- Enchanced interior gateway routing protocol
- Point-to-multipoint setup
- Diffusing update algorithm (DUAL)
- Convergence
- Authentication
- RIB scale
- Redistribute
- IPv6
- Graceful restart
- MPLS
- AddPath
- Over-the-top (OTP)
- Conditional receive
- ACL
- Maximum prefix
Enchanced interior gateway routing protocol
- IP 88, CS6
- 224.0.0.10, 0100.5e00.000a
- ff02::a, 3333.0000.000a
- reliable transport protocol (RTP):
- not TCP, because operates over mcast
- by default split horizon & poison reverse are enabled everywhere
- 500 routers per AS – limitation based on DUAL (Query flood)
- AD
- internal: 90
- external: 170
- if changed, neighbourship is reset
- 32bit metric
- if routes have same metric, traffic-share has no effect
- auto-redistribute between EIGRP and IGRP within same AS
- several processes with the same AD receive same prefix (bad design):
- lowest metric
- lowest AS
- refreshes RIB timers on prefix update in topology table (not only on change!)
Named mode
- 64bit metric
- RIB scale: 64bit metric → 32bit metric (metric unit in RIB)
- if 64bit metric (named mode) cannot be scaled down to 32bit (numbered mode)
- Query with new metric is sent ⇒ neigbour learns new metric
- prefix is not included into Update towards neighbour with numbered mode
- prefix is not installed in RIB
; assigns tag to internal self-originated prefixes
(config-router-af)# eigrp default-route-tag <N>; lists IPv4 and IPv6 AF for named mode, no passive interfaces shown
# show eigrp protocolsMetric
- change of bandwidth, delay – trigger Update
- change of reliability, load, MTU – no Update triggered irrespective to K-values; values – snapshots at prefix creation
- delay = 0xffffffff ≡ infinity
- prefix metric is modified on ingress
- wide metric:
- 256 multiplier → 65536 multiplier
- delay – picoseconds
- BW ≤ 1Gbps or manual BW/delay: usual calculation
- BW > 1Gbps and no manual config: 10¹³/(interface BW in kbps)
(config-router)# default-metric <M1> <M2> <M3> <M4> <M5>
; tunes delay to match METRIC (256 ≡ +10µs)
(config-router)# offset-list <ACL> in|out <METRIC> [<INTF>]Timers
- hello
- Hello frequency
- local value is used
- 5s by default (including P2P FR)
- 60s: BW < T1, e.g., FR P2M, ATM
- hold
- how long to wait for reply from neighbour
- value, supplied by neighbour, is used
- 3 times longer than hello by default
- not adjusted to hello automatically
- SRTT
- smooth round-trip timer
- used to calculate RTO and multicast flow timer
- time to send-receive reliable packet
- multicast flow timer
- how long to wait for reply to multicast message
- if no reply received, unicast message is sent
- RTO
- retransmission timeout, ∈ [0.2s; 5s]
- unicast message timeout
- 16 sequential timeouts → tear neighbourship if hold timer expired (hold timer is active ≡ it is refreshed by Hello)
- if hold > 80s (5s × 16), retransmit may be larger than 16
- Active
- SIA timeout
- 3 mins by default
(config-if)# ip hello-interval eigrp <ASN> <sec>
(config-if)# ip hold-time eigrp <ASN> <sec>Neighbourship
- interface addresses are in the same subnet; subnets may differ, e.g., 10.0.0.1/24 and 10.0.0.2/30
- match: ASN, K-values
- not required to match: timers, MTU
- not required to be different: RID (bad design, may lead to prefix being ignored)
- if unicast neighbourship is enabled, only Hello from configured neighbours are accepted
- between primary addresses
- Hello is accepted on secondary address
- secondary ≡ connected, falls under split-horizon, participates in IGP
; distinguish unicast and mcast neighbours
# show ip eigrp neighbor [detail]RID
- selection
- manual
- loopback:
- IOS: largest address from up/up loopback
- NX-OS: loopback0
- largest address from non-loopback not in admin-down (down/down – valid!)
- must be different for
- external routes: routes with RID, equal to local value, are ignored
- internal routes: starting from IOS 15.0 RID is included as well – external route behaviour
- NX-OS: if blank loopback0 is assigned address – reset EIGRP process to get RID from loopback0
Messages
- Hello
- mcast
- find new neighbours, keepalive to existing ones
- receiving any EIGRP packet ≡ receiving Hello
- Update
- uses RTP
- contents: prefix { prefix length, BW, delay, reliability, load, MTU, hop count }
- mcast
- unicast: on NBMA and P2P, on synchronization, on retransmit
- subject to split-horizon and poison reverse: metric = infinity (0xff..ff)
- Query
- uses RTP
- mcast
- unicast: on P2P, on retransmit
- Reply
- uses RTP
- unicast only
- Ack
- confirm Update, Query, Reply
- Hello with RTP contents
- unicast only
- alternatives
- Update with poison reverse on prefix
- any reliable unicast packet: contains ack number
EIGRP header
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (2) | Opcode | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ack |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ASN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
\ \
/ TLV /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Opcode
- 1: Update
- 3: Query
- 4: Reply
- 5: Hello
- 10: SIA-Query
- 11: SIA-Reply
Ack:
- 0x00000000: mcast, ≡ Hello packet
- non-zero: unicast, acknowledge packet – last heard sequence (not next expected as in TCP)
Flags:
- 0x01: init
- set in the first Update
- 0x02: CR-mode
- conditional receive
- 0x04: restart (NSF)
- signals the beginning of restart
- 0x08: end-of-table
- signals that the whole RIB has been sent ≡ end of NSF restart ⇒ stale routes can be removed from RIB
TLV types:
- general
- 0x0001: EIGRP parameters
- K-values, holdtime
- if all parameters are 0xFF ≡ peer-termination
- 0x0002: Authentication type
- 0x0003: Sequence
- 0x0004: Software version
- 0x0005: Next Multicast Sequence
- 0x0001: EIGRP parameters
- IP specific
- 0x0102: IPv4 internal route
- 0x0103: IPv4 external route
- 0x0402: IPv6 internal route
- 0x0403: IPv6 external route
- Nultiprotocol
- 0x0602: AFI internal route
- 0x0603: AFI external route
IP internal route TLV
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x0102 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next hop |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Delay |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Bandwidth |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MTU | Hop count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reliability | Load | Internal tag | Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Prefix length | Destination (zero-padded) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Hop count: 0 for directly connected
Destination: significant MSB part of prefix (10.1 for 10.1.0.0/16), variable length
Flags (0x00 in practice):
- 0x01: source withdraw
- 0x02: candidate default
- 0x04: active state
- 0x08: route is replicated from another VRF
IP external route TLV
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x0103 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next hop |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Originating router RID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Originating ASN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Administrative tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| External protocol metric |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | Ext Proto ID | Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Delay |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Bandwidth |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MTU | Hop count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reliability | Load | Internal tag | Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Prefix length | Destination (zero-padded) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
External protocol ID:
- 1: IGRP
- 2: EIGRP
- 3: static
- 4: RIP
- 6: OSPF
- 7: IS-IS
- 8: EGP
- 9: BGP
- 10: IDRP
- 11: connected
Multiprotocol TLV
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Topology ID | AFI |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Originating router RID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Offset | Priority | Reliability | Load |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MTU | Hop count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Delay +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Bandwidth +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+ <-- extended attributes insertion
| Next hop | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| External RID | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| External ASN | \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > for external
| Administrative tag | /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| External protocol metric | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| Reserved | Ext Proto ID | Flags | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
| Prefix length | Destination (zero-padded) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AFI:
- 1: IPv4
- 2: IPv6
Offset: 16bit units, extended attributes (TLV) size after metrics
- 0: NoOp
- 1: scaled metric
- 2: administrator tag
- 3: community list
- 4: jitter
- 5: quiescent energy
- 6: energy
- 7: AddPath
CLI
IOS XE
; mark network as candidate default, not used by this router, CLASSFUL must be in RIB
(config)# ip default-network <CLASSFUL>; disables sending and receiving Hello, does not announce prefix by itself (network cmd required)
(config-router)# passive-interface <INTF>|default
; disables mcast Hello for the interface, unicast neighbours only
(config-router)# neighbor <IP> <INTF>
; applied to all interfaces by default
; if global and interface ACLs are defined, their intersection takes effect
(config-router)# distribute-list <ACL> [out <INTF>] [in <INTF>]
; sets AD for routes from neighbours, who match IP + wildcard; internal prefix only
(config-router)# distance <AD <IP> <WILDCARD> [<ACL>]
; enabled by default, include metric in balancing decision
(config-router)# traffic-share balanced
; send traffic towards lowest metric, other routes are on standby in RIB
(config-router)# traffic-share min
; ECMP
(config-router)# traffic-share min across-interfaces
; 500 default, for show ip eigrp events
(config-router)# eigrp event-log-size <N>
(config-router)# bfd all-interfaces|interface <INTF>; EIGRP packet statistics
# show ip eigrp traffic
; hidden
# show ip eigrp events
; does not show passive interfaces
# show ip eigrp interfaceNX-OS
(config)# feature eigrp(config-if)# ip router eigrp <ASN>Point-to-multipoint setup
; EIGRP traffic share, 50% by default
; logical and physical interfaces
; calculated using logical speed → may be higher than 100%
(config-if)# ip bandwidth-percent eigrp <ASN> <PERCENT>Diffusing update algorithm (DUAL)
- process
- state → active
- successor and feasible successor are lost
- AD from both successor and feasible successor are larger than current FD
- received Query from successor with no feasible successor available
- send Query to all neighbours except for old successor and feasible successor, not subject to split horizon
- neighbour’s prefix state equals to
- passive:
- send Reply that route is loop-free (≡ passive)
- do not spread Query further
- active
- send out Query to neighbours
- do not send own Reply unless own Query is replied to by everyone
- Query for prefix counts as Reply (no prefix available); Reply to this Query is sent immediately with Infinity metric (since there is no P → A state transition)
- does not exist
- send Reply with Infinity
- passive:
- all Reply received ≡ routes are loop-free, best route can be safely selected
- state → active
- during DUAL prefix is frozen in RIB (counterpart of RIP holddown)
(config-router)# timers active-time <mins>|disabledStuck in active (SIA)
- prefix state, if not all Reply are received during Active timer
- IOS version
- < 12.2: tear down neighbourship with routers that did not respond
- ≥ 12.2
- SIA process
- send SIA-Query at half of Active timer
- if SIA-Reply is received, reset Active timer
- send up to 3 SIA-Query
- SIA-Reply to the last SIA-Query does not reset Active timer
- total wait time: 360s default (90 + 90 + 90 + 90)
- send SIA-Query at half of Active timer
- SIA-Query and SIA-Reply use RTP
- SIA process
Convergence
- 100ms for 1000 prefixes, 1.2s for 10k prefixes
- acceleration:
- feasible successor
- stub
- every hop along Query path adds ≈200ms to convergence time
Successor and feasible successor
; successor and feasible successor, all-links ≡ show all paths
# show ip eigrp topology [all-links]
; show reason for Query
# show ip eigrp topology activeStub
- does not announce prefixes, received via EIGRP
- neighbours do not send Query to stubs
- prevents traffic transit through branch
- marker – stub bit in Hello
- options:
- connected
- default
- announce connected prefixes, if they are enabled by network command
- summary
- default
- announce manual and auto summaries
- static
- announce static routes, if they are redistributed
- leak-map
- announce more specific prefixes, falling under summary
- announce matching EIGRP prefixes further via EIGRP
- redistributed
- receive-only
- connected
; connected and summary by default
(config-router)# eigrp stub 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x0006 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Options:
- 0x0001: connected
- 0x0002: static
- 0x0004: summary
- 0x0008: redistribute
- 0x0010: leak-map
- 0x0020: receive-only
Summary
- AD = 5 by default – prevent routing loops
- if Query received, Reply is sent immediately, Query is not forwarded further
- if ingress Query prefix falls under announced egress summary prefix
- if Query prefix has no exact match in topology table (summary is not exact)
- internal route; if external prefix matches summary – announce external
- metric: best metric out of sub-prefixes, not best components
- next-hop = Null0 (including auto-summary)
; default, starting from IOS 15.0
; does not summarize external routes (but removes them from Update if fall under internal summary)
(config-router)# no auto-summary; causes neighbourship reset or resync
(config-if)# ip summary-address eigrp <ASN> <PREFIX>Loop-free alternative (LFA)
- extra conditions for feasible successor
- installs 1 backup path in RIB and FIB
- per-prefix
- named mode only
- tie-breakers: the lower the priority, the better
- SRLG: 10 default
- intf-disjoint:
- 20 default
- backup route cannot egress via the same interface, as primary
- lowest metric: 30 default
- linecard-disjoint: 40 default
- paths in RIB (ECMP or variance) are not considered as valid for backup
(config-router-af-topology)# fast-reroute per-prefix all|route-map <RMAP>
; use tie-breakers, off default ≡ several backups aka feasible successors
(config-router-af-topology)# fast-reroute load-sharing disable
(config-router-af-topology)# fast-reroute tie-break <RULE> <PRIORITY># show ip eigrp topology frrAuthentication
- key ID must match
- lower key ID is preferred
- authC change triggers neighbourship reset
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0x0002 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AuthType | AuthLength | AuthData (variable length) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
AuthType:
- 0x02: MD5
- 0x03: SHA
RIB scale
R1, R3 = numbered mode, R2 = named mode
- 1.1.1.1/32 gets metric on R2, larger than 32bit ⇒ does not fit into RIB through RIB scale
- R2 sends Query with correct metric components (not infinity!)
- R3 updates its metric components from Query, responds with Reply
- R2 has no route in RIB (FD = infinity), R3 installs new metric ⇒ blackhole
- Further Updates from R2 do not remove 1.1.1.1/32
; 128 default, named mode only, 64bit → 32bit (size of RIB metric)
(config-router)# metric rib-scale <N>Redistribute
Redistribute OSPF → EIGRP + no ip next-hop-self ⇒ next-hop in TLV = R3 (not valid for static)
; includes routes from RIB and connected routes of IGP-enabled interfaces
(config-router)# redistribute <IGP>
; metric is taken from egress interface (connected or leading to next-hop)
(config-router)# redistribute connected|static
; eBGP only by default
(config-router)# redistribute bgpIPv6
; includes IGP-enabled prefixes as well
(config-router)# redistribute <IGP> include-connected
; 16 default
(config-router)# maximum-path <N>
; shutdown by default for numbered IPv6 EIGRP
(config-router)# no shutdownGraceful restart
- router, that is going to restart, sends Hello with Kn = 255 and RS bit set
- neighbour purges stale entries after receiving EOT bit
- if there is no GR, neighbourship would flap → causes Query
(config-router)# nsf
; 240s default, NSF-aware, time to store routes from neighbour, who started graceful restart
(config-router)# timers graceful-restart purge-time <sec>MPLS
- MP-BGP carries EIGRP information of a prefix in extended communities
- communities
- 0x8800: flags, tag
- 0x8801: ASN, delay
- 0x8802: reliability, hop count, BW
- 0x8803: reserved, load, MTU
- 0x8804: remote ASN, remote RID
- 0x8805: remote protocol, remote metric
- 0x8806: originating RID
- internal prefix is completely restored from extended communities if ASNs match (otherwise – regular redistribute ≡ external prefix)
- default-metric is still required
- communities
- protection against loops and count-to-infinity
- pre-bestpath cost community
- Site of Origin (SoO)
Cost-community
- added by default on redistribute
- POI = 0 (pre-bestpath), default insertion – after IGP cost (RFC)
- community ID
- 128: internal
- 129: external
- internal has more priority over external
- carried over iBGP and confederation eBGP
- if absent from other Update, value of 0x7fffffff is assumed
- by default, if cost-community wins, only metrics are compared (AD is not), best metric → RIB (EIGRP only)
; enables AD comparison between iBGP and EIGRP, does not add cost-community, VRF-only
(config-router-af)# no populate bgp-ext-commSite of Origin (SoO)
- BGP extended community
- place in network: VRF interface on PE, backdoor interface
- if prefix is received on interface with SoO configured:
- SoO configured = SoO on prefix → drop, because it is indicator of loop
- pass through otherwise
- SoO added to prefix:
- set by BGP only; set only once, not changed in transit
- preserved on import from BGP
- EIGRP Update is not appended with SoO on backdoor interfaces
- if SoO on prefix and interface match, EIGRP Update is still sent (supposed to be dropped on other side only – account for multiaccess backdoor)
(config-route-map)# set extcommunity soo <VALUE>; VRF PE – set SoO, backdoor – filter EIGRP Update based on SoO
(config-if)# ip vrf sitemap <MAP>AddPath
- announce several next-hops using extended attributes
- must be supported by both peers
- incompatible with variance
- split horizon and next-hop-self must be disabled
- named mode only
- no ECMP mode
- by default first entry in topology table must be reachable via same interface
- if true, next-hop is not set to own address
- if prefix is announced to another tunnel and 1st entry has other interface than egress interface, next-hop is set to own address
- no-ecmp-mode searches all entries in topology table
- if there is an entry through egress interface – preserve next-hop
- useful for dual-hub DMVPN deployment
- by default first entry in topology table must be reachable via same interface
R4 receives only one next-hop from R1.
If AddPath is enabled, R4 receives both next-hops: R2 and R3.
(config-router-af-interface)# no split-horizon
(config-router-af-interface)# no next-hop-self [no-ecmp-mode]
; 0 by default, number of extra paths
(config-router-af-interface)# add-path <N> Over-the-top (OTP)
- establish neighbourship with non-directly connected peers
- data plane – LISP (UDP 4343), DF bit
- Route Reflector:
- establishes session with spokes
- forwards Update between spoke without next-hop change: no split-horizon and no next-hop-self
- supports SGT
- named mode only
- metric for Update through LISP interface is modified on egress (usually on ingress)
; TTL = 100 by default, INTF must be enabled by network command
(config-router-af)# neighbor <IP> <INTF> remote [<MAX_HOPS>] lisp-encap
; RR config, INTF must be enabled by network command
(config-router-af)# remote-neighbors source <INTF> unicast-listen lisp-encap (config-router-af-topology)# cts propagate sgtConditional receive
- neighbour, that is lagging behind, may receive mcast Update(n+1) before receiving retransmitted unicast Update(n)
- TLVs
- Next Multicast Sequence
- in Hello
- sequence number of the next reliable mcast
- neighbours switch to CR-mode
- Sequence
- list of IPs that belong to lagging neighours
- lagging neighbours do not switch to CR-mode
- Next Multicast Sequence
- CR flag: processed only by routers in CR-mode
ACL
- extended ACL for filtering match on: source IP, prefix
- extended ACL for redistribution on: prefix, mask
Maximum prefix
- limit the number of prefixes from neighbour
- if exceeded, tear down the adjacency, ignore temporarily and then retry
- if error persists, manual restart is required
; limit prefixes from mcast neighbour, THRESHOLD = 75% by default, generates warning
(config-router)# neighbor [<IP>] maximum-prefix <N> [<THRESHOLD>] [warning-only]
; disabled by default, with every error multiplies restart-time by 1.5 times
(config-router)# neighbor maximum-prefix <N> dampened
; 5 minutes by default, how long to ignore
(config-router)# neighbor maximum-prefix <N> restart <mins>
; 3 by default, how many times to try establish adjacency automatically
(config-router)# neighbor maximum-prefix <N> restart-count <M>
; 15 minutes by default, resets restart-count
(config-router)# neighbor maximum-prefix <N> reset-time <min>(config-router-af-topology)# redistribute maximum-prefix <N> ...; restore peering after restart-count is crossed
# clear ip route *
# clear ip eigrp neighbor
# clear eigrp address-family neighbor
Networking and IT 