EIGRP Part 2

Submitted by rayc on Mon, 11/22/2021 - 21:24

Now that I've discussed the ins and outs of how EIGRP works, let's talk about the configuration of EIGRP.

Cisco routers support two methods of configuring EIGRP. There is the traditional method that supports IPv4 only, and the named EIGRP method that supports both IPv4 and IPv6 route using address families. Both the traditional and Named EIGRP configurations are backwards compatible with each other so you can configure each router in your topology in either method without any issues. 

Looking at the below topology we have 7 routers inside two different EIGRP ASNs. R1, R2, and R4 are in ASN 100, R5, R6 and R7 are in ASN 150 and R3 is part of both ASN100 and ASN150. By default, an EIGRP router will not redistribute routes between ASN's. There are a few methods to get around this including redistribution which I will go through.

EIGRP Part 2 topology

I will show you how to configure both Traditional and Named EIGRP in this topology but I will start with Traditional EIGRP configuration on R1. The first step is to enable EIGRP and tell the router what ASN to use. To do this, you use the global configuration command router eigrp <asn>. The ASN can be a number from 1 to 65535.Once we have configured the router in EIGRP ASN 100, I will configure the routers EIGRP router ID. This isn't necessary as EIGRP will choose one by default as the numerically highest IP address configured on the router. To manually configure the router id use the eigrp router configuration subcommand eigrp router-id <IP>.

Configuring R1 in EIGRP ASN 100 and the router-id

Now that we have the router running EIGRP and the router-id configured, we need to tell the router which interfaces to send EIGRP messages on. We do this using the eigrp router configuration subcommand network <network> <wild-card-mask>. The biggest misconception here is that the network command tells the router exactly what prefixes to advertise. This is not the case, the network command tells the router to start sending EIGRP messages and attempt to form an EIGRP neigbhour relationship on any interface that has an IP address configured in the range specified. Looking at R1 above, we have 3 methods to use to configure the network command:

  • We could use a blanket statement to enable ALL interfaces regardless of IP address using the command network 0.0.0.0.
  • We could configure two statements and summarise the 10.1.X.X networks using the commands network 1.1.1.0 0.0.0.255, and also network 10.1.0.0 0.0.255.255
  • We can also specify exact IP addresses of interfaces we want to enable EIGRP on using the network commands network 1.1.1.1 0.0.0.0, network 10.1.12.1 0.0.0.0 and lastly network 10.1.14.1 0.0.0.0.

 

Why you might as would we want to enter in more commands than we have to? Well it has to do with security. If we blanket enable EIGRP on all interfaces, then all interfaces are capable of establishing a neighbour relationship. If a malicious user came along and managed to form a neighbour relationship, they could essentially Man-In-the-Middle attack your network. There are ways around this by using passwords or configuring passive interfaces but it is best practice to configure each IP specifically. In saying that, I'm going to use the blanket network 0.0.0.0 statement on R1.

R1 configuring the network statement

We can now verify that EIGRP is running and the correct interfaces are participating in EIGRP. To verify that EIGRP is running use the show command show ip protocols and to view the interfaces that EIGRP is enabled on use the show command show ip eigrp interfaces.

R1 show ip proto and show ip eigrp interfaces output

Let's now go ahead and configure R2. I will use the same traditional method of configuring EIGRP on R2, but will use the two network statements and summarise the 10.1.X.X networks. 

Configuring R2 for EIGRP

Notice that quickly after enabling EIGRP on the 10.1.x.x networks, the neighbour relationship came up. Now let's configure R4 using traditional EIGRP again, but using the specific IP addresses in the network command.

R4 EIGRP configuration

I have already configured R5, R6 and R7 using named EIGRP but I will go through the configuration of named EIGRP on R3. When configuring named EIGRP, you first need to specify the Virtual EIGRP instance name using the global configuration command router eigrp <name>. Once you have configured the EIGRP Virtual Instance, you then need to specify the address family tpye (IPv4, or IPv6) and the ASN using the named eigrp router configuration subcommand address-family <ipv4|ipv6> unicast autonomous-system <asn>. Because R3 is participating in both EIGRP ASN 100 and 150, we will need to configure two address family entries. I'll configure ASN 100 first. 

Configuring named EIGRP on R3

Now for the next part, we need to decide which interfaces will participate in the EIGRP ASN 100 and 150. For this example, R3's G1/0 and S6/1 interfaces are in ASN100 and the S6/0 and G2/0 interfaces are in ASN 150. I will make the loopback interface in both ASN 100 and 150. Enabling interfaces in named EIGRP is the same as with traditional EIGRP configuration. You simply specify the network <network> <wild-card-mask> command. Because we are enabling specific interfaces, I will use the network statements with an exact match wild card. 

Configuring R3's network statements for EASN 100

Straight away you can see that the neighbours came up for ASN 100 before I could even finish typing the commands in. Now let's go ahead and configure ASN 150. To do that, we need to create another named EIGRP instance and specify another address family using the same command above but with the ASN of 150. I'll call this instance WRMEM150. This time I will specify the IP addresses for the S6/0 and G2/0 interfaces, and again enable the loopback 3.3.3.3/32 interface for EIGRP in ASN 150 as well.

Configuring EIGRP ASN 150 on R3

Again, we can instantly see that the EIGRP neighbour relationships came straight up.

Advertising a Default Route

As I mentioned earlier, routes are not redistributed by default between EIGRP ASN's so at the moment, R3 is the only router in our network that has a complete routing table of all routes in the network. We can verify this by looking at the routing table of R1, R3 and R7 for instance.

route table output of R1, R3 and R7

As you can see, R1 only knows about routes inside the ASN 100 and R7 only knows routes inside ASN 150. There are a couple of ways to resolve this issue and one, is by advertising a default route into the ASN from R3. This can be done in one of two ways. You can configure a static route on R3 and redistribute static routes into the ASN, or you can use the interface configuration subcommand ip summary-route eigrp <asn> <network> <mask> to advertise a default route. First, I'll configure a static default route on R3 and redistribute it into ASN 100 and 150 to show how this works, then i'll use the summary-address command to show this as well.

To redistribute a static route, you first need to configure the static route and have it in the RIB on R3. Because this is a default route and R3 has full knowledge of our network, I will create a static route to the null0 interface on R3 using the global configuration command ip route 0.0.0.0 0.0.0.0 null0. Then in named EIGRP instance WRMEM and WRMEM150, I will configured redistribution of static routes using the topology base named EIGRP configuration subcommand redistribute static. In traditional EIGRP, the redistribute static command is entered straight after entering the router eigrp configuration mode. 

redistribution of static null0 route on R3

Now, if we check the route table of R1, we should see an EIGRP external (denoted by the D*EX) route for 0.0.0.0/0 and we should now be able to ping 7.7.7.7 on R7. 

Confirming the default route and confirming connectivity to R7

Okay, so now I will remove the static default route and the redistribution, and configure the summary address command for all interfaces on R3 using the named EIGRP af-interface configuration subcommand summary-address <network> <mask>. If you are using traditional EIGRP, this command needs to be done under the interface configuration using the command ip summary-address eigrp <asn> 0.0.0.0 0.0.0.0.

Configuring summary-address using named EIGRP on R3

Configuring summary-address for traditional EIGRP:

Configuring the summary-address command on R3 interfaces

Now, once again we can see the External EIGRP route for 0.0.0.0/0 on R1 and we can ping R7's loopback interface 7.7.7.7 again.

Confirming the summary-address command worked

Route Redistribution

Another way to advertise the routes, is to use route redistribution similarly to how the static route was redistributed, however instead of redistributing the static route, we are redistributing all routes from within the other EIGRP ASN. To redistribute routes into the EIGRP ASN you use the redistribute <protocol> <ASN|process-ID> command. You can modify the route attributes as they are redistributed into EIGRP, but for this article, I will only be doing a basic route redistribution. In named EIGRP, the route redistribution command is done under the topology base subconfiguration mode and in traditional EIGRP configuration, it is done straight under the router eigrp <ASN> configuration mode.

Configuring route redistribution on R3 for EIGRP ASN 100 and 150
If we now take a look at the route table on R7, we should see all of the routes from EIGRP ASN 100 showing as EX external EIGRP routes.

route table output of R7 after route redistribution

These routes are all ECMP routes as the path from R7 to R3 is equal cost as well due to both having a Serial interface in the path and both being the same number of hops away. You can alter the metrics of a route that is redistributed into EIGRP but that's a topic for another day. 

EIGRP Timers

EIGRP uses hello messages in order to both establish and maintain neighbour relationships. By default hello messages are sent out every 5 seconds except for on T1 (1.544Mbps) or slower links in which case it is 60 seconds. EIGRP also has a hold timer. The Hold timer is used to determine if a neighbour is still there or not. By default, the hold timer is 3 times the Hello interval, 180 seconds for slow links and 15 for all other links. These timers however can be fine tuned for faster convergence or even slowed down if you wish to reduce traffic overhead. This is done on an interface by interface basis using the command ip hello-interval eigrp <ASN> <time-in-seconds>. The time value can be any time from 1 to 65535 seconds. Note that this does not change the hold time, and if you want to change the hold time you need to use the interface configuration subcommand ip hold-time eigrp <ASN> <time-in-seconds> where again, the time can be a range from 1 to 65535 seconds.

Configuring Hello and Hold timers on R1

If you change the hello and hold timers on one router, you should also change the values on all EIGRP  routers in your network to ensure that you don't have any issues with neighbours flapping due to hold timers. In saying that, it would appear that if the neighbour flaps due to changes of the hello/hold time on one side of the link, the timers are negotiated when they re-establish their neighbour relationship. I changed the timers on R2 to be 100 seconds for Hello messages and 300 for the Hold time. This caused the neighbour adjacency to flap and negotiation of the timers.

timer values post neighbour flap

When a router loses a route to a prefix, and there is no FS route, a DUAL calculation must occur. For this the router marks the route as active, and sends out a Query message to find a new Successor. I go through this process in more detail in EIGRP Part 1. The SIA timer is used when a router is waiting to hear a Reply from a downstream neighbour that it has sent a Query to. This timer is 3 minutes by default but can be changed using the eigrp router configuration subcommand timers active-time <time-in-min> for traditional EIGRP configuration or the topology base eigrp configuration subcommand timers active-time <time-in-min> for named EIGRP configuration. The time value can be between 1 and 65535 minutes. 

Configuring the active timer in EIGRP