In the previous post (lesson 43) I have laid the foundations related to EIGRP terminology. Without understanding those keywords and their meaning it is hard to implement and analyze the behavior of this routing protocol.
The basic implementation steps, like in case of other routing protocols we have learned so far, requires two major steps:
Also, worth noting here is that the command that starts the EIGRP process is followed by a number which is the Autonomous System number. Unlike OSPF which is the process ID and has local significance, AS number in EIGRP is important as it must match between the neighbors. Example of enabling EIGRP:
Number '1' is the Autonomus system number (between 1-65535) which must be the same on all EIGRP speaking routers in the domain.
The following list of parameters must match between EIGRP neighbors in order to successfully establish neighbor relationships:
Icons designed by: Andrzej Szoblik - http://www.newo.pl
Example 1
Example 2
Example 3
Example 4
They all achieve the same result: all interface become EIGRP-enabled.
EIGRP is partially a Distance Vector routing protocol. By default the automatic summarization to the class boundary takes place. The command that disables that behavior is: 'no auto-summary' used under EIGRP process.
EIGRP uses five different types of the packets to communicate. Three of them are reliable and must be acknowledged by the receiver. The EIGRP packets are as follows:
The last point I'd like to make relates to the ability of EIGRP to authenticate its packets. EIGRP currently (as of the time of writing this post) uses only one protocol which is MD5.
If you decide to configure authentication of EIGRP packets there are two major steps you must configure:
In the next post, I'm going to use this lesson's theory and put it into practice.
The basic implementation steps, like in case of other routing protocols we have learned so far, requires two major steps:
- Enable EIGRP process in the 'config' mode.
- Instruct EIGRP which interfaces should participate in the EIGRP domain.
- EIGRP-enabled interface begins to send EIGRP 'hello' packets in order to discover the neighbors. The address used to advertise these 'hello' packets is well-known, reserved multicast address: 224.0.0.10.
- EIGRP-enabled interface allow the EIGRP process to read the address and network mask configured on this interface and advertise this network or subnet out other EIGRP-enabled interfaces where the neighbor(s) has/have been discovered and the relationship has been formed with them.
Also, worth noting here is that the command that starts the EIGRP process is followed by a number which is the Autonomous System number. Unlike OSPF which is the process ID and has local significance, AS number in EIGRP is important as it must match between the neighbors. Example of enabling EIGRP:
router eigrp 1
Number '1' is the Autonomus system number (between 1-65535) which must be the same on all EIGRP speaking routers in the domain.
The following list of parameters must match between EIGRP neighbors in order to successfully establish neighbor relationships:
- Autonomous System number.
- K-Values (look at the previous lesson).
- If authentication is used both: the key number, the password, and the date/time the password is valid must match.
- The neighbors must be on common subnet (all IGPs follow this rule).
Pic. 1 - R3's
Example 1
!
router eigrp 1
network 172.31.0.0
!
Example 2
!
router eigrp 1
network 172.31.123.0 0.0.0.255
network 172.31.3.0 0.0.0.15
network 172.31.3.16 0.0.0.15
!
Example 3
!
router eigrp 1
network 172.31.123.0 0.0.0.255
network 172.31.3.0 0.0.0.255
!
Example 4
!
router eigrp 1
network 172.31.123.3 0.0.0.0
network 172.31.3.1 0.0.0.0
network 172.31.3.17 0.0.0.0
!
They all achieve the same result: all interface become EIGRP-enabled.
EIGRP is partially a Distance Vector routing protocol. By default the automatic summarization to the class boundary takes place. The command that disables that behavior is: 'no auto-summary' used under EIGRP process.
EIGRP uses five different types of the packets to communicate. Three of them are reliable and must be acknowledged by the receiver. The EIGRP packets are as follows:
- Hello (unreliable).
- Updates (reliable).
- Queries (reliable).
- Replies (reliable).
- Acknowledgement (unreliable.
The last point I'd like to make relates to the ability of EIGRP to authenticate its packets. EIGRP currently (as of the time of writing this post) uses only one protocol which is MD5.
If you decide to configure authentication of EIGRP packets there are two major steps you must configure:
- Configure a key chain with the parameters such as the password(s) and the date/time they are valid.
- Apply authentication method and the key chain on per-interface basis.
!
! Key Chain Configuration
!
R3(config)#key chain EIGRP
R3(config-keychain)#key 1
R3(config-keychain-key)#key-string S3cr3t!!!
R3(config-keychain)#key 1
R3(config-keychain-key)#key-string S3cr3t!!!
!
! Enabling authentication on F1/0 interface - EIGRP AS 1 here
!
R3(config-if)#ip authentication mode eigrp 1 md5
R3(config-if)#ip authentication key-chain eigrp 1 EIGRP
R3(config-if)#
!
R3(config-if)#ip authentication key-chain eigrp 1 EIGRP
R3(config-if)#
!
- 'EIGRP' - The name of the key chain in my configuration. It can be any name.
- 'key 1' - Number '1' must match be used on the neighbor's interface connected to R3's F1/0 interface.
- 'S3cr3t!!!' - is the password used as the key 1. Must match between neighbors.
- mode eigrp 1/ key-chain eigrp 1 - EIGRP AS number configured in the 'config' mode.
- Accept-lifetime - date/time in which EIGRP packets signed with the digest based on the key-string will be accepted by the receiving router.
- Send-lifetime - date/time in which EIGRP packets will be signed using the key-string specified. The digest will be attached to all EIGRP packet types.
In the next post, I'm going to use this lesson's theory and put it into practice.
No comments:
Post a Comment