EIGRP

From Network Security Wiki


EIGRP neighbourship requirements

  • Same Autonomous system
  • Same authentication configuration
  • Same K-values
  • Timers are not mandatory to match

Struck-in-active

        This section needs to be Summarized & Consized.

Source: [networktanks.com]

  • SIA means that the router is involved in a diffusing computation for a new path to some network, and this computation seems to be stalled because some expected replies have not arrived in a reasonable time.
  • In EIGRP, the diffusing computation is a process of asking the neighboring routers to assist in locating a replacement path to a network for which the usable path has been lost.
  • In a diffusing computation, a router sends Query packets to its neighbors, informing them about its current distance from the destination, and asking them for their own distance.
  • If the neighbor is not affected by the Query, it just sends a Reply packet right away with its own current distance to the destination.
  • If the Query has affected the neighbor in such a way that it also lost the path to the destination (which could have happened if that router was using us as its next hop), it will send a Query on its own to its own neighbors.
  • After sending a Query to its neighbors, a router must wait for Reply packets from all routers to arrive, and only then it can make the selection and start sending Replies itself.
  • If, in this chain of events, any router has trouble getting all Reply packets its needs, the diffusing computation can not be completed, and the new path to the destination can not be established.
  • This is called Stuck in Active.
  • In well behaved networks, SIA states should not happen. They occur with, say, overloaded links, overutilized CPUs on routers, bugs in IOS, etc., but normally, they should not appear.
  • By default, a SIA state is declared if the diffusing computation could not be completed in 3 minutes (180 seconds).
  • In EIGRP, if a router loses a route, and we don't have a feasible successor for that route, then it sends out queries to the neighboring routers to recompute the new route, this process takes the route into the active state.
  • In EIGRP, if the route is established, and it is not looking to recompute it, then it is known to be in Passive State, but if the route is lost with no FS, then queries are sent out all neighboring interfaces to check the alternative path to the route.
  • If the alternative route is found on some neighbor device, then the query ends there.
  • If the alternative route is not found on any receiving neighbor router, then all the neighbor routers send queries to there neighbors except to those from where it received the query(Remember Split Horizon).
  • The queries then starts to propagate through the network depends to design/topology.
  • When a router reponds to the query, it stops propagating on that part of the network, but queries are still propagating in the other parts of the network, as they are looking for a alternative path to the route.
  • Also, there must be a reply received for every query, otherwise the route will always be in active state.
  • A route goes into stuck-in-active(SIA) state, if it doesn't gets a reply of all the queries within 180 seconds/3 minutes(default-settings).
  • So, you can use any value between 1 and 65535.
  • What exactly cause route to fall in SIA state?
  • Router have CPU Usage or memory problem and is unable to build the reply packet.
  • There can be a Unidirectional Link Failure, which causes traffic to move only in one direction.
  • There can be a bad link between two routers and due to this query/reply packets are lost.
  • Many network engineers around the world take some errorneous approach of using multiple AS to decrease stuck-in-active issues, This type of approach is like simulation of OSPF.
  • The problem with this type of design is that original query can be resolved at the edge of the AS, but then the edge router will start a new query in other AS, which can result in SIA State.
Prevention of SIA Connections

To limit EIGRP Query Range for better design and scalability:

  • With the help of Route Summarization
  • Summarization minimizes the size of Routing Table, which indicates less memory and CPU usage.
  • It also helps minimizes networks becoming SIA, because it reduces the number of routers to see each query.
  • Configuring Stub Routers
  • Stub Routers can be configured in Hub and Spoke Topology, Spoke Routers can be configured as stub for good design, as spoke routers won't be in the transit.
  • Hello Packet includes stub flag information.
  • Any neighbor that receives a packet informing it of the stub status does not query the stub router for any routes. Therefore, a router that has a stub peer does not query the peer.
  • Cisco IOS12.1(5) introduced a new feature called Active Process Enhancement.
  • This feature also introduces two new packet types :
  • SIA Query
  • SIA Reply
  • This feature ensures that neighbor adjacencies won't get terminated unintendedly.

R&S Quick Notes

  • Advertising a default route out one interface:
ip summary-address eigrp [AD] 0.0.0.0 0.0.0.0
  • To see if a neighbor is configured as STUB:
show ip eigrp neighbors [detail]     =>   look for ‘CONNECTED SUMMARY’
  • On frame-relay multipoint interfaces disable split-horizon.
  • External EIGRP routes AD (admin distance = 170) can NOT be changed on per prefix basis.
  • Metric weight values:
   1 0 1 0 0 = Default
   0 0 1 0 0 = Only DLY
   1 0 0 0 0 = Only BW
   3 0 1 0 0 = BW has 3 times more weight reference than DLY
  • Metric formula:
  Metric = ((107 / BW) + (DLY/10) ) * 256

EIGRP Note 2

  • EIGRP runs on ip protocol 88, ospf 89
  • Eigrp is hybrid protocol and has some properties of distance vector and some link state.
  • Distance vector - Only knows what its directly connected neibors are advertizing and link state because it form adjancies .
  • Inorder to form adjancency EIGRP AS no should be same between neihbours.
  • EIGRP Multicast adress - 224.0.0.10
  • EIGRP is like bgp will only advertize the route which is going to install in routing table.
  • EIGRP classes protocol does automatic summary by default, so we need to disable the automatic summarisation (no auto summary)
  • EIGRP does spilt horizon, in case of DMVPN we need to disable the split horizon so that routes learned on tunnel interface through one spoke need to advertize to other spoke through same tunnel interface.
  • Passive interface command works silghtly different in EIGRP, it stops sending multicast/unicast hello to nei thus prevent forming adjancies.
  • Issuing a neighbour statment in eigrp on a link means it stops listen to mutlicast address so we need to specify the neighbour mannuly to other side to form adjancies.
  • Timers in EIGRP is not nessescary to match to form adjancey.
  • EIGRP - Metric calculation by bandwidth, delay, relibilty, load MTU.
  • Bandwidth is scaled as minimum bandwidth and total delay, highest load, lowest reliablilty while calculating composite metric.
  • Feasible distance is best metric along the path and its successor metric .
  • EIGRP - FD-is best metric along the path to desination router including metric to reach the neibor
  • Advertised distance -total metric along the path advertized by up stream router.
  • A router is feasible successor if AD<FD of successor
  • FD is used for loop avoidance. spilt horizonrule -never advertized the route on the interface on which it is learned.
  • Feasible succesors are only candidates for unequal path load balancing.
  • Load balancing is done in EIGRP though unequal cost paths through variance multiplier.
  • EIGRP is only routing protocol that supports load balancing across unequal path unlike like rip, ospf, Isis.
  • FD <= FSx variance (FD) then the path is choosen for unequal cost load balancing.
  • EIGRP traffic eng. could be easily achieved by modify the delay value instead of bandwidth.
  • EIGRP command
sh ip eigrp nei
sh ip eigrp nei de
sh ip eigrp topology
sh ip eigrp route
  • Equal cost load balancing the traffic is distributed based on CEF. To turn off cef on interface do (no ip route-cache)
  • SIA -Stuck in active, If router receive a queries for destination network it taking too much time to respond be because of network flap or some network condition occur route is considered in SIA state.
  • We can tune the amount of time router should wait before putting route in SIA state by timers acive-time command
  • To check which routers have not replied with queries issue sh ip eigrp topolgy, router denoted by R meaning waiting for replies.
  • EIGRP perpforms auto summarization for a n/w when crossing a major n/w boundary
  • Split horizon should only be disabled on a hub site in a hub-and-spoke network:
no ip split-horizon eigrp x
  • EIGRP router id helps in loop prevention for external routes which says if I gets the routes with orignator that is equal to my router id then I will discard the routes.
  • EIGRP provides faster convergnece as it doesnot need to run dual algo in case if there is feasible successor for the path, else if router do not have route it will send the query to its neibour router which will further progates the query to there neibours if the router does not recive the reply from the neibour before the timer expires it will mark this route in Stuck in active state and reset its neibour relationship if all its query are not answered with time time period.
  • While in OSPF if the primary path goes down, it need to send the LSA and SPF algo is run again.
  • dcesor in mind.
  • There is ways to bound the query domain You can do in either of 2 ways or both
1) Using Summary routes -ip summary-address eigrp 'as' [network] [mask] [ad]
If RouterA sends a query message to RouterB and summarization is in use, RouterB will only have a summary router in its EIGRP topology table not the exact prefix match of the query and will therefore send a network unknown response back to routerA. This stops the query process immediately at RouterB, only one hop away.

2) Using Stub  -
router eigrp 1
eigrp stub 'arguments' 

The default arguments are connected and summary this means it will advertised connected and summary routes only. 
A router will inform it neighbor of it stub status during the neighbor adjacency forming

Stub routers tell their neighbors - do not send me any queries. Since no queries will be sent, it is extremely effective. However, it is limited in where you can use it. It is only used in non-transit paths and star topologies.

3. filtering the prefix 
please note Eigrp neighbor router  will propagate query received from neighbor router only if it has the extact match for the route ints topology table, if router doesnot have exact route in toplogy table it will send the reply with route unknow to its neighbor and further query will not be propagated .

4.Different AS domains
Different EIGRP AS numbers. EIGRP processes run independently from each other, and queries from one system don\92t leak into another. However, if redistribution is configured between two processes a behavior similar to query leaking is observed.
  • Both IGRP and EIGRP use an Autonomous System (AS) number and only routers using the same AS number can exchange routing information using that protocol. When routing information is propagated between IGRP and EIGRP, redistribution has to be manually configured because IGRP and EIGRP use different AS numbers. However, redistribution occurs automatically when both IGRP and EIGRP use the same AS number


{{#widget:DISQUS |id=networkm |uniqid=EIGRP |url=https://aman.awiki.org/wiki/EIGRP }}

Retrieved from "https://aman.awiki.org/wiki/EIGRP?oldid=4517"