EIGRP

From Network Security Wiki
Jump to navigation Jump to search


EIGRP neighbourship requirements

  • Same Autonomous system
  • Same authentication configuration
  • Same K-values
  • Timers are not mandatory to match

R&S Quick Notes

  • Advertising a default route out one interface:
ip summary-address eigrp [AD] 0.0.0.0 0.0.0.0
  • To see if a neighbor is configured as STUB:
show ip eigrp neighbors [detail]     =>   look for ‘CONNECTED SUMMARY’
  • On frame-relay multipoint interfaces disable split-horizon.
  • External EIGRP routes AD (admin distance = 170) can NOT be changed on per prefix basis.
  • Metric weight values:
   1 0 1 0 0 = Default
   0 0 1 0 0 = Only DLY
   1 0 0 0 0 = Only BW
   3 0 1 0 0 = BW has 3 times more weight reference than DLY
  • Metric formula:
  Metric = ((107 / BW) + (DLY/10) ) * 256

Struck-in-active

   Ambox notice.png     This section needs to be Summarized & Consized.

Source: [networktanks.com]

  • SIA means that the router is involved in a diffusing computation for a new path to some network, and this computation seems to be stalled because some expected replies have not arrived in a reasonable time.
  • In EIGRP, the diffusing computation is a process of asking the neighboring routers to assist in locating a replacement path to a network for which the usable path has been lost.
  • In a diffusing computation, a router sends Query packets to its neighbors, informing them about its current distance from the destination, and asking them for their own distance.
  • If the neighbor is not affected by the Query, it just sends a Reply packet right away with its own current distance to the destination.
  • If the Query has affected the neighbor in such a way that it also lost the path to the destination (which could have happened if that router was using us as its next hop), it will send a Query on its own to its own neighbors.
  • After sending a Query to its neighbors, a router must wait for Reply packets from all routers to arrive, and only then it can make the selection and start sending Replies itself.
  • If, in this chain of events, any router has trouble getting all Reply packets its needs, the diffusing computation can not be completed, and the new path to the destination can not be established.
  • This is called Stuck in Active.
  • In well behaved networks, SIA states should not happen. They occur with, say, overloaded links, overutilized CPUs on routers, bugs in IOS, etc., but normally, they should not appear.
  • By default, a SIA state is declared if the diffusing computation could not be completed in 3 minutes (180 seconds).
  • In EIGRP, if a router loses a route, and we don't have a feasible successor for that route, then it sends out queries to the neighboring routers to recompute the new route, this process takes the route into the active state.
  • In EIGRP, if the route is established, and it is not looking to recompute it, then it is known to be in Passive State, but if the route is lost with no FS, then queries are sent out all neighboring interfaces to check the alternative path to the route.
  • If the alternative route is found on some neighbor device, then the query ends there.
  • If the alternative route is not found on any receiving neighbor router, then all the neighbor routers send queries to there neighbors except to those from where it received the query(Remember Split Horizon).
  • The queries then starts to propagate through the network depends to design/topology.
  • When a router reponds to the query, it stops propagating on that part of the network, but queries are still propagating in the other parts of the network, as they are looking for a alternative path to the route.
  • Also, there must be a reply received for every query, otherwise the route will always be in active state.
  • A route goes into stuck-in-active(SIA) state, if it doesn't gets a reply of all the queries within 180 seconds/3 minutes(default-settings).
  • So, you can use any value between 1 and 65535.
  • What exactly cause route to fall in SIA state?
  • Router have CPU Usage or memory problem and is unable to build the reply packet.
  • There can be a Unidirectional Link Failure, which causes traffic to move only in one direction.
  • There can be a bad link between two routers and due to this query/reply packets are lost.
  • Many network engineers around the world take some errorneous approach of using multiple AS to decrease stuck-in-active issues, This type of approach is like simulation of OSPF.
  • The problem with this type of design is that original query can be resolved at the edge of the AS, but then the edge router will start a new query in other AS, which can result in SIA State.

Prevention of SIA Connections

To limit EIGRP Query Range for better design and scalability:

  • With the help of Route Summarization
  • Summarization minimizes the size of Routing Table, which indicates less memory and CPU usage.
  • It also helps minimizes networks becoming SIA, because it reduces the number of routers to see each query.
  • Configuring Stub Routers
  • Stub Routers can be configured in Hub and Spoke Topology, Spoke Routers can be configured as stub for good design, as spoke routers won't be in the transit.
  • Hello Packet includes stub flag information.
  • Any neighbor that receives a packet informing it of the stub status does not query the stub router for any routes. Therefore, a router that has a stub peer does not query the peer.
  • Cisco IOS12.1(5) introduced a new feature called Active Process Enhancement.
  • This feature also introduces two new packet types :
  • SIA Query
  • SIA Reply
  • This feature ensures that neighbor adjacencies won't get terminated unintendedly.


blog comments powered by Disqus