








Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This full ccie notes for EIGRP internal routing protocol
Typology: Transcriptions
1 / 14
This page cannot be seen from the preview
Don't miss anything!









Network Statement
- A network statement enables EIGRP protocol on an interface and assigns 224.0.0.10 IP address beside the normal unicast address. - Sends and receives EIGRP updates on 224.0.0. - Advertises interface network to other EIGRP neighbors R1(config)router eigrp 111 (111) is an autonomous number and it needs to match on both routers if they want to create neighbor relationship unlike OSPF where it does not need to match. R1(config-router)network 10.0.0.
if we do not mention the mask, it will take it by default as 0.255.255.255 which / R1(config-router)network 10.1.1.0 0.0.0. now we have mentioned the mask, it means 10.1.1.0/ - If all these network addresses of part of a single router we should be not use network statement like following R1(config-router)network 0.0.0.0 255.255.255. INSTEAD R1(config-router)network 150.1.0.0 0 R1(config-router)network 10.0.0. R1(config-router)network 11.0.0. R1(config-router)network 11.0.0.
- The concept of passive interface is that it will disable hello packets going to network interfaces on a router. A router will send a hello packet to these interfaces to create a neighbor relationship, but network/host interfaces DO NOT form neighbor relationship with routers, it’s the ROUTER TO ROUTER which forms neighbor relationship - For example, we have 100 hosts/networks connected to Router1 and every 5 seconds a hello packet is sent and received on each network interface because we enabled EIGRP on that interface. - To avoid sending and receiving EIGRP updates on network interfaces we use passive interface command. - It also protects the segment if someone brings a router and connects it and tries to form a neighbor relationship. There are two ways of creating passive interface R1(config-router)passive-interface lo R1(config-router)passive-interface lo R1(config-router)passive-interface lo R1(config-router)passive-interface lo4 and so on….. But this takes much time so instead you use the following command R1(config-router)passive-interface default
this means I am going to DISABLE sending or receiving multicast/unicast eigrp updates on ANY interface including the router interface that connects to other router. And the neighborhood between two routers will GO DOWN. To solve this issue, we ADD this command too R1(config-router)no passive-interface e0/
R1(config)router eigrp 111 R1(cofig-router)neighbor 10.12.12.2 e0/ >> you should specify the interface also in EIGPR
- Summarization will not work between R1 AND R2, but it will work between R2 AND R3. Because the link between R2 AND R3 is a different network which is 192.1.23.0.
- Authentication between links R1 AND R R1(config)key chain ABC >>ABC is the name of the keychain and it does not need to be the same on both routers. R1(config-keychain)key 11 R1(config-keychain-key)key-string cisco >>key (number) and key-string (password) needs to be the same on both interfaces R1(config-keychain-key)int e0/ R1(config-if)ip authentication key-chain eigrp 111 ABC >> this does not enable authentication because we did not specify MD5, by mentioning MD5 it enables the authentication
R1(config-if)ip authentication mode eigrp 111 md
this now enables the authentication because we mentioned md
Configure an ACL in R3 to block the ODD numbers in the 210.1.x.0/ range from propagating R R3(config)access-list 1 deny 210.1.1.0 0.0.245. R3(config)access-list 1 permit any R3(config)router eigrp 111 R3(config-router)distribute 1out
this will stop the propagation of that specific network address from all interfaces R3(config)distribute 1 out e0/ now it blocks propagating network address from port e0/0 only
Configure a prefix-list to block any 150.1.0.0/16 network with a mask of greater than 20 propagating in to R R2(config)ip prefix-list PL1 150.1.0.0/ R2(config)ip prefix-list PL1 0.0.0.0/0 le 32
this will block nothing because the IP range does not have mask of 16 INSTEAD, we add ge 21 according to the question R2(config)ip prefix-list PL1 150.1.0.0/ R2(config)ip prefix-list PL1 0.0.0.0/0 le 32 R2(config)router eigrp 111 R2(config)distribute-list prefix PL1 in
- Looking at the diagram, summary of network 106.1.0.0/24 is sent both ways and the best path will always be 192.1.56.0/24. - EIGRP allows you to specifically/manually allow a network to go through a backup route which is through R4. -
- A loopback bandwidth is always 800Gbps - Delay of an ethernet interface is 1000 and delay of a loopback is 5000. - MIN means minimum.
R5(config)do sh ip eigrp topology
shows all the best routes a network takes to get to another route R5(config)do sh ip eigrp topology 106.1.7.0/ shows the routes to this address with all the details R5(config)do sh ip eigrp topology 106.1.6.0/ shows the routes to this address with all the details
- To get to network 10.0.0.0/8 from R1 the Composite Cost/Feasible distance is 1. - To get to network 10.0.0.0/8 from RA the CC/FD is 11 because it adds the value of its own link which is 10 to the Vector Metric/Reported Distance by the R1. - Likewise, From RB it costs 21 and from RC it costs 3. - The table is built in RA, RB, & RC in RD/FD format to get to the network 10.0.0.0/8.
- From R2 to network 10.0.0.0/8 best path/successor is RouterC because cost metric is 13 compared to RouterB 31 & RouterA 38. - Now to find the feasible successor/backup route one of the other two routers should pass the feasibility condition. - Feasibility condition is the cost of the Reported distance of other routers should be less than the current best cost metric. This Is to avoid creating loops. - So, in that case RouterA will fulfill the feasible successor criteria because its reported distance is less than best cost metric. - What is RouterC goes down, what link would R2 would send its traffic? - The answer is RouterA because it is the feasible successor Router. - RouterB will just stay as failed feasibility successor criteria. - If any of the other two routers does not meet the Feasibility successor criteria , the network can remain without Feasible Successor. - If there is no Feasible Successor and the link between R2 & RC breaks down, in this case R2 goes into ACTIVE State and will send a packet called QUERY Packet to all its neighbor requesting the metric to 10.0.0.0/8. Neighbors will send all the details and again
R2(config-router-af)af-interface e0/ R2(config-router-af)authentication mode md R2(config-router-af)authentication key-chain AAA
EIGRP Named mode can run along EIGRP Class, This was the example of MD5 authentication between classic and Named
R2(config)router eigrp Router R2(config-router)address-family ipv4 unicast autonomous-system 111 R2(config-router)af-interface e0/ R2(config-router-af)authentication mode hmac-sha-256 cisco
this is the only commanded need to activate SHAW authentication
R3(config)router eigrp Router R3(config-router)address-family ipv4 unicast autonomous-system 111 R3(config-router)af-interface e0/ R3(config-router-af)summary-address 101.1.8.0 255.255.252.
summarization is done under the interface only
- Configuration can only be done on interface R3(config)router eigrp Router R3(config-router)address-family ipv4 unicast autonomous-system 111 R3(config-router)af-lo R3(config-router-af)passive-interface