EIGRP – Sass Learns https://sassenachlearns.com/ Sun, 25 Jun 2023 13:16:55 +0000 en-US hourly 1 https://wordpress.org/?v=6.2.2 The Impact of EIGRP on Network Security: What You Need to Know https://sassenachlearns.com/2023/06/25/the-impact-of-eigrp-on-network-security-what-you-need-to-know/ https://sassenachlearns.com/2023/06/25/the-impact-of-eigrp-on-network-security-what-you-need-to-know/#respond Sun, 25 Jun 2023 13:16:51 +0000 https://sassenachlearns.com/?p=239 In the world of computer networking, security is a critical concern. As networks become more complex and interconnected, ensuring data confidentiality, integrity, and availability is of utmost importance. One protocol that plays a significant role in network security is the Enhanced Interior Gateway Routing Protocol (EIGRP). Understanding the impact of EIGRP on network security is crucial for network administrators and security professionals alike. This article will delve into the key aspects of EIGRP and its implications for network security.

EIGRP is a routing protocol developed by Cisco Systems and is widely used in enterprise networks. It is known for its advanced features, scalability, and fast convergence time. EIGRP operates within an autonomous system (AS) and uses the Diffusing Update Algorithm (DUAL) to calculate the best path for routing traffic. While EIGRP primarily focuses on optimizing network performance and efficiency, its design and functionality affect network security.

One of the key security benefits of EIGRP is its support for authentication. EIGRP provides a mechanism for securing routing updates and preventing unauthorized access to routing information. Network administrators can ensure that only trusted routers can participate in EIGRP routing exchanges by implementing authentication. This helps mitigate the risk of rogue routers or unauthorized devices influencing the routing decisions within the network.

Another important aspect of EIGRP’s impact on network security is its interaction with other security measures, such as access control lists (ACLs) and firewall policies. EIGRP allows network administrators to define filters and distribute access lists to control which routes are advertised or accepted by neighbouring routers. By selectively filtering routes based on various criteria, administrators can implement granular control over the flow of network traffic, improving security by limiting the exposure of sensitive information.

Moreover, EIGRP supports using Virtual Private Networks (VPNs) for secure communication between geographically dispersed networks. By leveraging EIGRP with VPN technologies, organizations can create secure tunnels over public or untrusted networks, ensuring the confidentiality and integrity of data transmitted between sites. This capability is particularly valuable for businesses with branch offices or remote locations that need to exchange sensitive information securely.

However, it is crucial to note that while EIGRP offers certain security features, it is not a comprehensive security solution on its own. Network security requires a layered approach that includes multiple measures, such as encryption, intrusion detection and prevention systems (IDPS), and regular security audits. EIGRP should be viewed as one piece of the overall security puzzle, complementing other security measures to establish a robust and resilient network infrastructure.

To maximize the security benefits of EIGRP, network administrators should follow the best practices and guidelines recommended by networking and security experts. These include implementing strong authentication mechanisms, regularly updating access control policies, and staying up to date with security advisories and patches released by vendors.

In conclusion, EIGRP plays a significant role in network security by providing authentication mechanisms, supporting access control, and facilitating secure communication through VPNs. Understanding the impact of EIGRP on network security is vital for network administrators and security professionals to build and maintain secure network infrastructures. However, it is important to remember that network security is a holistic endeavour, requiring a combination of technologies, practices, and vigilant monitoring to protect against evolving threats effectively.

]]>
https://sassenachlearns.com/2023/06/25/the-impact-of-eigrp-on-network-security-what-you-need-to-know/feed/ 0
The EIGRP Packet Header https://sassenachlearns.com/2017/11/30/the-eigrp-packet-header/ https://sassenachlearns.com/2017/11/30/the-eigrp-packet-header/#respond Thu, 30 Nov 2017 13:33:00 +0000 https://sassenachlearns.com/?p=66
VersionOpcodeChecksum
Flags
Sequence
Acknowledgement
Virtual Router IDAustonomous System (AS)

Believe me or not, aside from passing an exam there is another important reason why you should know what is inside the EIGRP packet header. Any hypothesis?

The Job Interview

You thought you know everything when you got the Cisco professional level certification but what happens when the interviewer asked you about what is inside the EIGRP packet header? You memorized all the configurations commands. You know what is BGP route reflector. You know how to do unequal load balancing in EIGRP. You even know how to configure fabric path, ASA firewalls, and do site-to-site VPN. You know everything you did in your laboratory but you forgot what is inside the EIGRP packet header.

“Who is going to ask me this stupid question?”

I guess an interviewer who has a doubt about your skills most especially if you put all your certifications on your resume. Funny, but it is pretty quite true.

“Is the interviewer going to judge me if I forgot what EIGRP packet header contains?”

Uhm, maybe. Depends on many reasons. We can say, the interviewer is using a bottom-up approach. In this way, it saves time and may not continue asking you further questions if you did not know the basic. Or, it can be a warm-up for more heart-pounding questions.

“What if you just forgot and neglect it during the academy session?”

I don’t think the interviewer will be interested in that kind of reason. So, if you were not able to answer, you better pray that the interview will not stop there.

I don’t want to scare you because this is just a legend. It is a traditional story popularly regarded as historical but nobody wants to confirm the truth. Anyhow, it is just my way to open up our “EIGRP Packet Header” discussion.

  1. Version – This is the EIGRP header version with the current version of 2. This is a 4-bit field and it is not the same as the TLV version field.
  2. Opcode – Remember the EIGRP packet types? This is how EIGRP neighbors know what kind of packet type it is. It is a 4-bit field as well like the version field and below is the equivalent values of message types:
    EIGRP Message TypeOpcode ValueUpdate1Request2Query3Reply4Hello5Reserved6-9SIA Query10SIA Reply11
  3. Checksum – this is 24-bit field standard IP checksum. If the packet fails the checksum, the it is discarded.
  4. Flags – This is a 32-field that defines special handling of the packet. There are 4 flag bits: INIT flag (0x01), Conditionally Received (CR) flag (0x02), Restart (RS) flag (0x04), and End-of-Table (EOT) flag (0x08). For newly discovered neighbors, the bit is set in the initial UPDATE. The INIT flag instructs the neighbor to advertise its full set of routes. CR flag is that receivers should only accept the packet if they are in Conditionally Received mode. RS flag is set in the HELLO and UPDATE packet. It is an indication that the neighbor is doing a soft restart. This In this way, adjacency is maintained. When EOT flag is set, it indicates that the neighbor has completed sending all updates. This indicates the neighbor can flush all stale routes prior to restart event.
  5. Sequence – Every packet sent to the neighbor will have a 32-bit sequence number that is unique to the sender. When the value is set to 0 that means it doesn’t require any acknowledgement. 
  6. Acknowledgement – this is another 32-bit field sequence number that is unique to the receiver.
  7. Virtual Router ID – This is a 16-bit number that distinguishes the virtual router a packet is associated with. Any value other than listed below, will be discarded:
  8. Autonomous System – This is the most important part in the EIGRP packet header. This is a 16-bit number which value ranges from 1 – 65535. AS should match on all EIGRP neighbors or else packet will be ignored and there will be no adjacency.

]]>
https://sassenachlearns.com/2017/11/30/the-eigrp-packet-header/feed/ 0
EIGRP Message / Packet Types https://sassenachlearns.com/2017/10/15/eigrp-messages-packet-types/ https://sassenachlearns.com/2017/10/15/eigrp-messages-packet-types/#respond Sun, 15 Oct 2017 21:30:00 +0000 https://sassenachlearns.com/?p=95 You might be wondering how EIGRP neighbors talk to each other. How do they know their neighbor is down? How do they know about recent updates on the network? How do they get information about their neighbors? How do they talk back to their neighbor? And how do they accept the message from their neighbor?

EIGRP like any other routing protocols has their own message types or packet types in order to communicate and synchronize within their network. These messages can be sent either in unicast or multicast and reliably or unreliable.

Let’s start with the “HELLO” message. Routing protocols are not snobbish like a human being (just kidding!). They greeted each other to know if they’re still doing fine. EIGRP’s Hello message is used for neighbor discovery, recovery, and to maintain adjacencies. It is sent to the multicast group address 224.0.0.10. In addition, it is sent with unreliable delivery which means that they do not require acknowledgement from the other device to know that it was received. Five seconds (5) is default hello interval for high bandwidth links like higher than T1 links, PPP or HDLC leased circuits, Frame Relay point-to-point subinterfaces, and etc. Sixty (60) seconds is the default for slower than T1 links.

We do not usually do this in a real-world scenario, but this is how we configure the hello interval:

As you can see, hello interval configured for se2/1 is 5 seconds.

Mashushi-SP(config)#int s2/1
Mashushi-SP(config-if)#ip hello
Mashushi-SP(config-if)#ip hello-interval ?
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)

Mashushi-SP(config-if)#ip hello-interval eigrp ?
<1-65535> Autonomous system number

Mashushi-SP(config-if)#ip hello-interval eigrp 2 ?
<1-65535> Seconds between hello transmissions

Mashushi-SP(config-if)#ip hello-interval eigrp 2 6 ?

Mashushi-SP(config-if)#ip hello-interval eigrp 2 6

Now, it is 6 seconds.

*Please note that the hello interval value, unlike OSPF, doesn’t need to match on other EIGRP devices to form adjacencies.

Unlike Hello message, “Update” message is sent via unicast or multicast with reliable delivery. This is sent as sent as unicast when synching its topology table with its neighbors and sent as multicast when convergence is completed or a new route is discovered. This message needs confirmation from the other end that this message is received because this type of message contains EIGRP routing updates.

A “Query” message, as the name implies, is used to inquire routes from other neighbors. It is sent via unicast or multicast in a reliable manner. It requests information like for example asking for feasible successor during the DUAL recomputation of routes.

Of course, when there is a Query, there is a “Reply.” Reply message is sent in response to a query. It is sent via unicasts reliably. It is very important like in Stuck-In-Active (SIA) situation, where it needs to wait for a Reply to each of its Query messages. Any neighbors that do not send a Reply message will be brought down by the router.

Finally, “Acknowledgement” message is used as a confirmation receipt sent for EIGRP Queries, Updates, and Reply. Like Hello message, it contains no data and is sent as unicast.

With all these message types, how does the router know what kind message does it have inside its EIGRP packet header?

]]>
https://sassenachlearns.com/2017/10/15/eigrp-messages-packet-types/feed/ 0
EIGRP Tables and Functions: The EIGRP Neighbor Table https://sassenachlearns.com/2017/10/10/eigrp-tables-and-functions-the-eigrp-neighbor-table/ https://sassenachlearns.com/2017/10/10/eigrp-tables-and-functions-the-eigrp-neighbor-table/#respond Tue, 10 Oct 2017 19:49:00 +0000 https://sassenachlearns.com/?p=45 EIGRP like OSPF has three tables: NeighborTopology and Routing tables. However, don’t be confused because not all EIGRP tables have the same build like OSPF.

The neighbour, topology, and routing tables are very important in implementing and troubleshooting EIGRP. I often neglect the topology and routing table before because what is important to me is that all neighbours are up. But this is not the case especially if you want to progress your learning to a higher Cisco certification level.

Let’s start with the neighbour table.

If you want to know whether you have established adjacency with neighbouring EIGRP router and also to know the uptime, then you go to the neighbour table.

Neighbour table: show ip eigrp neighbor

H – Handle; it is the order in which the EIGRP adjacency is formed. It starts with 0 and so on so forth.

Address – This is your neighbour’s IP address, not the local IP address. Looking at the table it shows that the Nettle router has 2 adjacent neighbours: 192.168.103.3 and 192.168.102.2.

Interface – This is the interface of the neighbour connected.

Hold – this is the hold time value in seconds. This tells how long the router will hold a neighbour if it doesn’t receive a hello. There are two default values: 15 seconds and 180 seconds.  The 15 seconds default value is from the 5-second-hello packet on high bandwidth links like PPP, Ethernet, HDLC, point-to-point ATM and frame-relay subinterfaces, and others greater than T1 circuits. The 180 seconds value is from the 60-second hello packet of slower T1 circuits.

Uptime – It tells how long the local router has established adjacency to its neighbour router.

SRTT – is the acronym for Smooth Round Trip Time. Its value is in milliseconds and tells how long an EIGRP is to be sent to the neighbour and for the local router to receive an acknowledgement of that packet. The table, it is showing us the value of 66. It is ok unless the value is 0 because the value of 0 indicates that there are no acknowledgement packets being received.

RTO – short for Retransmission Timeout whose value is also in milliseconds. It tells how long the packet will be retransmitted from the retransmission queue of the neighbour.

Q Cnt – short for Queue Count. It is the number of EIGRP packets whether it is an update packet, query packet or reply packet that the software is waiting to send. On the table, it is showing 0 which means it is good as there are no pending packets in the queue. There is some sort of unidirectional or congestion issue if the Q Cnt value is not decrementing because that means nothing is being received or acknowledged.

Seq Num – it is the sequence number. It is the last used sequence number in which the EIGRP received the last packet.

]]>
https://sassenachlearns.com/2017/10/10/eigrp-tables-and-functions-the-eigrp-neighbor-table/feed/ 0
The EIGRP No Auto-Summary Command | EIGRP Summarization Lab https://sassenachlearns.com/2017/10/09/the-eigrp-no-auto-summary-command-eigrp-summarization-lab/ https://sassenachlearns.com/2017/10/09/the-eigrp-no-auto-summary-command-eigrp-summarization-lab/#respond Mon, 09 Oct 2017 22:47:00 +0000 https://sassenachlearns.com/?p=11 The “no auto-summary” command is one of the most important commands that you shouldn’t neglect in configuring EIGRP. Honestly, during my first exam relating to EIGRP in the Cisco Networking Academy, I just put this command to all routers under the EIGRP process. Well, it works! Without delving into the importance, I got a passing score. Yeah!

But just putting the command without the “ifs”, it made me realize that there is something I need to understand about this.

The “no auto-summary” command is configured under the EIGRP process. It prevents the auto-summarization of networks. Without enabling this command, the routes from its interfaces will be advertised as classful A, B or C networks to its neighbours.

Let’s say we have three routers: Trapdoor, Ebo and Huntsman. Ebo and Huntsman are connected to Trapdoor via serial links and they are connected to each other via FastEthernet links with 192.168.2.0/24 network.

Trapdoor: show ip int brief

Looking at the “show ip interface brief” of Trapdoor, loopback has been configured. These loopbacks should be accessible by Huntsman and Ebo.

Ebo show ip int bri
Huntsman show ip int brief

After configuring basic eigrp configuration:

Trapdoor(config)#router eigrp 10
Trapdoor(config-router)#network 172.32.0.0
Trapdoor(config-router)#network 192.168.32.0
Trapdoor(config-router)#end
Trapdoor#

Let’s take a look at what happens to the routing table of each router after advertising the 172.32.0.0 network and 192.168.32.0 networks:

Trapdoor show ip route
Huntsman show ip route
Ebo show ip route

Ebo and Huntsman do not learn the loopbacks of Trapdoor.
Let’s try to enable the “no auto-summary” command:

Trapdoor(config)#router eigrp 10
Trapdoor(config-router)#no auto-summary
Trapdoor(config-router)#end

Take a closer look at Ebo and Huntsman’s routing table:

Ebo show ip route
Huntsman show ip route

Both Ebo and Huntsman learned Trapdoor’s loopback address via EIGRP. The pings are also successful on all routers:

Trapdoor ping to Huntsman Fa0/0 IP
Huntsman ping to Trapdoor Lo6 IP and ping to Ebo s2/0 IP
Ebo ping to Trapdoor Lo5 IP and Huntsman Fa0/0

To make sure that “no auto-summary” command is configured, you can do “show ip protocols.”

show ip protocols

Using the show ip protocol, we can see that automatic network summarization is not in effect.

]]>
https://sassenachlearns.com/2017/10/09/the-eigrp-no-auto-summary-command-eigrp-summarization-lab/feed/ 0
IGP: Enhanced Interior Gateway Routing Protocol (EIGRP) Overview https://sassenachlearns.com/2017/10/08/igp-enhanced-interior-gateway-routing-protocol-eigrp-overview/ https://sassenachlearns.com/2017/10/08/igp-enhanced-interior-gateway-routing-protocol-eigrp-overview/#respond Sun, 08 Oct 2017 22:35:00 +0000 https://sassenachlearns.com/?p=9 Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco proprietary protocol. It uses It is a hybrid protocol because it has features of the Link State and Distance Vector routing protocols. Confused? If you’re new with IGP, it is natural. You are not alone. There are millions to billions of people around the world who doesn’t know what the heck is EIGRP.

EIGRP is Cisco’s baby. It works on all Cisco devices. It is an advanced distance vector routing protocol that has some link state features. Like RIP, it has the hop count feature. Routes that reached the maximum hop cunt will be tagged as unreachable. Although it is not used as its metric, it limits the EIGRP AS when routing to a remote network. The default hop count is 100 and the value can vary between 1 – 255. And, like OSPF it does not send the whole routing table when there is a routing change.

In addition, EIGRP supports Classless Inter-Domain Routing (CIDR) and variable length subnet masking. Like OSPF and RIP v2, routes are not summarized on classful boundaries. However, be careful with not putting the “no auto-summary” command under the router process. The “no auto-summary” command disables or prevents automatic summarization of subnet routes into network-level routes.

Remember that EIGRP uses Diffusing Update ALgorithm (DUAL) as its algorithm in every routing decisions, prevents routing loops, and it is used to respond to changes in the routing topology. It is developed by J.J. Garcia-Luna-Aceves and uses three tables for the route calculation: Neighbor table, Topology table, and Routing table.

Lastly, internal EIGRP has an administrative distance (AD) value of 90, the external has a value of 170, and the summary has a value of 5.

EIGRP RELATED TOPICS:

  1. EIGRP Metrics
  2. The EIGRP Neighbor Table
  3. The EIGRP Topology Table
  4. The EIGRP Routing Table
  5. EIGRP Packet Types
  6. EIGRP Neighbor Adjacency
  7. EIGRP Successor, Feasible Successor and Feasibility Condition
  8. EIGRP Packet Header
  9. EIGRP Show Commands

EIGRP CONFIGURATION:

  1. EIGRP Configuration
  2. EIGRP Redistribution
  3. Configuring “no auto-summary” eigrp summarization
  4. EIGRP Authentication
  5. EIGRP Network Advertisement
  6. EIGRP Passive Interface
  7. EIGRP Unequal Path Cost Load Balancing
  8. Changing Administrative Distance

]]>
https://sassenachlearns.com/2017/10/08/igp-enhanced-interior-gateway-routing-protocol-eigrp-overview/feed/ 0
Difference Between Interior Gateway Protocol (IGP) and Exterior Gateway Protocol (EGP)? https://sassenachlearns.com/2017/10/08/difference-between-interior-gateway-protocol-igp-and-exterior-gateway-protocol-egp/ https://sassenachlearns.com/2017/10/08/difference-between-interior-gateway-protocol-igp-and-exterior-gateway-protocol-egp/#respond Sun, 08 Oct 2017 22:30:00 +0000 https://sassenachlearns.com/?p=5 When I first heard about Interior Gateway Protocol (IGP) and Exterior Gateway Protocol (EGP), I was just like, “what on bits and bytes are these?” If you are new to networks and you suddenly heard these on your first day, you might ignore the meaning and also the importance. However, you don’t have to memorize the meaning because you will know it by heart as days go by.

So what are IGP and EGP?

IGP is composed of routing protocols that are used within the autonomous system while EGP is used between different autonomous system. IGP usually runs within the LAN while EGP mostly used in WAN. EGP is the protocol run by ISPs to connect to customer’s edge device and protocol used by the internet. It is used to interconnect different autonomous system.

Interior Gateway Protocols:

  1. Routing Information Protocol (RIP)
  2. Open Shortest Path First (OSPF)
  3. Enhanced Interior Gateway Routing Protocol (EIGRP)
  4. Intermediate System to Intermediate System (IS-IS)

Exterior Gateway Protocol:

  1. Border Gateway Protocol (BGP)

Believe me, if you missed it, you’ll get to know it on the other day.

]]>
https://sassenachlearns.com/2017/10/08/difference-between-interior-gateway-protocol-igp-and-exterior-gateway-protocol-egp/feed/ 0