You want to run EIGRP on a simple network.

The following commands configure EIGRP on one router in a simple network:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Ethernet0
Router1(config-if)#ip address 192.168.20.1 255.255.255.0
Router1(config-if)#exit
Router1(config)#interface Serial0.1 point-to-point
Router1(config-subif)#ip address 172.25.2.2 255.255.255.252
Router1(config-subif)#exit
Router1(config)#router eigrp 55
Router1(config-router)#network 172.25.0.0
Router1(config-router)#network 192.168.20.0
Router1(config-router)#end
Router1#

Naturally, you need to configure the other routers in this network to also exchange routing information using EIGRP and the same process number (55). For example:

Router2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router2(config)#interface Serial0.1 point-to-point
Router2(config-subif)#ip address 172.25.2.1 255.255.255.252
Router2(config-subif)#exit
Router2(config)#router eigrp 55
Router2(config-router)#network 172.25.0.0
Router2(config-router)#end
Router2#

This example shows how simple the basic EIGRP configuration is. To get the standard default functionality, you only need to enable EIGRP and add at least one network statement. In the example, we have set the EIGRP process ID numbers on both routers to 55:

Router1(config)#router eigrp 55

This process ID number, which is sometimes referred to as an Autonomous System Number (ASN), is just an arbitrary number between 1 and 65,535. The only restriction is that all of the routers that will be exchanging interior routing information via EIGRP must be configured with the same process number. You can configure multiple EIGRP instances on the same router by specifying different process ID numbers, but the router will keep them separate unless you configure redistribution in between the processes.

As we discuss in Chapter 9, BGP attaches much greater significance to an ASN, using it to label the networks that a path passes through. In BGP, the ASN must be globally unique. The EIGRP process ID number, on the other hand, has no significance outside of the AS.

The network statements in EIGRP serve a dual role, both defining which networks this router will distribute, and which interfaces will take part in the routing protocol. So, the network 172.25.0.0 command in this example means that, if this router has any interfaces that are directly connected to subnets of 172.25.0.0, then it will inject this information into the routing protocol. It also means that it will try to find EIGRP neighbor routers through these same interfaces.

It is important to remember that while EIGRP is a classless routing protocol, the argument of the network statement is classful by default. This isn’t actually a problem, though, because you can separately prevent certain interfaces from taking part in the protocol, and you can define classless summarization of subnets along whatever boundaries you like. We will discuss these features in Recipe 7.6 and Recipe 7.7, respectively. There is also a classless version of the network command, which we will discuss later in this recipe.

The show ip protocols command allows you to look at the details of your EIGRP configuration:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: eigrp 55
  Automatic network summarization is in effect
  Automatic address summarization:
    192.168.20.0/24 for Loopback0, Serial0.1
    172.25.0.0/16 for Ethernet0
      Summarizing with metric 128256
  Maximum path: 4
  Routing for Networks:
    172.25.0.0
    192.168.20.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.2.1            90      00:01:49
  Distance: internal 90 external 170
Router2#

In this case, you can see that this router is using EIGRP process number 55 to redistribute routing information about 172.25.0.0 and 192.168.20.0. It also shows several other useful pieces of information, such as what filters this router applies when sending and receiving routes, what external information is redistributed into EIGRP, and what neighboring devices we exchange information with. Most of the parameters shown in this particular output reflect the default values for EIGRP, but throughout this chapter you will find other examples showing several different useful variations.

One of the most useful EIGRP commands is show ip eigrp neighbors:

Router1#show ip eigrp neighbors
IP-EIGRP neighbors for process 55
H   Address                Interface   Hold Uptime  SRTT   RTO   Q  Seq Type
                                       (sec)        (ms)        Cnt Num
0   172.25.2.1             Se0.1         13 00:00:01   1   2000  2  296
Router1#

By default, the router attempts to find adjacent routers on all interfaces included in your network statements. In this case, we see only one EIGRP neighbor router. The router will exchange routing information only with the active neighbors listed in this command.

The show ip route eigrp command lists the routes that have been learned through EIGRP:

Router1#show ip route eigrp
D    172.22.0.0/16 [90/2172416] via 172.25.2.1, 00:04:04, Serial0.1
     172.25.0.0/16 is variably subnetted, 6 subnets, 4 masks
D       172.25.25.6/32 [90/2300416] via 172.25.2.1, 00:04:04, Serial0.1
D       172.25.25.1/32 [90/2297856] via 172.25.2.1, 00:04:04, Serial0.1
D       172.25.1.0/24 [90/2172416] via 172.25.2.1, 00:04:04, Serial0.1
D       172.25.0.0/16 is a summary, 00:06:39, Null0
D    10.0.0.0/8 [90/4357120] via 172.25.2.1, 00:04:04, Serial0.1
Router1#

This output shows that we can reach the destination subnet 172.25.1.0/24 through the neighboring router at 172.25.2.1, which is connected through interface Serial0.1. This route has an EIGRP metric value of 2172416 and an administrative distance of 90. Please refer to Chapter 5 for a more detailed discussion of administrative distance.

Starting in IOS Version 12.0(4)T, Cisco added a netmask argument to the network command, following a similar syntax to the corresponding OSPF command. This gives greater control over which interfaces will take part in the protocol, as well as what networks will be distributed into EIGRP:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 55
Router1(config-router)#network 172.25.2.2 0.0.0.0
Router1(config-router)#network 192.168.20.0 0.0.0.255
Router1(config-router)#end
Router1#

Note that this command uses a wildcard rather than a netmask. So the first command specifies only the single address, 172.25.2.2/32, while the second command includes anything that is a subnet of 192.168.20.0/24.

The output of show ip protocols shows the change:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
    Serial0.1 filtered by (prefix-list) Inbound
  Default networks flagged in outgoing updates
  Default networks not accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: static, eigrp 55
  Automatic network summarization is not in effect
  Maximum path: 4
  Routing for Networks:
    172.25.2.2/32
    192.168.20.0/24
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.2.1            90      00:17:06
  Distance: internal 90 external 170
Router1#

This configuration can be slightly confusing because, for example, we have configured an EIGRP network statement for just the one address, 172.25.2.2/32. Looking at the actual interface you can see that while its IP address does match the configured address, it belongs to a larger subnet, 172.25.2.0/30. So, while we know that this will enable EIGRP for this interface, you might think that the router would advertise the host route, 172.25.2.2/32, instead of the whole subnet, 172.25.2.0/30. If you try it in practice, you will see that the router advertises the larger /30 subnet. This is usually the desired behavior. However, if you want something else, Recipe 7.2 shows how to filter routes with EIGRP.

Recipe 7.2; Recipe 7.6; Recipe 7.7; Chapter 5

You want restrict which routes EIGRP propagates through the network.

You can filter the routes that EIGRP receives on a particular interface (or subinter-face) using the distribute-list in command as follows:

Router2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router2(config)#access-list 34 deny 192.168.30.0
Router2(config)#access-list 34 permit any
Router2(config)#router eigrp 55
Router2(config-router)#distribute-list 34 in Serial0.1
Router2(config-router)#end
Router2#

EIGRP also provides a distribute-list out command that allows you to filter the routes that are sent out through a particular interface (or subinterface):

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#access-list 57 permit 172.25.1.0
Router1(config)#access-list 57 deny any
Router1(config)#router eigrp 55
Router1(config-router)#distribute-list 57 out Serial0/0.2
Router1(config-router)#end
Router1#

The best way to see the action of these distribute-list commands is to look at the routing tables both with and without the filters. In the example, this is how the routing table looked before we applied any distribute lists:

Router2#show ip route eigrp
D    192.168.30.0/24 [90/2300416] via 172.25.2.1, 00:00:06, Serial0.1
D    172.22.0.0/16 [90/2172416] via 172.25.2.1, 00:04:04, Serial0.1
     172.25.0.0/16 is variably subnetted, 6 subnets, 4 masks
D       172.25.25.6/32 [90/2300416] via 172.25.2.1, 00:04:04, Serial0.1
D       172.25.25.1/32 [90/2297856] via 172.25.2.1, 00:04:04, Serial0.1
D       172.25.1.0/24 [90/2172416] via 172.25.2.1, 00:04:04, Serial0.1
D       172.25.0.0/16 is a summary, 00:06:39, Null0
D    10.0.0.0/8 [90/4357120] via 172.25.2.1, 00:04:04, Serial0.1
Router2#

Then, after applying the inbound filter, you can see that network 192.168.30.0 is gone:

Router2#show ip route eigrp
D    172.22.0.0/16 [90/2172416] via 172.25.2.1, 00:00:08, Serial0.1
     172.25.0.0/16 is variably subnetted, 6 subnets, 4 masks
D       172.25.25.6/32 [90/2300416] via 172.25.2.1, 00:00:08, Serial0.1
D       172.25.25.1/32 [90/2297856] via 172.25.2.1, 00:00:08, Serial0.1
D       172.25.1.0/24 [90/2172416] via 172.25.2.1, 00:00:08, Serial0.1
D       172.25.0.0/16 is a summary, 00:08:42, Null0
D    10.0.0.0/8 [90/4357120] via 172.25.2.1, 00:00:08, Serial0.1
Router2#

You can use the show ip protocols command to see what filters have been applied to which interfaces, both inbound and outbound:

Router2#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
    Serial0.1 filtered by 34 (per-user), default is 34
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: eigrp 55
  Automatic network summarization is in effect
  Automatic address summarization:
    192.168.20.0/24 for Loopback0, Serial0.1
    172.25.0.0/16 for Ethernet0
      Summarizing with metric 128256
  Maximum path: 4
  Routing for Networks:
    172.25.0.0
    192.168.20.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.2.1            90      00:02:10
  Distance: internal 90 external 170
Router2#

The second example in the solution section of this recipe shows an outbound distribute list. It is difficult to see the effect of an outbound filter from the router that has the filter, so we will apply this filter to the neighbor device.

Look back at the output of the previous show ip route eigrp command to see what the routing table looked like before applying this filter. Then, after applying the outbound distribute-list command on the neighboring router, the routing table looks like this:

Router2#show ip route eigrp
     172.25.0.0/16 is variably subnetted, 4 subnets, 4 masks
D       172.25.1.0/24 [90/2172416] via 172.25.2.1, 00:03:56, Serial0.1
Router2#

Note that we have applied an extremely restrictive outbound route filter. This technique is often used in WAN situations where there is only one path from the remote site to the rest of the network. In such cases, it is often possible to send only a few summary routes, or perhaps even a single default route, 0.0.0.0/0.

Again, the show ip protocols command shows information about both the filters and the interfaces that they act on:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
    Serial0/0.2 filtered by 57 (per-user), default is 57
  Incoming update filter list for all interfaces is not set
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: eigrp 55
  Automatic network summarization is in effect
  Automatic address summarization:
    172.25.0.0/16 for FastEthernet0/1, Serial0/1
      Summarizing with metric 28160
    172.22.0.0/16 for FastEthernet0/0.1, Serial0/0.2, Loopback0
      Serial0/1
      Summarizing with metric 28160
    10.0.0.0/8 for FastEthernet0/0.1, Serial0/0.2, Loopback0
      FastEthernet0/1
      Summarizing with metric 3845120
  Maximum path: 4
  Routing for Networks:
    10.0.0.0
    172.22.0.0
    172.25.0.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    10.1.1.1              90      00:04:45
    172.25.1.7            90      00:04:45
    172.25.2.2            90      00:04:45
    172.22.1.4            90      00:04:45
  Distance: internal 90 external 170
Router1#

You can also use prefix lists to filter routes with EIGRP. This technique is most commonly used for filtering routes with BGP. Prefix lists do essentially the same thing as the access lists that we have already discussed. But they give you a different way to approach filtering that is in some ways more in tune with how we think about routing. And, because of the highly granular control they offer, it is often much easier to configure a prefix list to do the same job as an access list. Further, in mixed BGP/EIGRP networks, it can be extremely convenient to be able to use the same method for both routing protocols:

Router2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router2(config)#ip prefix-list Inbound seq 10 permit 10.0.0.0/8
Router2(config)#ip prefix-list Inbound seq 20 deny 10.0.0.0/8 ge 9
Router2(config)#ip prefix-list Inbound seq 30 permit 0.0.0.0/0 le 32
Router2(config)#router eigrp 55
Router2(config-router)#distribute-list prefix Inbound in Serial0.1
Router2(config-router)#end
Router2#

There are three lines in the prefix list called “Inbound” in this example. The first line permits the 10.0.0.0/8 network. The second line denies any network belonging to 10.0.0.0 that has a mask with 9 or more bits. The final line permits all other routes.

Again, to see how this works it is easiest to look at the routing table before and after applying the filter. So, in this case we will start with a routing table that looks like this:

Router2#show ip route eigrp
D    192.168.30.0/24 [90/2300416] via 172.25.2.1, 00:00:16, Serial0.1
     10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
D EX    10.0.0.0/8 [170/4357120] via 172.25.2.1, 00:00:16, Serial0.1
D       10.2.2.0/24 [90/2300416] via 172.25.2.1, 00:00:16, Serial0.1
D       10.1.1.0/30 [90/4357120] via 172.25.2.1, 00:00:16, Serial0.1
D*EX 0.0.0.0/0 [170/2172416] via 172.25.2.1, 00:00:16, Serial0.1
Router2#

After applying the filter, this routing table is reduced to the following:

Router2#show ip route eigrp
D    192.168.30.0/24 [90/2300416] via 172.25.2.1, 00:00:22, Serial0.1
D EX 10.0.0.0/8 [170/4357120] via 172.25.2.1, 00:00:22, Serial0.1
D*EX 0.0.0.0/0 [170/2172416] via 172.25.2.1, 00:00:22, Serial0.1
Router2#

Chapter 9

You want to redistribute routes that were learned by other means into the EIGRP routing process.

The simplest way to redistribute routes into EIGRP uses the redistribute command:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip route 192.168.10.0 255.255.255.0 192.168.20.5
Router1(config)#router eigrp 55
Router1(config-router)#redistribute static
Router1(config-router)#end
Router1#

You can set the properties of the routes that are redistributed from another routing protocol with the default-metric command:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 55
Router1(config-router)#redistribute rip
Router1(config-router)#default-metric 1000 100 250 100 1500
Router1(config-router)#end

The show ip protocols command tells you about any route redistribution that the protocol is performing:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
    Serial0.1 filtered by 34 (per-user), default is 34
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: static, eigrp 55
  Automatic network summarization is in effect
  Automatic address summarization:
    192.168.20.0/24 for Loopback0, Serial0.1
    172.25.0.0/16 for Ethernet0
      Summarizing with metric 128256
  Maximum path: 4
  Routing for Networks:
    172.25.0.0
    192.168.20.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    (this router)         90      00:05:00
    172.25.2.1            90      00:01:57
  Distance: internal 90 external 170
Router1#

If you look at the routing table of a downstream router, you can see that EIGRP has forwarded information about this static route:

Router2#show ip route eigrp
D    192.168.30.0/24 [90/156160] via 172.22.1.4, 00:00:02, FastEthernet0/1
D EX 192.168.10.0/24 [170/2195456] via 172.25.2.2, 00:00:01, Serial0/0.2
Router2#

There are two extremely important things to note in this output. The first is that the redistributed route is tagged as external, which is signified by the “EX” near the start of the line. An external route is any route that didn’t originate with this routing protocol. This makes the information inherently less reliable than any internal route, so EIGRP also sets a higher administrative distance to ensure that internal EIGRP routes are always preferred over redistributed routes. This becomes extremely important when you have two or more redistribution points in your network that might be injecting the same routing information.

In this case, the administrative distance for the redistributed static route is 170, instead of the default EIGRP distance of 90. Recall from Chapter 5 that the default administrative distance for static routes is 1.

The second example in this recipe shows how to redistribute routes from a foreign routing protocol, instead of just static routes. The key difference is the default-metric command:

Router1(config-router)#redistribute rip
Router1(config-router)#default-metric 1000 100 250 100 1500

The parameters in the default-metric command allow EIGRP to construct an appropriate metric. Since none of this information is available from the foreign protocol, you have to specify it manually. The parameters are, in order:

As it turns out, however, EIGRP doesn’t use most of this information by default. If you look at the output of any show ip protocols command in this chapter, you will see a line that specifies the EIGRP metric weights:

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP uses these K values as coefficients in an involved equation that specifies how to combine all of these different individual metrics into a single numerical value, the composite EIGRP metric. Note that only K1 and K3 are non-zero. The result is that, by default, EIGRP uses only bandwidth and delay when computing its metric. You can generally fill in just about anything for the other parameters in the default-metric command, and it won’t make any difference.

While you can change these different K values using the metric weights command, we strongly advise against changing the defaults. These values were of some use in IGRP, and when Cisco introduced EIGRP (with its superior DUAL algorithm), they carried the parameters forward. However, it was discovered that in practice it was relatively easy to make routing extremely unstable by changing them. And it’s almost impossible to make things any better by changing these weight values in EIGRP.

The default-metric command sets the metric values for all external routing protocols. If you need to specify different metrics for different protocols, you can put the same information on the redistribute command line as follows:

Router1(config-router)#redistribute rip metric 1000 100 250 100 1500
Router1(config-router)#redistribute ospf 99 metric 1500 10 255 10 1500

Table 7-1 shows all of the different protocols that you can redistribute into EIGRP using this method. You must specify each redistributed protocol separately.

Actually, there is an important exception in this list. If a router has EIGRP and IGRP, both sharing the same process ID number, it will automatically redistribute between them. This is a convenient feature because it makes it relatively easy to migrate an IGRP network to EIGRP. However, if the EIGRP process number is not the same as the one used for IGRP, you need to configure the redistribution.

Sometimes you don’t want to redistribute all of the routes from a particular external routing protocol, just some of them. In this case, you can apply a distribute list (as shown in Recipe 7.2) to ensure that only those routes that are redistributed from a particular protocol. For example, you might have several static routes on your router, but you only want to redistribute some of them. In that case, you can apply a distribute list to only the static routes:

Router1(config)#router eigrp 55
Router1(config-router)#redistribute static
Router1(config-router)#distribute-list 7 out static

This will apply access list number 7 to all of the static routes before distributing them. You can also use this technique when redistributing routes learned from other routing protocols. For example, you might want to filter the routes learned from OSPF before redistributing them into EIGRP. You can do this as follows:

Router1(config)#router eigrp 55
Router1(config-router)#redistribute ospf 99
Router1(config-router)#distribute-list 7 out ospf 99

Recipe 7.2; Chapter 5

You require greater control over the routes that are redistributed and their associated metrics and route tags.

You can use route maps to do more sophisticated redistribution of routes into EIGRP:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip route 192.168.10.0 255.255.255.0 172.22.1.4
Router1(config)#ip route 192.168.11.0 255.255.255.0 172.22.1.4
Router1(config)#ip route 192.168.12.0 255.255.255.0 172.22.1.4
Router1(config)#access-list 20 permit 192.168.10.0
Router1(config)#access-list 21 permit 192.168.11.0
Router1(config)#route-map STATIC permit 10
Router1(config-route-map)# match ip address 20
Router1(config-route-map)# set metric 56 100 255 1 1500
Router1(config-route-map)# set tag 2
Router1(config-route-map)#exit
Router1(config)#route-map STATIC permit 20
Router1(config-route-map)# match ip address 21
Router1(config-route-map)# set metric 128 200 255 1 1500
Router1(config-route-map)#exit
Router1(config)#route-map STATIC deny 30
Router1(config-route-map)#exit
Router1(config)#router eigrp 55
Router1(config-router)#redistribute static route-map STATIC
Router1(config-router)#end
Router1#

This recipe is extremely similar to Recipe 6.4 in the RIP chapter of this book. And, just as in that example, we use route maps to set not only metrics but also route tags for redistributed static routes. Please refer to Recipe 7.1 for a detailed discussion of how route maps work.

The one thing that you need to be careful of with EIGRP is that, as we discussed in Recipe 7.3, there is no default default metric. So if you don’t define EIGRP metrics for foreign routing protocols, EIGRP will not redistribute anything. This is not necessary for the static routes shown in the example, though.

Recipe 7.3; Recipe 6.4

You want to propagate a default route within EIGRP.

You can configure EIGRP to propagate a default route by simply redistributing a static route to 0.0.0.0/0, as follows:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip route 0.0.0.0 0.0.0.0 172.25.1.1
Router1(config)#access-list 7 permit 0.0.0.0
Router1(config)#router eigrp 55
Router1(config-router)#redistribute static
Router1(config-router)#distribute-list 7 out static
Router1(config-router)#end
Router1#

This example actually shows two things. We have redistributed a simple static default route into EIGRP, as shown in Recipe 7.3. And we have also implemented an outbound route filter that only affects the static routes, as discussed in Recipe 7.2. Note that because of the static keyword on the distribute-list command, this distribute list applies only to static routes. So, if there are many static routes on this router, this feature ensures that we will only redistribute the default route.

If we go to a downstream router, you can see that EIGRP is forwarding this route, and that it is accepted as a candidate default route:

Router2#show ip route 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
  Known via "eigrp 55", distance 170, metric 2172416, candidate default path, type
external
  Redistributing via eigrp 55
  Last update from 172.25.2.1 on Serial0.1, 00:02:16 ago
  Routing Descriptor Blocks:
  * 172.25.2.1, from 172.25.2.1, 00:02:16 ago, via Serial0.1
      Route metric is 2172416, traffic share count is 1
      Total delay is 20100 microseconds, minimum bandwidth is 1544 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 1
Router2#

You can look at the topology table to see how EIGRP classifies the default route:

Router2#show ip eigrp topology 0.0.0.0
IP-EIGRP (AS 55): Topology entry for 0.0.0.0/0
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2172416
  Routing Descriptor Blocks:
  172.25.2.1 (Serial0.1), from 172.25.2.1, Send flag is 0x0
      Composite metric is (2172416/28160), Route is External
      Vector metric:
        Minimum bandwidth is 1544 Kbit
        Total delay is 20100 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 1
      External data:
        Originating router is 172.25.25.1
        AS number of route is 0
        External protocol is Static, external metric is 0
        Administrator tag is 0 (0x00000000)
        Exterior flag is set
Router2#

In this case, the command was issued on a downstream router that has received this default route via EIGRP. So it is shown as an external route. You can also see that the router 172.25.25.1 was responsible for introducing this external route into EIGRP, and that the external routing protocol is “static.”

Recipe 7.10 shows another way of distributing a default gateway that doesn’t mark the route as external.

Recipe 7.2; Recipe 7.3; Recipe 7.10

You want to disable an interface from participating in EIGRP.

You can prevent an interface from participating in EIGRP by simply designating it as passive:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 55
Router1(config-router)#passive-interface Serial0/1
Router1(config-router)#end
Router1#

The passive-interface command in EIGRP prevents directly connected routers from establishing an EIGRP neighbor relationship. Since they can’t become neighbors, they will never exchange routing information. This is critically different from the way RIP behaves, as we saw in Chapter 6. In RIP, making an interface passive means that it will still accept routes, it just won’t send them. But with EIGRP, a passive interface will not send or receive any routing information.

Furthermore, configuring one router to be passive means that it can’t form an EIGRP adjacency relationship with any other routers through this interface. If there are only two routers on a link, you can disable EIGRP on that link by simply configuring one of the routers with a passive interface.

You can see the neighbor relationships with the following command:

Router1#show ip eigrp neighbors
IP-EIGRP neighbors for process 55
H   Address                 Interface   Hold Uptime   SRTT  RTO Q  Seq Type
                                        (sec)         (ms)     Cnt Num
0   172.25.2.2              Se0/0.2       11 00:07:03 1563 5000 0  81
3   172.25.1.7              Fa0/0.1       77 00:18:17   11  200 0  348
2   172.22.1.4              Fa0/1         12 00:18:42    4  200 0  197
1   10.1.1.1                Se0/1         14 00:18:43    7  200 0  196
Router1#

If we then implement the passive-interface command on this router, as shown above, you can see that the neighbor disappears from the table:

Router1#show ip eigrp neighbors
IP-EIGRP neighbors for process 55
H   Address                 Interface   Hold Uptime   SRTT  RTO Q  Seq Type
                                        (sec)         (ms)     Cnt Num
0  172.25.2.2               Se0/0.2       14 00:08:56 1563 5000 0  81
3  172.25.1.7               Fa0/0.1       69 00:20:10   11  200 0  348
2  172.22.1.4               Fa0/1 12      00:20:35       4  200 0  197
Router1#

The show ip protocols command lists all of the passive interfaces that are configured on this router:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
    Redistributed static filtered by 7
  Incoming update filter list for all interfaces is not set
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: static, eigrp 55
  Automatic network summarization is in effect
  Automatic address summarization:
    172.25.0.0/16 for FastEthernet0/1
      Summarizing with metric 28160
    172.22.0.0/16 for FastEthernet0/0.1, Serial0/0.2, Loopback0
      Summarizing with metric 28160
    10.0.0.0/8 for FastEthernet0/0.1, Serial0/0.2, Loopback0
      FastEthernet0/1
      Summarizing with metric 3845120
  Maximum path: 4
  Routing for Networks:
    10.0.0.0
    172.22.0.0
    172.25.0.0
  Passive Interface(s):
    Serial0/1
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.1.7            90      00:09:57
    172.25.2.2            90      00:09:57
    172.22.1.4            90      00:09:57
  Distance: internal 90 external 170
Router1#

Chapter 6

You want to reduce the size of your routing tables to improve the stability and efficiency of the routing process.

The ip summary-address eigrp configuration command allows you to configure manual summary addresses on a per-interface basis:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Serial0/0.2
Router1(config-subif)#ip summary-address eigrp 55 172.25.0.0 255.255.0.0
Router1(config-subif)#end
Router1#

By default, EIGRP will automatically summarize subnet routes into network-level routes. You can disable this with the no auto-summary configuration command:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 55
Router1(config-router)#no auto-summary
Router1(config-router)#end
Router1#

Summarization is one of the most powerful features of EIGRP, and one of the most frequently overlooked ways to improve network efficiency. Unlike RIP, which summarizes along classful network boundaries, EIGRP uses CIDR, allowing you to summarize at any bit in the address as well as allowing supernets. And, while OSPF also allows this sort of summarization, as we will discuss in Chapter 8, OSPF can only summarize at the ABR. Conversely, EIGRP allows you to summarize at any router in the network. This means that you can have multiple hierarchical levels of address summarization with EIGRP, which can greatly improve the maximum size and efficiency of a large network that is designed properly to allow it.

You can see all of the summarization information, including which interfaces will send out summary addresses, using the show ip protocols command:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
    Redistributed static filtered by 7
  Incoming update filter list for all interfaces is not set
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: static, eigrp 55
  Automatic network summarization is not in effect
  Address Summarization:
    172.25.0.0/16 for Serial0/0.2
      Summarizing with metric 28160
  Maximum path: 4
  Routing for Networks:
    10.0.0.0
    172.22.0.0
    172.25.0.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    10.1.1.1              90      1d23h
    172.25.1.7            90      00:00:57
    172.25.2.2            90      00:00:57
    172.22.1.4            90      00:00:57
  Distance: internal 90 external 170
Router1#

Note that when you summarize like this, the router doing the summarization will install a special route pointing to the null interface:

Router1#show ip route 172.25.0.0
<lines deleted for brevity>
D       172.25.0.0/16 is a summary, 00:00:23, Null0
Router1#

In this example, we have only summarized 172.25.0.0/16 on interface Serial0/0.2. However, it is important to remember that you can summarize several networks at the same time on a single interface by simply configuring all of the different summary addresses, as follows:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Serial0/0.2
Router1(config-subif)#ip summary-address eigrp 55 172.25.0.0 255.255.0.0
Router1(config-subif)#ip summary-address eigrp 55 10.0.0.0 255.0.0.0 80
Router1(config-subif)#end
Router1#

When it summarizes addresses, EIGRP will automatically suppress all of the routes that are included in the summary. Of course, if there are no routes to summarize, the router won’t distribute the summary address.

The metric of this summary route will be equal to the best metric of the routes being summarized. It is important to remember this because, if the route with the best metric goes away for any reason, EIGRP will change the metric of the summary. So, if the route with the best metric is unstable, it will make the summary route unstable. If you want to ensure that this doesn’t happen, you can configure a static route within the summarized range and point it to a null interface. Then you must configure the router to redistribute this static route into EIGRP.

The following example shows a CIDR supernet summarization:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Serial0/0.2
Router1(config-subif)#ip summary-address eigrp 55 0.0.0.0 0.0.0.0
Router1(config-subif)#end
Router1#

In this case, if there are any routes to distribute at all, EIGRP will distribute only the default route 0.0.0.0/0, and suppress all of the individual routes. This is actually an extremely useful technique on low-speed WAN links, particularly when this link represents the only path to the rest of the network. In such cases, the remote site only needs to know that it can get to everything it needs through this link. Further, because routing is always done by taking the longest match first, if the remote site happens to have more specific routing information for a particular destination, it won’t use this summary route.

You could accomplish the same thing by injecting a default route (as shown in Recipe 7.5) and filtering out everything except 0.0.0.0/0 using a distribute list (as in Recipe 7.2). But this summary address technique does both of these actions in a single step. Furthermore, with this technique, the default route appears in the routing table as an internal route:

Router2#show ip route eigrp
D*   0.0.0.0/0 [90/2172416] via 172.25.2.1, 00:00:30, Serial0.1
Router2#

Recipe 7.2; Recipe 7.5; Chapter 8

You want to modify the routing metrics for routes learned via EIGRP.

You can use the offset-list configuration command to modify the metrics of routes that EIGRP learns through a particular interface:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#access-list 22 permit 192.168.30.0
Router1(config)#router eigrp 55
Router1(config-router)#offset-list 22 in 10000 Serial0.1
Router1(config-router)#end
Router1#

This command can also modify the EIGRP metrics of routes as the router sends them out through an interface:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#access-list 33 permit 192.168.30.0
Router1(config)#router eigrp 55
Router1(config-router)#offset-list 33 out 10000 Serial0.1
Router1(config-router)#end
Router1#

This command simply adds a constant value to the metrics of all of the routes that are either sent or received through a particular interface. There are actually two other ways to modify metrics in EIGRP. Recall that the EIGRP metric is a combination of the aggregate delay and the minimum bandwidth along a path. So, instead of adding an offset to the entire metric, you can modify the bandwidth and delay separately as follows:

Router1(config)#interface Serial0.1
Router1(config-if)#bandwidth 56
Router1(config-if)#delay 1000

The bandwidth command takes an argument in kilobits per second, and will accept a value between 1 and 10,000,000Kbps. The delay command is measured in tens of microseconds, and can be anywhere between 1 and 16,777,215. In this case, we have specified a value of 1000, meaning a delay of 10,000 microseconds (10 milliseconds). You can see the current values for both of these parameters with the show interface command:

Router1#show interfaces serial0.1
Serial0.1 is up, line protocol is up
  Hardware is HD64570
  Internet address is 172.25.2.2/30
  MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation FRAME-RELAY
Router1#

In this example, subinterface Serial0.1 has the default values for a serial interface, a bandwidth of 1544Kbps (a T1), and a delay of 20,000 microseconds (20 milliseconds). It is always a good idea to check the current values before adjusting either the bandwidth or delay parameters, if only to make sure that you are moving them in the right direction.

We offer one important caution on adjusting the bandwidth parameter in particular. This same value also appears in the SNMP variable ifSpeed for this interface. This is often used by performance management software to define the total available bandwidth for the interface. Changing this number to fix an EIGRP issue might cause a problem for your performance management system.

One of the problems with adjusting the delay and bandwidth on the interface is that you can’t use this to separately adjust inbound and outbound routing metrics. If you need this level of control, the offset list method discussed previously is the best way to achieve it.

You can see effect of an offset list in the output of the show ip protocols command:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
    Serial0.1 filtered by (prefix-list) Inbound
  Incoming routes in Serial0.1 will have 10000 added to metric if on list 22
  Default networks flagged in outgoing updates
  Default networks not accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: static, eigrp 55
  Automatic network summarization is in effect
  Automatic address summarization:
    192.168.20.0/24 for Loopback0, Serial0.1
    172.25.0.0/16 for Ethernet0
      Summarizing with metric 128256
  Maximum path: 4
  Routing for Networks:
    172.25.0.0
    192.168.20.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.2.1            90      00:02:09
  Distance: internal 90 external 170
Router1#

You can also see the difference it makes by looking at the routing tables. In this case, the route looked like this before we applied the offset list:

Router1#show ip route eigrp
D    192.168.30.0/24 [90/200416] via 172.25.2.1, 00:00:24, Serial0.1

As you can see, the metric has increased by 10,000 after applying the offset:

Router1#show ip route eigrp
D    192.168.30.0/24 [90/210416] via 172.25.2.1, 00:00:24, Serial0.1

You wish to tune your EIGRP timers to improve network convergence.

There are two important EIGRP timers, the hello interval and the hold time. You can adjust both of these timers separately on each interface on a router as follows:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Serial0.1
Router1(config-subif)#ip hello-interval eigrp 55 3
Router1(config-subif)#ip hold-time eigrp 55 9
Router1(config-subif)#end
Router1#

One of the unique features of EIGRP is that you can adjust its timers separately on each interface. As we mentioned in Chapter 6, RIP requires you to adjust the timers identically on every interface of every device participating in RIP. In Chapter 8 you will see that while OSPF allows you to adjust the timers separately on each link, you have to make sure that it is the same on all routers on this link. But with EIGRP, you can adjust the timers on one router on a link independently of what you have configured on other interfaces on this router, or on other routers on this link.

EIGRP handles this by simply telling the other routers on the link what its parameters are. Therefore, if one router has a particular hello time of, say, 5 seconds, then all of the other routers on this link will expect to see a hello packet from this router every 5 seconds. This is true regardless of what the other routers have for their own parameters. The result is that when you adjust the timers on an interface on one router, you affect what its neighbors expect to see from it.

The default timer values for most interface types are 5 seconds for hellos and a 15-second hold timer. This means that the router will send out a hello packet to verify its neighbor relationships every 5 seconds. And, if it doesn’t hear from a neighbor device, it will wait 15 seconds before declaring that neighbor down.

On multipoint interfaces with sub-T1 speeds, the default hello time is 60 seconds, with a hold time of 180 seconds. Note that the defaults always have a hold time equal to three times the hello time. It is a good rule of thumb to keep this three to one ratio if you choose to adjust your timers.

You can cause serious network stability problems if you don’t adjust the hold and hello times together. In particular, if the hold time is less than the hello time, you will see frequent loss of neighbor status, causing instability. And if the hold time is too long, you will find that your network does not converge quickly after link failures.

In our example, we have attempted to speed up convergence by decreasing the timers. The new hello time is 3 seconds and the hold time is 9 seconds. Before applying this change, you can see that the hold time is 15 seconds:

Router1#show ip eigrp neighbors
IP-EIGRP neighbors for process 55
H   Address                 Interface  Hold Uptime    SRTT  RTO  Q  Seq Type
                                       (sec)          (ms)      Cnt Num
0   172.25.2.1              Se0.1        15 00:10:02    16  200  0  549
Router1#

This command actually shows the amount of time remaining in the hold time interval. Each time you look at the neighbor table you will see that the router is counting down from the configured hold time. Each time this router receives a hello packet from the specified neighbor router, it resets its hold timer and begins counting down again. If it ever reaches zero, it will reset the neighbor relationship.

If we go to the neighbor router in the example, you can see that the hold time for Router2 counts down from 9 seconds, instead of the default 15:

Router2#show ip eigrp neighbors
IP-EIGRP neighbors for process 55
H   Address                 Interface   Hold Uptime   SRTT RTO  Q  Seq Type
                                        (sec)         (ms)     Cnt Num
1   172.25.2.2              Se0/0.2        9 00:10:50   16 200  0  114
2   172.25.1.7              Fa0/0.1       65 1d22h      15 200  0  377
0   172.22.1.4              Fa0/1         13 1d22h       2 200  0  230
Router2#

Chapter 6; Chapter 8

You want to authenticate your EIGRP traffic to ensure that no unauthorized equipment can affect your routing tables.

To enable MD5-based EIGRP packet authentication, you must first define a key chain for the encryption, then apply the authentication commands to the interface:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#key chain ORA
Router1(config-keychain)#key 1
Router1(config-keychain-key)#key-string oreilly
Router1(config-keychain-key)#exit
Router1(config-keychain)#exit
Router1(config)#interface Serial0/1
Router1(config-if)#ip authentication mode eigrp 55 md5
Router1(config-if)#ip authentication key-chain eigrp 55 ORA
Router1(config-if)#end
Router1#

As soon as we configure EIGRP authentication on this router, the neighbor relationship dropped because it failed to authenticate:

IP-EIGRP 55: Neighbor 172.25.2.2 (Serial0/0.2) is down: Auth failure

To bring this neighbor back up, you have to ensure that both routers use the same authentication keys.

It’s important to remember that this is just an authentication system. The routers do not encrypt the routing update packets as they send them through the network. They just authenticate these packets using MD5. This prevents people from either accidentally or maliciously injecting routes into your network. This authentication is often useful in environments where you don’t control all of the routers.

You can see from the following debug trace that when the authentication fails, EIGRP simply ignores the routing updates:

Router1#debug eigrp packet
EIGRP Packets debugging is on
    (UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY,
SIAREPLY)
Router1#
Oct 3 01:40:59.704: EIGRP: ignored packet from 172.25.2.2 opcode = 5
(invalid authentication)

One of the biggest problems with using this sort of authentication system is that changing the keys can break routing throughout your network. The following example shows a way around this problem. By configuring timed keys, you can roll out a new key throughout your network without disrupting service:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#key chain Mars
Router1(config-keychain)#key 1
Router1(config-keychain-key)#key-string rocket
Router1(config-keychain-key)#accept-lifetime 00:00:00 Jan 1 1993 00:15:00 Nov 1 2002
Router1(config-keychain-key)#send-lifetime 00:00:00 Jan 1 1993 00:00:00 Nov 1 2002
Router1(config-keychain-key)#key 2
Router1(config-keychain-key)#key-string martian
Router1(config-keychain-key)#accept-lifetime 23:45:00 Oct 31 2002 infinite
Router1(config-keychain-key)#send-lifetime 00:00:00 Nov 1 2002 infinite
Router1(config-keychain-key)#end
Router1#

In this case, the router will accept the original key string, rocket, until 12:15 A.M. on November 1, 2002. It will send this same key string until 12:00 A.M. on the same date. And it will start accepting the new key string, martian, at 11:45 P.M. on October 31, 2002. In this way there is a safe 30-minute transition period that you can configure in advance throughout the network. Then, the next day (or whenever it is convenient), you can remove the configuration for the old key string.

The show key chain command includes information about all of the configured key chains and the corresponding key strings:

Router1#show key chain
Key-chain ORA:
    key 1 -- text "oreilly"
        accept lifetime (always valid) - (always valid) [valid now]
        send lifetime (always valid) - (always valid) [valid now]
Key-chain Mars:
    key 1 -- text "rocket"
        accept lifetime (00:00:00 Jan 1 1993) - (00:15:00 Nov 1 2002) [valid now]
        send lifetime (00:00:00 Jan 1 1993) - (00:00:00 Nov 1 2002) [valid now]
    key 2 -- text "martian"
        accept lifetime (23:45:00 Oct 31 2002) - (infinite)
        send lifetime (00:00:00 Nov 1 2002) - (infinite)
Router1#

Recipe 6.14

You want to log EIGRP neighbor state changes.

To enable the logging of EIGRP neighbor state changes, use the eigrp log-neighbor-changes configuration command:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 55
Router1(config-router)#eigrp log-neighbor-changes
Router1(config-router)#end
Router1#

When a neighbor relationship is lost, you also lose all of the routing entries for that neighbor. The effects of this lost routing information are often felt throughout the network. Therefore, it can be extremely useful to have a good log of neighbor change events for troubleshooting strange intermittent network problems. This feature also gives you a good way of looking for faults on links that don’t have a way of telling you about loss of connectivity.

Two important examples of this are tunnels and LAN extensions. In many cases, when the network breaks and brings down a tunnel, the two tunnel end points are unable to see the problem. Similarly, in a LAN extension service, the two end point routers are both connected to Layer 2 LAN switches that are then bridged to one another through another medium, such as ATM. The problem in this case is that the intermediate network between the switches can break and neither router will see a problem because they are both connected to an active switch port. It’s also important to note that EIGRP neighbor relationships can break just because of noisy or congested links.

Whatever the cause, one of the easiest ways to detect a connectivity problem in the hidden network is to configure EIGRP between the routers via this link. In some cases, this will be done on a separate EIGRP process ID number to make it easier to differentiate between normal network topology changes and these hidden network faults. If you log EIGRP neighbor changes and configure the routers to send their SYSLOG events to a central fault management server (as discussed in Chapter 18), you can get an instant alarm on these types of problems.

The log messages show not only that the neighbors have changed, but they also give you an indication of why they changed state:

Oct  2 22:00:38: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is up: new adjacency
Oct  2 22:03:23: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is down: summary configured
Oct  2 22:03:23: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is up: new adjacency
Oct  2 22:04:14: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is down: manually cleared
Oct  2 22:04:19: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is up: new adjacency
Oct  2 22:07:26: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is down: peer restarted
Oct  2 22:07:27: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is up: new adjacency
Oct  2 22:30:06: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is down: holding time expired
Oct  2 22:30:38: %DUAL-5-NBRCHANGE: IP-EIGRP 55: Neighbor 172.25.2.1 (Serial0.1)
 is up: new adjacency

In this example, we have shown four different reasons for EIGRP to reset its neighbor relationships. Of these, only the last one, holding time expired, is likely to indicate a network fault.

Chapter 18

You want to limit the fraction of an interface’s bandwidth available to EIGRP for routing updates.

To modify the fraction of the total bandwidth available to EIGRP, use the ip bandwidth-percent configuration command:

Router1# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Serial0.1
Router1(config-subif)#ip bandwidth-percent eigrp 55 40
Router1(config-subif)#end
Router1#

This example shows how to restrict EIGRP process number 55 to use, at most, 40% of the available capacity of this link. By default, EIGRP will limit its own bandwidth utilization to ensure that it never takes more than 50% of a link’s capacity. However, this default isn’t always appropriate. Sometimes you need to reduce this fraction to reduce overall congestion. And sometimes the total bandwidth value specified on an interface is not accurate.

For example, in Recipe 7.7 we discussed how to change what the router thinks the interface’s bandwidth is. If this value is significantly lower than the real physical bandwidth of the interface, you might want to increase the fraction that EIGRP can use. This can help to improve network convergence times when EIGRP suddenly needs to exchange a large amount of routing information.

In the following example, we have manually reduced bandwidth value on this interface to 32Kbps. Since this is much less than the true value, we have then increased the fraction that EIGRP can use to 200%, bringing it up to a maximum of 56Kbps, which would be the default for a real 128kbps circuit:

Router1# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#interface Serial0.1
Router1(config-subif)#bandwidth 32
Router1(config-subif)#ip bandwidth-percent eigrp 55 200
Router1(config-subif)#end
Router1#

Recipe 7.7

You want to stabilize your network by sending smaller routing tables out to stub branches and reducing the scope of EIGRP queries.

To enable stub routing, use the eigrp stub configuration command:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 55
Router1(config-router)#eigrp stub
Router1(config-router)#end
Router1#

This feature became available starting in IOS 12.0(15)S. It is most commonly used in hub-and-spoke network designs, in which a remote router connects to the rest of the network through only one or two central routers, and the remote router is the only connection for a small number of LAN segments. In general, you would configure the central routers in this case to send only a default route, as discussed in Recipe 7.2, Recipe 7.5, and Recipe 7.10.

In situations where a route suddenly goes away, every router will ask all of its neighbors if they have a path to that remote network by default. However, it is never going to be fruitful to ask these remote branch routers if they can reach the missing network. If these stub routers are reachable at all, they will already be exchanging information about the few networks that they can access. No trick of topology will allow them to find the missing route if the central routers don’t have it. So the EIGRP stub feature disables these queries. This should help to improve overall network stability. And, in particular, this feature could significantly improve the stability of hub-and-spoke WANs:

Router2#show ip eigrp neighbors detail
IP-EIGRP neighbors for process 55
H   Address                 Interface   Hold Uptime   SRTT  RTO  Q  Seq Type
                                        (sec)         (ms)      Cnt Num
1   172.25.2.2              Se0/0.2        6 00:15:57  787 4722  0  148
   Version 12.2/1.2, Retrans: 0, Retries: 0
   Stub Peer Advertising ( CONNECTED SUMMARY ) Routes
2   172.25.1.7              Fa0/0.1       70 1w0d       12  200  0  405
   Version 12.0/1.0, Retrans: 1, Retries: 0
0   172.22.1.4              Fa0/1         12 1w0d        1  200  0  258
   Version 12.2/1.2, Retrans: 2, Retries: 0
Router2#

The eigrp stub command can take four different keywords:

Recipe 7.2; Recipe 7.5; Recipe 7.10

You want to tag specific routes to prevent routing loops while mutually redistributing routes between two routing protocols.

This example shows how to tag external routes in EIGRP:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip route 0.0.0.0 0.0.0.0 172.25.1.1
Router1(config)#access-list 7 permit 0.0.0.0
Router1(config)#route-map TAGGING permit 10
Router1(config-route-map)#match ip address 7
Router1(config-route-map)#set tag 5
Router1(config-route-map)#exit
Router1(config)#router eigrp 55
Router1(config-router)#redistribute static route-map TAGGING
Router1(config-router)#end
Router1#

The external route is static here, but the same technique applies to routes learned through other routing protocols.

You can only tag routes that EIGRP has learned from another routing protocol. As we saw when talking about route tags with RIP, EIGRP does not use these tags directly, it only distributes them. You would use these tags at network boundaries when redistributing routes into another routing process.

For instance, if our EIGRP network was being used as a transit network between two other routing protocols we could tag routes learned from the first external network. We could then redistribute only the first network’s routes into the second external network. Similarly, we could redistribute only the second network’s routes into the first network. In this way we could ensure that the external networks use the EIGRP network for only transit, and prevent them from reaching anything internal.

As discussed in Chapter 6, RIP Version 2 supports 16-bit tags, which gives it a range from 0 to 65,535. EIGRP and OSPF use 32-bit tags for a range from 0 to 4,294,967,295. These tags are purely internal, of course, so there is no interoperability problem. It is unlikely that you will need 4 billion tags, but this expanded range can be useful because you can map the 32-bit tags to IP addresses as a mnemonic for the external network information:

Router1#show ip eigrp topology 0.0.0.0
IP-EIGRP (AS 55): Topology entry for 0.0.0.0/0
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 28160
  Routing Descriptor Blocks:
  0.0.0.0, from Rstatic, Send flag is 0x0
      Composite metric is (28160/0), Route is External
      Vector metric:
        Minimum bandwidth is 100000 Kbit
        Total delay is 100 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 0
      External data:
        Originating router is 172.25.25.1 (this system)
        AS number of route is 0
        External protocol is Static, external metric is 0
        Administrator tag is 5 (0x00000005)
        Exterior flag is set
  0.0.0.0 (Null0), from 0.0.0.0, Send flag is 0x0
      Composite metric is (28160/0), Route is Internal
      Vector metric:
        Minimum bandwidth is 100000 Kbit
        Total delay is 100 microseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 0
      Exterior flag is set
Router1#

The following is a simple example in which we redistribute from EIGRP into OSPF only those routes that have a route tag value of 5. Presumably this tag was set at another network boundary:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router ospf 11
Router1(config-router)#redistribute eigrp 55 route-map TAGOUT
Router1(config-router)#exit
Router1(config)#route-map TAGOUT permit 10
Router1(config-route-map)#match tag 5
Router1(config-route-map)#route-map TAGOUT deny 20
Router1(config-route-map)#end
Router1#

Chapter 6

You want to check the status of EIGRP on the router.

There are several useful commands for looking at EIGRP status. As we have seen throughout this chapter, the show ip protocols command displays a wealth of useful information:

Router1#show ip protocols

You can look at a routing table of only those routes that were learned via EIGRP as follows:

Router1#show ip route eigrp

Another extremely useful EIGRP command displays a table of all of the adjacent EIGRP routers:

Router1#show ip eigrp neighbors

You can see information about the interfaces that exchange routing information using EIGRP with this command:

Router1#show ip eigrp interfaces

Finally, you can view the EIGRP topology database as follows:

Router1#show ip eigrp topology

The precise output of the show ip protocols command varies depending on what features are enabled. However, we have shown several examples of different output throughout this chapter:

Router1#show ip protocols
Routing Protocol is "eigrp 55"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
    Serial0.1 filtered by (prefix-list) Inbound
  Default networks flagged in outgoing updates
  Default networks not accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: static, eigrp 55
  Automatic network summarization is not in effect
  Maximum path: 4
  Routing for Networks:
    172.25.2.2/32
    172.25.0.0
    192.168.20.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    (this router)         90      5d23h
    172.25.2.1            90      00:03:32
  Distance: internal 90 external 170
Router1#

The standard command to view the IP routing table is show ip route. However, this will show you all of the IP routes, including static routes, connected routes, routes learned through other protocols, and EIGRP routes. If you just want to see the EIGRP routes, you can add the keyword eigrp to this command:

Router1#show ip route eigrp
D*EX 0.0.0.0/0 [170/91942912] via 172.25.2.1, 00:04:29, Serial0.1
Router1#

One of the most useful commands when troubleshooting EIGRP problems looks at the neighbor table:

Router1#show ip eigrp neighbors
IP-EIGRP neighbors for process 55
H   Address                 Interface   Hold Uptime   SRTT  RTO  Q  Seq Type
                                        (sec)         (ms)      Cnt Num
1   172.25.2.2              Se0/0.2        7 00:25:16  641 3846  0  148
2   172.25.1.7              Fa0/0.1       80 1w0d       17  200  0  406
0   172.22.1.4              Fa0/1         12 1w0d        3  200  0  259
Router1#

There are several important pieces of information in this list. Obviously, it’s useful to look at the IP addresses and interfaces. But it can also be extremely useful to look at the uptime. In this case, two of these neighbors have been up and stable for a week, but the third was reset 25 minutes ago. The router will sort this output so that the most recent neighbors are at the top. This gives you an immediate way to see which neighbors might have problems.

Also useful in this output is the “Q” column. This column tells you how many EIGRP packets are currently queued for the specified neighbor. If the router is consistently queueing EIGRP packets, there may be a congestion or queueing problem with this interface.

If you think you see EIGRP congestion or performance problems like this, it can be useful to look at the interfaces in more detail:

Router1#show ip eigrp interfaces
IP-EIGRP interfaces for process 55

                    Xmit Queue   Mean  Pacing Time  Multicast   Pending
Interface    Peers  Un/Reliable  SRTT  Un/Reliable  Flow Timer  Routes
Fa0/0.1        1        0/0        17      0/10         50          0
Lo0            0        0/0         0      0/10          0          0
Fa0/1          1        0/0         3      0/10         50          0
Se0/0.2        1        0/0       641      0/15       3163          0
Router1#

This command shows useful information, such as how many peers there are on each interface. It also tells you more about any possible queueing issues, breaking out exactly how many routes are still pending.

Another useful command when debugging EIGRP problems is the show ip eigrp toplogy command. This command gives a view of the EIGRP topology table. The topology table is useful because it often includes information about routes that EIGRP has received, but that the router isn’t using for whatever reason. For example, if there is a similar route with a better administrative distance, such as a static route, the show ip route command will indicate only the static route. The show ip eigrp toplogy command allows you to look through the whole EIGRP topology table to see exactly why the other route is better:

Router1#show ip eigrp topology
IP-EIGRP Topology Table for AS(55)/ID(172.25.25.1)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 0.0.0.0/0, 1 successors, FD is 28160, tag is 5
         via Rstatic (28160/0)
         via Summary (28160/0), Null0
P 10.2.2.0/24, 1 successors, FD is 156160
         via 172.22.1.4 (156160/128256), FastEthernet0/1
P 10.1.1.0/30, 1 successors, FD is 3845120
         via Connected, Serial0/1
P 192.168.10.0/24, 1 successors, FD is 28160, tag is 5
         via Rstatic (28160/0)
P 192.168.30.0/24, 1 successors, FD is 156160
         via 172.22.1.4 (156160/128256), FastEthernet0/1
P 192.168.20.0/24, 1 successors, FD is 2195456
         via 172.25.2.2 (2195456/281600), Serial0/0.2
P 172.25.25.6/32, 1 successors, FD is 156160
         via 172.25.1.7 (156160/128256), FastEthernet0/0.1
P 172.25.25.1/32, 1 successors, FD is 128256
         via Connected, Loopback0
P 172.25.25.2/32, 1 successors, FD is 2297856
         via 172.25.2.2 (2297856/128256), Serial0/0.2
P 172.25.1.0/24, 1 successors, FD is 28160
         via Connected, FastEthernet0/0.1
P 172.25.2.0/30, 1 successors, FD is 2169856
         via Connected, Serial0/0.2
P 172.22.1.0/24, 1 successors, FD is 28160
         via Connected, FastEthernet0/1
Router1#

The EIGRP topology table also shows the successors for each route. The successor is the route that will be installed in case the better one goes away.