computations are being used. Active means that EIGRP is performing calculations for this destination. Update, Query, and Reply simply mean that a packet of the indicated type has been sent to the destination. Reply Status means that a reply packet has been sent and the router is waiting for a reply.
The last piece of information needed to decode this table is feasible distance (FD). This number is used in the feasibility calculation. For each entry, the FD number is followed by a slash (/) and another number. The second number is the reported distance of the neighbor. If the reported distance is less than the feasible distance, that path becomes the feasible successor for the route.
Router1#show ip eigrp topology IP-EIGRP Topology Table for process 100 Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 192.168.1.8/30, 2 successors, FD is 21504000 via 192.168.1.14 (21504000/20992000), Serial0 via 192.168.1.6 (21504000/20992000), Serial1 P 192.168.1.12/30, 1 successors, FD is 20992000 via Connected, Serial0 P 192.168.1.4/30, 1 successors, FD is 20992000 via Connected, Serial1 P 172.16.1.0/24, 1 successors, FD is 281600 via Connected, Ethernet0 P 172.16.2.0/24, 1 successors, FD is 21017600 via 192.168.1.6 (21017600/281600), Serial1 P 172.16.3.0/24, 1 successors, FD is 21017600 via 192.168.1.14 (21017600/281600), Serial0
9.3.6.3. show ip eigrp traffic
This command simply outputs the hellos, updates, queries, replies, and acks that the EIGRP routing process has sent. For each type of packet, the first number is the number sent and the second number is the number received.
Router1#show ip eigrp traffic IP-EIGRP Traffic Statistics for process 100 Hellos sent/received: 24728/24704 Updates sent/received: 23/19 Queries sent/received: 1/1 Replies sent/received: 1/1 Acks sent/received: 12/15
9.3.7. EIGRP Redistribution
On a multiprotocol network, you need to define default metrics to handle routes redistributed into EIGRP from other protocols.
9.3.7.1. RIP
Redistributing RIP into EIGRP is as easy as defining the default metric for the incoming RIP routes. Here's an example:
! Define the RIP process router rip network 192.168.1.0 ! Define the EIGRP process and include the learned RIP routes router eigrp 100 network 10.0.0.0 default-metric 1000 250 255 1 1500 redistribute rip
This is almost identical to the earlier example that showed how to redistribute RIP routes into IGRP. That shouldn't be surprising, since IGRP and EIGRP use the same metric computation. We are redistributing in only one direction in this examplefrom RIP into EIGRP. You must be careful when redistributing in both directions, in which case you'll want to filter the routers to prevent routing loops. See Chapter 8 for an example.
9.3.7.2. IGRP
When mixing IGRP and EIGRP on a router, redistribution is automatic if the process numbers for the RIP and EIGRP routing processes are the same. If they are different, you must use the redistribute command. In this example, redistribution occurs automatically because both routing protocols use the same process number (100):
! Define the IGRP routing process router igrp 100 network 10.0.0.0 ! Define the EIGRP with same number as IGRP so the redistribution between ! the two is automatic router eigrp 100 network 10.0.0.0
In the next example, the routing process numbers differ, so route redistribution is not automatic and we need to use the redistribute command. Since both IGRP and EIGRP use the same metrics, the default-metric command is not required.
! Define the IGRP routing process router igrp 100 network 10.0.0.0 ! Define the EIGRP process and redistribute the igrp routes router eigrp 109 network 10.0.0.0 redistribute igrp 100
9.3.8. Converting an IGRP Network to EIGRP
It's simple to convert a network from IGRP to EIGRP using an incremental approach. In the previous examples, we showed how EIGRP and IGRP share routes automatically if they share the same process numbers. Using this fact, any IGRP network can be converted to EIGRP incrementally, without much downtime.
Figure 9-4 shows a simple network of 10 routers using IGRP. We start the conversion by picking a place to begin. We will start with Router 1, which is the center of the network. We pick this router because, as we convert the other networks, it will pull in routes and redistribute them for us.
Figure 9-4. An IGRP network to be converted to EIGRP
By enabling IGRP and EIGRP on Router 1, we can slowly migrate Networks 1, 2, and 3 to EIGRP. First we configure Router 1:
router igrp 100 network 10.0.0.0 router eigrp 100 network 10.0.0.0
Now we start with the other networks. Let's start with Network 3, which consists of Routers 5, 6, and 7. We implement the same configuration on each:
router igrp 100 network 10.0.0.0 router eigrp 100 network 10.0.0.0
Once all three routers have this configuration, we remove all IGRP commands. Now Network 3 is using EIGRP exclusively. The process is repeated for Networks 1 and 2. When you have reconfigured all three networks (Routers 2-10), you can remove the IGRP commands from Router 1. At this point, none of the other routers are running IGRP, so running IGRP on Router 1 is only wasting CPU power. We are left with a network that is 100% EIGRP.