Pages

CCNP ROUTE - EIGRP part 1

Links
http://cisco-cert.wikispaces.com/EIGRP+Command+Reference
About K-value http://blog.ipexpert.com/2010/03/03/eigrp-metric-k-values/

Manual changes which cause EIGRP neighbors to be reset:
 - Summary changes,
 - Metric component changes,
 - Route filter changes.




EIGRP QuickFacts
EIGRP routing updates are triggered only by a change in network topology (like interface up/down, router addremove), and not by change in interface load or reliability.

- By default, when manual route summarization is configured, EIGRP will not advertise the more specific route entries that fall within the summarized network entry. The leak-map <name> keyword can be configured to allow EIGRP route leaking wherein EIGRP allows specified specific route entries to be advertised in conjunction with the summary address.

 - manual summarized route will have the smallest metric of the specific routes

- You should not use the ip summary-address eigrp summarization command to generate the default route (0.0.0.0) from an interface. This causes the creation of an EIGRP summary default route to the null 0 interface with an administrative distance of 5. The low administrative distance of this default route can cause this route to displace default routes learned from other neighbors from the routing table. If the default route learned from the neighbors is displaced by the summary default route, or if the summary route is the only default route present, all traffic destined for the default route will not leave the router, instead, this traffic will be sent to the null 0 interface where it is dropped.


So K-values are verified ONLY when sending an update for some reason.

When EIGRP topology change detected (so route is lost), FSM do:
 - notify DUAL,
 - the neighbor adjacency is deleted,
 - remove all topology entries learned from that neighbor,
 - the feasible route is used if exists.

Delay is calculated as the sum of delays from source to destination in units of 10 microseconds.
Bandwidth is the lowest configured bandwidth of any interface along the route.

By default, the EIGRP for IPv6 process is in a shutdown state.
ipv6 unicast-routing
ipv6 router eigpr 1
eigrp router-id 1.0.0.0
no shutdown
By default, EIGRP uses only up to 50 percent of an interface’s bandwidth for EIGRP information. This prevents the EIGRP process from over-utilizing a link and not allowing enough bandwidth for the routing of normal traffic.
Router(config-if)# ip bandwidth-percent eigrp as-number   percent
Router(config-if)# ipv6 bandwidth-percent eigrp as-number   percent
Cisco IOS, by default, allows load balancing using up to four equal-cost paths; however, this can be modified. Using the maximum-paths router configuration mode command, up to 32 equal-cost routes can be kept in the routing table.
Router(config-router)# maximum-paths value
The value argument refers to the number of paths that should be maintained for load balancing. If the value is set to 1, load balancing is disabled.

EIGRP Overview
Enhanced Interior Gateway Routing Protocol (EIGRP) is an advanced distance vector, classless routing protocol that uses a complex metric based on bandwidth and delay.

The following are some features of EIGRP:
- advanced distance vector.
- classless routing protocol.
- Cisco proprietary.
- Fast convergence.
- Support for VLSM.
- Partial updates conserve network bandwidth.
- Support for IP, AppleTalk, and IPX.
- Support for all Layer 2 (data link layer) protocols and topologies.
- Sophisticated metric that supports load-balancing across unequal-cost paths .
- Use of multicast (and unicast where appropriate) instead of broadcasts.
- Support for authentication.
- Manual summarizatio- at any interface.
- Runs directly over IP, using protocol number 88 (RTP),
- Uses multicast 224.0.0.10 .

Transport IP        Protocol type 88 - RTP (does not use UDP or TCP).
Metric              Based on constrained bandwidth and cumulative delay by default, and optionally load and reliability.
Hello interval      Interval at which a router sends EIGRP Hello messages on aninterface.
Hold Timer Timer    Used to determine when a neighboring router has failed,
                             based on a router not receiving any EIGRP messages, including Hellos, in this timer period.

Update              Destination address Normally sent to 224.0.0.10, with retransmissions being sent to each neighbor’s unicast IP address. Can also be sent to the neighbor’s unicast IP address.
Full or partial updates Full updates are used when new neighbors are discovered; otherwise, partial updates are used.

Authentication         Supports MD5 authentication only.
VLSM/classless         EIGRP includes the mask with each route, also allowing it to support discontiguous networks and VLSM.
Route Tags             Allows EIGRP to tag routes as they are redistributed into EIGRP.
Next-hop field         Supports the advertisement of routes with a different next-hop router than the advertising router.
Manual route summarization Allows route summarization at any point in the EIGRP network.
Automatic Summarization EIGRP supports, and defaults to use, automatic route summarization at classful network boundaries.
Multiprotocol         Supports the advertisement of IPX and AppleTalk routes, and IPv6

Convergence
-
the overall process by which routers notice internetwork topology changes, communicate about those changes, and change their routing tables to contain only the best currently working routes. EIGRP converges very quickly even with all default settings.
EIGRP’s function is controlled by four key technologies:
- Neighbor discovery and maintenance: Periodic hello messages
- The Reliable Transport Protocol (RTP): Controls sending, tracking, and acknowledging EIGRP messages
- Diffusing Update Algorithm (DUAL): Determines the best loop-free route
- Protocol-independent modules (PDM): Modules are “plug-ins” for IP, IPX, and AppleTalk versions of EIGRP

EIGRP uses three tables:
- The neighbor table is built from EIGRP hellos and used for reliable delivery.
- The topology table contains EIGRP routing informatio- for best paths and loop-free alternatives.
- EIGRP places best routes from its topology table into the commo- routing table.

EIGRP terminology:
EIGRP metric - best is the lowest-cost route to destination.

FD (feasible distance) - is the lowest calculated metric to reach the destination network.FD is the metric listed in the routing table entry. FD = AD+LD.
AD (Advertised distance) or Reported Distance (RD) - an EIGRP neighbor's feasible distance to the same destination network.
LD (local distance) - the cost between the local router and the next-hop router.

Successor (S) is a neighboring router that is used for packet forwarding and is the least-cost route to the destination network. Multiple successors can exist if they have the same FD.
Feasibility condition (FC) is met when a neighbor's advertised distance (AD) to a network is less (NOT 'or equal') than the local router's feasible distance to the same destination network.
Feasible successor (FS) is a neighbor who has a loop-free backup path to the same network as the successor by satisfying the feasibility condition.


EIGRP Operation
1. Discover EIGRP Neighbors
2. Exchange Topology Information
3. Choose Best path vial DUAL
4. Neighbor and Topology Table Maintenance

Each EIGRP router forwards a copy of its IP routing table to all its adjacent EIGRP neighbors, as specified in its EIGRP neighbor table.
A recomputation occurs when the current route to a destination, the successor, goes down and there are no feasible successors for the destination.

A topology table entry for a destination can exist in one of two states: active or passive.
Route is considered passive when the router is not performing recomputation on that route.
A route is active when it is undergoing recomputation (in other words, when it is looking for a new successor).
Note that passive is the operational, stable state.

EIGRP supports several types of routes: internal, external, and summary.
Internal routes originate within the EIGRP autonomous system (AS).
External routes are learned from another routing protocol or another EIGRP autonomous system.
Summary routes are routes encompassing multiple subnets.

show ip eigrp topology - displays only the successors and feasible successors for IP routes
show ip eigrp topology all-links - displays all the IP entries in the topology table

Update process
■ When a neighbor first comes up, the routers exchange full updates, meaning the routers exchange all topology information.
■ After all prefixes have been exchanged with a neighbor, the updates cease with that neighbor if no changes occur in the network. There is no periodic reflooding of topology data.
■ If something changes–for example, one of the metric components change, links fail, links recover, new neighbors advertise additional topology information–the routers send partial updates about only the prefixes whose status or metric components have changed.
■ If neighbors fail and then recover, or new neighbor adjacencies are formed, full updates occur over these adjacencies.
■ EIGRP uses Split Horizon rules on most interfaces by default, which impacts exactly which topology data EIGRP sends during both full and partial updates.

Although EIGRP relies on the RTP process, network engineers cannot manipulate how it works.

EIGRP weakness - timers

In some cases, the interface state may stay “up/up” during times when the link may not be usable.
In such cases, EIGRP convergence relies on the Hold Timer to expire, which by default on LANs means a 15-second wait.

To optimize convergence, an engineer could simply reduce the Hello and Hold Timers, accepting  insignificant additional overhead, in return for shorter convergence times. These settings can be made per interface/subinterface, and per EIGRP process.
Or use BFD.
The Hold Timer does not have to be three times the Hello timer, but the 3:1 ratio is a reasonable guideline
interface Fastethernet0/1
ip hello-interval eigrp 9 2   ! router will send hello every 2 seconds in EIGRP AS 9
ip hold-time eigrp 9 6    ! neighbor will wait 6 seconds until consider this router neighbor dead in EIGRP AS 9
EIGRP Stuck-in-Active (SIA)
The EIGRP Stuck In Active, or SIA in short, means that the router is involved in a diffusing computation for a new path to some network, and this computation seems to be stalled because some expected replies have not arrived in a reasonable time.
In EIGRP, the diffusing computation is a process of asking the neighboring routers to assist in locating a replacement path to a network for which the usable path has been lost. In a diffusing computation, a router sends Query packets to its neighbors, informing them about its current distance from the destination, and asking them for their own distance. If the neighbor is not affected by the Query, it just sends a Reply packet right away with its own current distance to the destination. If the Query has affected the neighbor in such a way that it also lost the path to the destination (which could have happened if that router was using us as its next hop), it will send a Query on its own to its own neighbors. After sending a Query to its neighbors, a router must wait for Reply packets from all routers to arrive, and only then it can make the selection and start sending Replies itself. If, in this chain of events, any router has trouble getting all Reply packets its needs, the diffusing computation can not be completed, and the new path to the destination can not be established. This situation is called Stuck in Active, and is, to be honest, EIGRP's Achilles heel.
In well behaved networks, SIA states should not happen. They occur with, say, overloaded links, overutilized CPUs on routers, bugs in IOS, etc., but normally, they should not appear. By default, a SIA state is declared if the diffusing computation could not be completed in 3 minutes (180 seconds).
form  https://supportforums.cisco.com/discussion/12034081/what-does-eigrp-stuck-inactive-state-mean

If a EIGRP Reply is missing for 3 minutes, the router becomes stuck in active (SIA).
In that case, it resets the neighbor relationship with the neighbor that did not reply.
Three common causes for SIA routes are:
 - CPU or memory usage is so high on the neighbor that it cannot process the query or reply.
 - The link between the routers drops packets. Enough packets get through to maintain the neighbor relationship, but some queries or replies are dropped.
 - Unidirectional link, so the router never receives packets from its neighbor.
  • With EIGRP, if a router loses a route and it does not have an FS in the topology table, it sends out queries to neighboring routers to recompute a new route. This process puts the route in what is termed active state.
    • A route is considered passive when a router is not recomputing a new route.
  • To recompute a new route, the router sends out queries to all neighbors on interfaces other than the one used to reach the previous successor (a function of split horizon). The query inquires the other routers whether they have a route to a given destination.
    • If the receiving router has an alternative route, it replies back to the sending router letting it know about the alternative route and the query ends there.
    • If the receiving neighbor does not have a route, it queries all of its own neighbors asking for an alternative route.
    • The queries propagate through the network creating an expanding tree of queries.
    • When a router responds to the query, it stops propagating on that portion of the network. However, the query can still propagate in other portions of the network as the other routers attempt to find alternative paths.
  • When a route goes active, a reply must be received for every generated queries, otherwise it stay active the whole time.
  •  Stuck-in-Active 
    • If the router does not receive a reply to all outstanding queries within 3 minutes (default setting), the route goes on stuck-in-active (SIA) state.
    • To change the limit limit before an outstanding query is stuck in active state use the router configuration command:
      • timers active-time [time-limit | disabled], where time-limit is in minutes.
    • When a route goes on SIA state, the neighbor relationship between the router and the neighbors that failed to reply resets. This action causes a recomputation of all routes known from that neighbor and to re-advertise all the routes it knows about to that neighbor.
    • Many networks have implemented an erroneous approach of using multiple EIGRP autonomous systems in hopes of decreasing the chances of stuck-in-active route. This approach is somewhat simulating the effect of using OSPF areas.
      • There is an unintended result for doing this: If a query reaches the edge of the autonomous system, the original query is answered. However, the edge router then initiates a new query in the other autonomous system where the route can potentially go in stuck-in-active state.
      • Another misconception about autonomous system boundaries is that implementing multiple autonomous systems protects one AS from route flaps in another AS. However, if routes are redistributed between AS, route transitions form one AS are detected in another.
Preventing SIA Connections
  • Cisco IOS Software Release 12.1(5) introduced a new feature called Active Process Enhancement.
    • This feature enables an EIGRP router to monitor the progression of the search for a successor route and ensure that the neighbor is still reachable by using two new addition to the EIGRP packet header:
      • SIA – Query
      • SIA – Reply
    • The result is improved network reliability by reducing unintended termination of neighbor adjacency.
With the Active Process Enhancement feature,  router (with an SIA-Query) queries neighbor at the midway point of the active timer (one and a half minutes by default) about the status of the route.
After validation, router (asking) does not terminate the neighbor relationship.

R2# show ip eigrp topology active
IP-EIGRP Topology Table for process 1
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status
A 10.1.2.0 255.255.255.0, 1 successors, FD is 2733056 1 replies,
active 0:00:38, query-origin: Multiple Origins
!--- The output above will appear on one line.
   via 10.1.4.3 (Infinity/Infinity), r, Serial0, serno 1232
   via 10.1.6.5 (Infinity/Infinity), Serial1, serno 1227
The output above tells you that EIGRP has been active for 10.1.2.0/24 for 38 seconds, has queried two neighbors, and is still waiting on a reply from 10.1.4.3.
The lowercase r indicates that the router is waiting for a reply to a query.
A capital R indicates that it received a reply from this neighbor.
Depending on the state of the topology table when you issue this command, you can also see the neighbor in a separate section called “Remaining Replies.”

Once you identify from which router EIGRP is awaiting a response, you can Telnet to that router to determine for what EIGRP is waiting. This process should eventually lead to the actual router that is not responding to queries. Once you identify this router, troubleshoot why it is not responding to queries. Several common reasons are explained below.

EIGRP Messages
EIGRP uses 5 message types to initiate and maintain neighbor relationships, and to maintain an accurate routing table. It is designed to conserve bandwidth and router resources by sending messages only when needed and only to those neighbors that need to receive them.

Packet Types
EIGRP uses five packet types:
1) Hello: Identifies neighbors and serves as a keepalive mechanism,  (contains ASN, hold time, auth, K values)
2) Update: Reliably sends route information (only to affected routers)
3) Query: Reliably requests specific route information
4) Reply: Reliably responds to a query
5) ACK: Acknowledgment (Hello packet with null message)

EIGRP Packets with Wireshark:  http://jesin.tk/demystifying-eigrp-message-types-wireshark/

(pdf version https://www.dropbox.com/s/4irfe037zlg4ij5/Demystifying%20EIGRP%20message%20types%20with%20Wireshark%20.pdf )

Hello packets - Used for neighbor discovery and to maintain neighbor adjacencies.
    Sent with unreliable delivery
    Multicast (on most network types)


Acknowledgment packets - Used to acknowledge the receipt of an EIGRP message that was sent using reliable delivery.
    Sent with unreliable delivery
    Unicast

Update packets - Propagates routing information to EIGRP neighbors.
    Sent with reliable delivery
    Unicast or multicast

Query packets - Used to query routes from neighbors.
    Sent with reliable delivery
    Unicast or multicast

Reply packets - Sent in response to an EIGRP query.
    Sent with reliable delivery
    Unicast

EIGRP uses the terms partial and bounded when referring to its updates.
The term partial means that the update only includes information about the route changes.
The term bounded refers to the propagation of partial updates that are sent only to those routers that the changes affect.
By sending only the routing information that is needed, only to those routers that need it, EIGRP minimizes the bandwidth that is required to send EIGRP updates.


Although “reliable” is part of its name, RTP includes both reliable delivery and unreliable delivery of EIGRP packets, similar to TCP and UDP, respectively. Reliable RTP requires an acknowledgment to be returned by the receiver to the sender. An unreliable RTP packet does not require an acknowledgment. For example, an EIGRP update packet is sent reliably over RTP and requires an acknowledgment. An EIGRP Hello packet is also sent over RTP, but unreliably. This means that EIGRP Hello packets do not require an acknowledgment.
RTP can send EIGRP packets as unicast or multicast.
 - Multicast EIGRP packets for IPv4 use the reserved IPv4 multicast address 224.0.0.10.
 - Multicast EIGRP packets for IPv6 are sent to the reserved IPv6 multicast address FF02::A.

The acknowledgment to a query is a reply.
If a reliable packet is not acknowledged, EIGRP periodically retransmits the packet to the nonresponding neighbor as a unicast. EIGRP has a window size of one, so no other traffic is sent to this neighbor until it responds. After 16 unacknowledged retransmissions, the neighbor is removed from the neighbor table.

Note: Many courses and books over the years have stated that MTU is part of the EIGRP metric.
In practice, the MTU has never been part of the metric calculation, although it is included in the topology data for each prefix.

Update message contains:
- Prefix (network and mask),
- Cumulative (total) delay along path,
- Minimum bandwidth along path (EIGRP choose lower),
- load (highest value), reliability (lowest value),
- MTU (EIGRP choose lower),
- hop count (each router add 1).

show interfaces and show ip eigrp topology

Neighbor Discovery and Route Exchange
RTP supports an intermixed transmission of multicast and unicast packets.
Multicast - on initial route exchange (to all neighbors).
Unicast - specific neighbor route exchange.
If the RTO expires before an ACK packet is received, the EIGRP process retransmits another copy of the reliable packet, up to a maximum of 16 times or until the hold time expires.
The retransmission occurs each time the RTO expires.

To form an EIGRP adjacency, all neighbors use their primary address as the source IP address of their EIGRP packets.
When EIGRP first starts, it uses hellos to build a neighbor table. Neighbors are directly attached routers that have a matching AS number and k values. (The timers don’t have to agree.) The process of neighbor discovery and route exchange between two EIGRP routers is as follows:
Step 1. Router A sends out a hello.
Step 2. Router B sends back a hello and an update. The update contains routing information.
Step 3. Router A acknowledges the update.
Step 4. Router A sends its update.
Step 5. Router B acknowledges.
When two routers are EIGRP neighbors, they use hellos between them as keepalives. Additional route information is sent only if a route is lost or a new route is discovered. A neighbor is considered lost if no hello is received within three hello periods (called the hold time). The default hello/hold timers are as follows:
- 5 seconds/15 seconds (LAN) for multipoint circuits with bandwidth greater than T1 and for point-to-point media
- 60 seconds/180 seconds (WAN) for multipoint circuits with bandwidth less than or equal to T1

The exchange process can be viewed using debug ip eigrp packets, and the update process can be seen using debug ip eigrp.
The neighbor table can be seen with the command show ip eigrp neighbors.

Frame-relay issues:
 - point-to-point subinterface (links acting like point-to-point links from a Layer 3 perspective) - no problems with Split Horizon.
 - multipoint subinterfaces (single subnet) - need no ip split-horizon eigrp <asn> on interface Serial0/0/0.9 multipoint

More info:
 - http://packetlife.net/blog/2008/nov/03/disabling-split-horizon/
 - http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13681-eigrpfaq.html
Q. Why are routes received from one neighbor on a point-to-multipoint interface that runs EIGRP not propagated to another neighbor on the same point-to-multipoint interface?

A. The split horizon rule prohibits a router from advertising a route through an interface that the router itself uses to reach the destination. In order to disable the split horizon behavior, use the no ip split-horizon eigrp as-number interface command. Some important points to remember about EIGRP split horizon are:
 - Split horizon behavior is turned on by default.
 - When you change the EIGRP split horizon setting on an interface, it resets all adjacencies with EIGRP neighbors reachable over that interface.
 - Split horizon should only be disabled on a hub site in a hub-and-spoke network.
 - Disabling split horizon on the spokes radically increases EIGRP memory consumption on the hub router, as well as the amount of traffic generated on the spoke routers.
 - The EIGRP split horizon behavior is not controlled or influenced by the ip split-horizon command.
For more information on split horizon and poison reverse, refer to Split Horizon and Poison Reverse. For more information on commands, refer to EIGRP Commands.


On NBMA (Frame-relay) Updates cannot be multicasted at Layer 2. So, the router must send a copy of the Update to each reachable neighbor.
The engineer can adjust this percentage using the ip bandwidth-percent eigrp <asn> percent interface/subinterface subcommand. (IOS queues the EIGRP messages in memory, delaying them briefly)
General recommendation: Set the bandwidth of multipoint subinterfaces to around the total CIR for all VCs assigned to the subinterface.

Configuring Static EIGRP Neighbors 
To define a neighbor, both routers must configure the EIGRP router subcommand
neighbor <ip-address> <outgoing-interface>
network command is also needed
With static neighbor definitions for the two routers, EIGRP messages would be sent as unicasts to each of the two neighbors, with no EIGRP messages sent to the eight non-EIGRP routers, reducing overhead. (Frame-relay for example).
Keeping in mind the design goal for this feature—to reduce multicasts—IOS disables all EIGRP multicast packet processing on an interface when an EIGRP neighbor command has been configured. (no dynamic neighbors can be either discovered or continue to work if already discovered)

The show ip eigrp neighbors command does not identify a neighbor as static, but the show ip eigrp neighbors detail command does.
Internal EIGRP routes are identified with a D in the far left column. (External EIGRP routes, not shown in this example, are identified with a D EX in the far left column.)


EIGRP Route Selection

An EIGRP router receives advertisements from each neighbor listing the advertised distance (AD) and feasible distance (FD) to a route. The AD is the metric from the neighbor to the network. FD is the metric from this router, through the neighbor, to the destination network.

EIGRP Metric
 or simplier 

Metric = 256 * [    10^7 / Min_Bandwidth   +    Total_Delay  ] 

or
Metric  = 256* (10mbit / Min_Bandwith + total_delay)


The k values are constants. 

Their default values are k1 = 1, k2 = 0, k3 = 1, k4 = 0, and k5 = 0.
If k5 = 0, the final part of the equation (k5 / [rel + k4]) is ignored (not = 0).

metric weights tos k1 k2 k3 k4 k5   - allow the tuning of the IGRP or EIGRP metric calculations.
defaults:  tos= 0    k1=1    k2=0     k3=1   k4=0   k5=0

tos - Type of service must always be zero

Cisco recommends not using k-values k2, k4, and k5, because a nonzero value for these parameters causes the metric calculation to include interface load and reliability (causes EIGRP to reflood topology data, and may cause routers to continually choose different routes (route flapping)).

BWmin - is the minimum bandwidth along the path—the choke point bandwidth (in kbps).
Delay values are associated with each interface. The sum of the delays (in tens of microseconds) is used in the equation.

Interface    Bandwidth (Kbps)  Delay (Microseconds)
Serial       1544              2000  (200 x 10microseconds)
Ethernet     10,000            1000  (100 x 10microseconds)
FastE        100,000           100  (10 x 10microseconds)
GigE         1,000,000         10  (1 x 10microseconds)
Loopback     8,000,000         5000  (500 x 10microseconds)

EIGRP metric calculation example
Bandwidth (BW) is expresed in Kbps !!
Delay (DLY) is expressed in Interface delay devided by 10 !!


R2#sh ip eig top
IP-EIGRP Topology Table for AS(1)/ID(2.2.2.2)

P 1.1.1.0/24, 1 successors, FD is 156160
        via 10.0.0.1 (156160/128256), FastEthernet0/0
P 1.1.2.0/24, 1 successors, FD is 156160
        via 10.0.0.1 (156160/128256), FastEthernet0/0
P 2.0.0.0/8, 1 successors, FD is 128256
        via Summary (128256/0), Null0
P 2.2.2.0/24, 1 successors, FD is 128256   <- directly connected loopback interface
        via Connected, Loopback2
P 3.3.3.0/24, 1 successors, FD is 158720    <- remote loopback interface
        via 10.0.0.1 (158720/156160), FastEthernet0/0
P 10.0.0.0/8, 1 successors, FD is 28160
        via Summary (28160/0), Null0
P 10.0.0.0/24, 1 successors, FD is 28160    <- directly connected FastEthernet interface
        via Connected, FastEthernet0/0
P 13.13.13.0/24, 1 successors, FD is 30720    <- 1hop-away FastEthernet  interface
        via 10.0.0.1 (30720/28160), FastEthernet0/0
R2#
loopback   BW 8'000'000 Kbit/sec (8'000 for EIGRP), DLY 5000 usec (500 for EIGRP),
FastEth        BW 100'000 Kbit/sec (100 for EIGRP), DLY 100 usec (10 for EIGRP),
metric = 256*(10M/BWmin-inKbps + sum_delay)

1) directly connected loopback interface   (2.2.2.0/24, 1 successors, FD is 128256)
FD = 256*(10M/8M + 500) = 256(1.25 + 500) = 256*501 = 128256

2) directly connected FastEthernet interface  (10.0.0.0/24, 1 successors, FD is 28160)
FD = 256*(10M/0.1M + 10) = 256(100+10) = 256*110 = 28160

3) 1hop-away FastEthernet  interface  (13.13.13.0/24, 1 successors, FD is 30720)
FD = 256*(10M/0.1M+10+10)=256(100+20)=256*120=30720

4) remote loopback interface (3.3.3.0/24, 1 successors, FD is 158720)
FD = 256*(10M/0.1M+10+10+500)=256(100+520)=256*620=158720

DELAY
Modifyng delay is typically the better choice for tuning, because bandwidth is used for many other reasons: calculating interface utilization, as the basis for several QoS parameters, and for SNMP statistics reporting.
EIGRP AD, FD Calculations
show ip eigrp topology - displays only the successors and feasible successors for IP routes
show ip eigrp topology all-links - displays all the IP entries in the topology table

Route is considered passive when the router is not performing recomputation on that route.
A route is active when it is undergoing recomputation (in other words, when it is looking for a new successor).
Note that passive is the operational, stable state.

Neighbor Requirements for EIGRP and OSPF
EIGRP Offset Lists - manipulate the EIGRP metrics (add a value–an offset to the calculated integer
metric for a given prefix).
offset-list {access-list-number | access-list-name} {in | out} offset [interfacetype interface-number]

! examine all EIGRP Updates received on S0/0/0.1,and if prefix 10.11.1.0 is found, add 3 to the computed FD and RD for that prefix
WAN1(config)#access-list 11 permit 10.11.1.0
WAN1(config)#router eigrp 1
WAN1(config-router)#offset-list 11 in 3 Serial0/0/0.1

EIGRP Configuration
EIGRP uses a concept of a representing each router with a router ID (RID). 
The EIGRP RID is a 32-bit number, represented in dotted decimal. Each router determines its RID when the EIGRP process starts, using the same general rules as does OSPF for determining the OSPF RID, as follows:
Step 1. Use the configured value (using the eigrp router-id <a.b.c.d> EIGRP subcommand).
Step 2. Use the highest IPv4 address on an up/up loopback interface.
Step 3. Use the highest IPv4 address on an up/up non-loopback interface.
Although EIGRP does require each router to have an RID, the actual value is of little practical importance. Duplicate RIDs do not prevent routers from becoming neighbors.

The only time the value of EIGRP RIDs matters is when injecting external routes into EIGRP. In that case, the routers injecting the external routes must have unique RIDs to avoid confusion.

Network statement is used only to activate EIGRP on specific interfaces (with IP addreses matches network statement)
1. Neighboring routers’ router eigrp <asn> commands must be configured with the same ASN parameter to become neighbors.
2. IOS enables only EIGRP on interfaces matched by an EIGRP network command.
   When enabled, the router does the following:

    a. Attempts to discover EIGRP neighbors on that interface by sending multicast EIGRP Hello messages    b. Advertises to other neighbors about the subnet connected to the interface
3. If no wildcard-mask is configured on the EIGRP network command, the command’s single parameter should be a classful network number (in other words, a class A, B, or C network number).
4. If no wildcard-mask is configured on the EIGRP network command, the command enables EIGRP on all of that router’s interfaces directly connected to the configured classful network.
5. If the network command includes a wildcard-mask, the router performs access control list (ACL) logic when comparing the net-id configured in the network command with each interface’s IP address, using the configured wildcard-mask as an ACL wildcard mask.

! enable EIGRP on all interfaces whose IP addresses begin with 10.1
network 10.1.0.0 0.0.255.255
! enable EIGRP on all interfaces with IP from classful (class A) network 99.0.0.0/8
network 99.0.0.0
! enable EIGRP on all interfaces
network 0.0.0.0
255.255.255.255
network 0.0.0.0
passive-interface  - a feature specifically created with this design requirement in mind. When an interface is passive, EIGRP does not send any EIGRP messages on the interface—multicasts or EIGRP unicasts—and the router ignores any EIGRP messages received on the interface. However, EIGRP still advertises about the connected subnets if matched with an EIGRP network command.

passive-interface default - essentially changes the default for an interface from not being passive to instead being passive. Then, to make an interface not passive, you have to use a no version of the passive-interface command for those interfaces.

EIGRP Authentication
EIGRP authentication causes routers to authenticate every EIGRP message. To do so, the routers should use the same preshared key (PSK), generating an MD5 digest for each EIGRP message based on that shared PSK. If a router configured for EIGRP authentication receives an EIGRP message, and the message’s MD5 digest does not pass the authentication checking based on the local copy of the key, the router silently discards the message.

MD5 provides authentication but does not provide confidentiality. The contents of routing protocol packets are not encrypted.

When sending EIGRP packets, the valid key with the lowest key number on the key chain is used.
It is recommended that for a given key chain, key activation times overlap to avoid any period of time for which no key is activated. If a time period occurs during which no key is activated, neighbor  authentication cannot occur, and therefore routing updates will fail.

The key string for a given key ID must be the same on neighboring routers and is case sensitive.
Optionally specify the time period during which this key will be accepted.
key chain <name>
 key <key-id>
 key-string <value>
ip authentication mode eigrp <asn> md5
ip authentication key-chain eigrp <asn> <name-of-chain>

! Chain “carkeys” will be used on R1’s Fa0/1 interface. R1 will use key “fred” for about a month, and then start using “wilma.”
key chain carkeys
  key 1
  key-string fred
  accept-lifetime 08:00:00 Feb 11 2009 08:00:00 Mar 11 2009
  send-lifetime 08:00:00 Feb 11 2009 08:00:00 Mar 11 2009
key 2
  key-string wilma
  accept-lifetime 08:00:00 Mar 11 2009 08:00:00 Apr 11 2009
  send-lifetime 08:00:00 Mar 11 2009 08:00:00 Apr 11 2009
! Next, R1’s interface subcommands are shown. First, the key chain is referenced using the ip authentication key-chain command,
! and the ip authentication mode eigrp command causes the router to use an MD5 digest of the key string.
interface FastEthernet0/1
  ip address 172.16.1.1 255.255.255.0
  ip authentication mode eigrp 9 md5
  ip authentication key-chain eigrp 9 carkeys
Verify
show clock
show ip eigrp neighbors

show key chain
debug eigrp packet
The key chain name and key number used on the two routers must match (gns lab shows only key number is true as neede the same)

EIGRP propagate default route
In EIGRP default routes cannot be directly injected (as they can in OSPF with the default-information originate command).
ip default-network <network-number>
The network (network-number) must be reachable by the router that uses this command before it announces it as a candidate default route to other EIGRP routers.

The network must either be an EIGRP-derived network in the routing table, or be generated with a static route and redistributed into EIGRP.
Router#show ip route
D*      172.31.0.0 [90/28672] via 10.0.0.2, 00:00:05, GigabitEthernet1/0
                   [90/28672] via 10.0.0.1, 00:00:05, GigabitEthernet1/0

* - flagged as a candidate default network
EIGRP does not redistribute the ip route 0.0.0.0 0.0.0.0 default route by default.
  
EIGRP will propagate default route:
1) redistribute from another protocol (BGP, OSPF) - in real networks
    P 0.0.0.0/0, 1 successors, FD is 131072000, RIB is 1024000, tag is 1212
           via Redistributed (131072000/0)


2) redistribute static (in router eigrp) +
"ip route 0.0.0.0 0.0.0.0 200.0.0.2" OR
"ip route 0.0.0.0 0.0.0.0 Null0" (
OR exit interface)
   D*EX 0.0.0.0/0 [170/284160] via 10.10.10.1, 00:00:01, FastEthernet0/0

3) network 0.0.0.0
(in router eigrp) + "ip route 0.0.0.0 0.0.0.0 Null0" is set to exit interface (and not next_hop_IP)

   D*   0.0.0.0/0 [90/28160] via 10.10.10.1, 00:00:06, FastEthernet0/0


4) 'ip summary-address eigrp 1 0.0.0.0 0.0.0.0 5' on interface facing Internal network (not ISP)
   D*   0.0.0.0/0 [90/30720] via 10.10.10.1, 00:01:21, FastEthernet0/0

5) 'ip default-network 172.16.0.0' 

   D*EX 200.0.0.0/8 [170/284160] via 10.10.10.1, 00:01:14, FastEthernet0/0
Network MUST be in RIB with Exact match (if
ip default-network 172.16.1.0, then 172.16.1.0/16 classfull must be in RIB'),
Network MUST be in EIGRP (known via EIGRP neighbor/redistribution/"network" command if directly connected

The ip default-network command will only mark a classful route as a default route. If you need to mark a subnet route (3.3.3.3/32 for example) as a default, the command generates a static route for the classful network. You can then redistribute that static route into EIGRP and mark that as a default with ip default-network command.

-This method comes from IGRP: network must be classfull A/B/C (if auto-summary is enabled),
-The ip default-network command will only mark a classful route as a default route. http://blog.ipexpert.com/2010/03/29/eigrp-ip-default-network-command/

-The reason why 'ip default-network' didn’t work with /32 mask, is because EIGPR’s auto-summary were on on all routers. In case of disabling this feature, default-network could advertise 172.16.1.1/32. 


EIGRP propagate default route - GNS3 Lab
!
router eigrp 1
network 0.0.0.0
!
! or
router eigrp 1
 network 4.0.0.0
 network 172.16.0.0
 network 172.31.0.0
 no auto-summary
!

! static route to Exit interface
ip route 0.0.0.0 0.0.0.0 fastEthernet 2/0
!
! not work if use any of:

ip route 0.0.0.0 0.0.0.0 172.31.0.1
ip default-network 172.31.0.0
!
EIGRP Scalability
You can make EIGRP more scalable. Two of the best options are the following:
■ Configure route summarization using the ip summary-address eigrp command on the outbound interfaces of the appropriate routers.
■ Configure the remote routers as stub EIGRP routers.
Other methods to limit query range include route filtering and interface packet filtering.

Limiting Query Range Using a Stub
Hub-and-spoke network topologies commonly use stub routing.
 In this topology, the remote router forwards all traffic that is not local to a hub router, so the remote router does not need to retain a complete routing table.    Generally, the hub router needs to send only a default route to the remote routers.
In a hub-and-spoke topology, having a full routing table on the remote routers serves no functional purpose because the path to the corporate network and the Internet is always through the hub router. In addition, having a full routing table at the spoke routers increases the amount of memory required.

The EIGRP stub feature was first introduced in Cisco IOS Release 12.0(7)T.

Only the remote routers are configured as stubs.
The stub feature does not prevent routes from being advertised to the remote router.
A stub router indicates in the hello packet to all neighboring routers its status as a stub router.
Any router that receives a packet informing it of its neighbor’s stub status does not query the stub router for any routes. Therefore, a router that has a stub peer does not query that peer.
Thus, it is important to note that stub routers are not queried. Instead, hub routers connected to the stub router answer the query on behalf of the stub router.

When using the EIGRP Stub Routing feature, you need to configure the distribution and remote routers to use EIGRP, and to configure only the remote router as a stub. Only specified routes are propagated from the remote (stub) router. The router responds to queries for summaries, connected routes, redistributed static routes, external routes, and internal routes with the message "inaccessible." A router that is configured as a stub will send a special peer information packet to all neighboring routers to report its status as a stub router.

The EIGRP stub routing feature also simplifies the configuration and maintenance of hub-and-spoke networks, improves network stability, and reduces resource utilization.

To configure a router as an EIGRP stub, router configuration command:
eigrp stub [receive-only | connected | static | summary | redistributed ]
A router configured as a stub with the eigrp stub command shares information about connected and summary routes with all neighbor routers by default.
The optional parameters in this command can be used in any combination, with the exception of the receive-only keyword.
If any of the keywords (except receive-only) is used individually, the connected and summary routes are not sent automatically.
eigrp stub receive-only - router will not announce any  connected, summary, and static routes.

! eigrp stub command will make Router1 announce only connected and summary routes
Router1(config)#router eigrp 1
Router1(config-router)#network 10.0.0.0
Router1(config-router)#eigrp stub
The EIGRP stub feature does not enable route summarization on the hub router. The network administrator should configure route summarization on the hub routers if desired. Cisco highly recommends using both EIGRP route summarization and EIGRP stub features to provide the best scalability.
If a true stub network is required, the hub router can be configured to send a default route to the spoke routers. This approach is the simplest and conserves the most bandwidth and memory on the spoke routers.

EIGRP STUBS EXAMPLE
R3(config-router)#eigrp stub ?
  connected      Do advertise connected routes
  leak-map       Allow dynamic prefixes based on the leak-map
  receive-only   Set IP-EIGRP as receive only neighbor
  redistributed  Do advertise redistributed routes
  static         Do advertise static routes
  summary        Do advertise summary routes
  <cr>


eigrp stub  = eigrp stub connected summary
eigrp stub connected    = send only connected, not summary/redistributed/static
eigrp stub receive-only = NOT send ANY routes


R3(config)#ip route 9.9.9.0 255.255.255.0 null0
R3(config-if)#ip summary-address eigrp 1 172.16.0.0 255.255.0.0
router eigrp 1
 redistribute static
 network 5.0.0.0
 network 10.0.0.0
 network 172.16.0.0
 no auto-summary


R3(config-if)#do sh ip rou
     5.0.0.0/24 is subnetted, 1 subnets
C       5.5.5.0 is directly connected, Loopback9
     172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D       172.16.0.0/16 is a summary, 00:04:42, Null0
C       172.16.1.0/24 is directly connected, Loopback0
C       172.16.2.0/24 is directly connected, Loopback1
     9.0.0.0/24 is subnetted, 1 subnets
S       9.9.9.0 is directly connected, Null0
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D       10.2.0.0/16 [90/2195456] via 10.2.3.4, 00:02:27, Serial0/0
C       10.2.3.0/24 is directly connected, Serial0/0


!!!  R3(config-router)#  NOT specified 'eigrp stub'
R4#sh ip route eigrp  | inc 10.2.3.3
D       5.5.5.0 [90/2297856] via 10.2.3.3, 00:00:04, Serial0/0
D    172.16.0.0/16 [90/2297856] via 10.2.3.3, 00:00:04, Serial0/0
D EX    9.9.9.0 [170/2169856] via 10.2.3.3, 00:00:04, Serial0/0
R4#

!!!  R3(config-router)# eigrp stub
R4#sh ip route eigrp  | inc 10.2.3.3
D       5.5.5.0 [90/2297856] via 10.2.3.3, 00:00:26, Serial0/0 !! connected
D    172.16.0.0/16 [90/2297856] via 10.2.3.3, 00:02:38, Serial0/0 !! summary
R4#

!!!  R3(config-router)# eigrp stub connected
R4#sh ip route eigrp  | inc 10.2.3.3
D       5.5.5.0 [90/2297856] via 10.2.3.3, 00:00:04, Serial0/0 !! connected
D       172.16.1.0 [90/2297856] via 10.2.3.3, 00:00:04, Serial0/0 !! connected
D       172.16.2.0 [90/2297856] via 10.2.3.3, 00:00:04, Serial0/0 !! connected
R4#

!!!  R3(config-router)# eigrp stub summary
R4#sh ip route eigrp  | inc 10.2.3.3
D    172.16.0.0/16 [90/2297856] via 10.2.3.3, 00:00:19, Serial0/0 !! summary
R4#

!!!  R3(config-router)# eigrp stub static
R4#sh ip route eigrp  | inc 10.2.3.3
D EX    9.9.9.0 [170/2169856] via 10.2.3.3, 00:00:04, Serial0/0
R4#


!!!  R3(config-router)#eigrp stub redistributed  => is AUTOmatically reconfigured by router:  eigrp stub connected summary redistributed
R4#sh ip route eigrp  | inc 10.2.3.3
D       5.5.5.0 [90/2297856] via 10.2.3.3, 00:00:25, Serial0/0
D    172.16.0.0/16 [90/2297856] via 10.2.3.3, 00:00:25, Serial0/0
D EX    9.9.9.0 [170/2169856] via 10.2.3.3, 00:00:25, Serial0/0
R4#

!!!  R3(config-router)#eigrp stub receive-only
R4#sh ip route eigrp  | inc 10.2.3.3
R4#


Graceful Shutdown
Graceful shutdown, implemented with the goodbye messagefeature, is designed to improve EIGRP network convergence.

With graceful shutdown, a goodbye message is broadcast when an EIGRP routing process is shut down, to inform adjacent peers about the impending topology change.
This feature allows supporting EIGRP peers to synchronize and recalculate neighbor relationships more efficiently than would occur if the peers discovered the topology change after the hold timer expired.
The goodbye message is supported in Cisco IOS Software Release 12.3(2), 12.3(3)B, and 12.3(2)T and later.
Interestingly, goodbye messages are sent in hello packets. EIGRP sends an interface goodbye message with all K values set to 255 when taking down all peers on an interface.
The following message is displayed by routers that support goodbye messages when one is received:
*Apr 26 13:48:42.523: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 10.1.1.1 (Ethernet0/0) is down: Interface Goodbye received
A Cisco router that runs a software release that does not support the goodbye message will misinterpret the message as a K value mismatch and therefore display the following message:
*Apr 26 13:48:41.811: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 10.1.1.1 (Ethernet0/0) is down: K-value mismatch
The receipt of a goodbye message by a nonsupporting peer does not disrupt normal network operation. The nonsupporting peer will terminate the session when the hold timer expires. The sending and receiving routers will reconverge normally after the sender reloads.

An EIGRP router will send a goodbye message on:
- an interface if the network command (under the EIGRP process) that encompasses the network on that interface is removed (with the no networkcommand).
- all interfaces if the EIGRP process is shut down (with the no router eigrpcommand).
An EIGRP router will not, however, send a goodbye message if an interface is shut down or the router is reloaded.



EIGRP Route Summarization
Auto-summary - when a router has multiple working interfaces, and those interfaces use IP addresses in different classful networks, the router advertises a summary route for each classful network on interfaces attached to a different classful network.

Discontiguous network - a single classful network in which packets sent between at least one pair of subnets must pass through subnets of a different classful network.

For classful routing protocols, the only solution is to not use discontiguous classful networks.

Summarizing routes at classful major network boundaries creates smaller routing tables.

Cisco distance vector routing protocols have autosummarization enabled by default.
EIGRP automatic summarization on the major network boundary can be turned on or off.

When the last specific route of the summary goes away, the summary route is deleted from the routing table.
It is important to note that the minimum metric of the specific routes is used as the metric of the summary route.When summarization is configured on a router’s interface, a summary route is added to that router’s routing table, with the route’s next-hop interface set to null0—a directly connected, software-only interface (this interface prevents the router from trying to forward traffic to other routers in search of a more precise, longer match, thus preventing traffic from looping within the network).

The number of subnets that can be represented by a summary route is calculated by the formula 2^n, where n equals the difference in the number of bits between the summary and subnet masks. 

The summarized subnet 10.1.8.0/21 is range from 10.1.8.0/24 through 10.1.15.0/24  (2^3).
R1#show ip protocols | in summarization
  Automatic network summarization is in effect

If you have discontiguous subnets, you need to disable autosummarization.
To turn off automatic summarization, use the no auto-summary router configuration command.  
An EIGRP router autosummarizes routes for only networks to which it is attached.

Manual creation of summary route on interface configuration, as long as a more specific route exists in the routing table.
ip summary-address eigrp <as-number> <address mask> [admin-distance]
!
int s0/0/0
ip address 192.168.4.2 255.255.255.0
ip summary-address eigrp 1 172.16.0.0 255.255.0.0
You can use the ip summary-address eigrp as-number 0.0.0.0 0.0.0.0 command to inject a default route to a neighbor, as an alternative to the methods described earlier, however the automatically generated route to null0 may cause problems in some topologies.

IP EIGRP summary routes are given an administrative distance value of 5. 

Manual summarization (summary route)  is configured per interface basis.
You will notice the EIGRP summary route with an administrative distance of 5 only on the local router that is performing the summarization (with the ip summary-address eigrp command), by using the show ip routenetworkcommand, where networkis the specified summarized route.

Local router

#
interface GigabitEthernet1/0
...
 ip summary-address eigrp 1 3.3.0.0 255.255.0.0 5
!

R3#sh ip route 3.0.0.0 longer-prefixes
     3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D       3.3.0.0/16 is a summary, 00:02:26, Null0
C       3.3.3.0/24 is directly connected, Loopback0

Remote router

R4#sh ip route 3.0.0.0 longer-prefixes
     3.0.0.0/16 is subnetted, 1 subnets
D       3.3.0.0 [90/131072] via 172.16.0.2, 00:00:53, GigabitEthernet1/0

EXAMPLE : R1  <-->  R2
R1#
10.0.0.0/24 is subnetted, 8 subnets
D    10.0.1.0 [90/2323456] via 10.0.1.4, 00:01:07, Serial0/0
D    10.0.2.0 [90/2323456] via 10.0.1.4, 00:01:07, Serial0/0
D    10.0.3.0 [90/2195456] via 10.0.1.4, 00:01:07, Serial0/0

R2# ip summary-address eigrp 99   10.0.0.0 255.255.0.0 5

R1# replace routes:
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D       10.0.0.0/16 [90/2195456] via 10.0.1.4, 00:01:42, Serial0/0
C       10.0.8.0/24 is directly connected, Serial0/0



EIGRP Troubleshooting

show ip protocols 

Lists the contents of the networkconfiguration commands for each routing process, and a list of neighbor IP addresses.
 
show ip eigrp interfaces

Lists the working interfaces on which EIGRP is enabled (based on the networkcommands); it omits passive interfaces.

show ip eigrp neighbors

show ip eigrp neighbor detail

Lists known neighbors; does not list neighbors for which some mismatched parameter is preventing a valid EIGP neighbor relationship.

 

show ip eigrp topology
displays only the successors and feasible successors for IP routes


show ip eigrp topology all-links
displays all the IP entries in the topology table

show ip route
Lists the contents of the IP routing table, listing EIGRP-learned routes with a code of D on the left side of the output.


debug eigrp packets
Displays the types of EIGRP packets sent and received. A maximum of 11 packet types can be selected for individual or group display.

debug ip eigrp
Displays packets that are sent and received on an interface. Because this command generates large amounts of output, use it only when traffic on the network is light.
 

debug ip eigrp summary
Displays IP EIGRP summary route processing.


debug eigrp neighbors
Displays neighbors discovered by EIGRP and the contents of the hello packets.