1-R&S/Enhanced Interior Gateway Routing Protocol (EIGRP) Part 1.

In this post i will talk about the Enhanced Interior Gateway Routing Protocol or (EIGRP), so in this post i will talk about part of its operation, while i will talk about its configuration and verification commands from CLI point of view on another post.

All of us know what is the meaning of routing or why we need the routing in general, simply, the routing is a function that is responsible for allowing nodes belong to different subnets/networks or remote locations to communicate with each other, which means that it is used to span the communication domain. Routers perform the basic routing functionality based on the information exist in the Layer 3 which is called by “Network Layer”, so if we deal with an IP network, which means that the nodes building the network are IP-speaking nodes, hence each node must has an IP address, and this address  is used to uniquely identify this node within the entire network, so that if any remote node need to communicate with any other node, it will send the data to its IP address, then the routers building this IP network will route or forward the data based on the destination IP address seen in the Layer 3 header (IP header at the case of IP network).

The question here is, how the routers know the different subnets/networks ??!, simply the routers have different ways to know information about the different subnets/networks, the first simple method is you need to manually define each subent/network on the routers so that the routers can use these manually defined subnets/networks to route or forward the data they receive from the end-hosts for inter-subnet or inter-network communication, and this method is well known by “Static Routing”, simply the Static routing is used to manually define the subnets/networks exist in the entire network domain so that routers can route or forward the data so that the end-hosts belong to different subnet/network to communicate with each other, to configure the static routing on each router you need to know two information , first you need to know the exact Network ID and its subnet mask to define it, second you need to know the exact next hop IP address, which represents the IP address of the other Layer3 capable-device/router that is closer to this subnet/network, at which our router need to know this next hop IP address to send the data it receive from he end-host to this next hop router so that this data will be routed or forwarded along the path from source to destination end-host. Imagine that there is a large number of subnets/networks in the entire network domain and large number of routers, so we need to manually define large number of static routes for this large number of subnets/networks and this is considered as overhead from configuration/management point of view, so what is the solution ?, simply we need to define certain method that allow the routers to dynamically discover or learn the subnets/networks exist in this network domain from the routers directly attached/connected to these subnets/networks, for this reason we need to introduce the dynamic routing protocols that are used for this purpose. Simply the dynamic routing protocol is used by the routers so that each router participating in this dynamic routing protocol need to advertise the directly attached/connected subnets to its neighbors that already run the same dynamic routing protocol, and once the other routers receive these subnets, they need to run certain algorithm to make some calculations to know how can they reach these subnets/networks.

There are many dynamic routing protocols the router can use for building its routing table, and these dynamic routing protocols are categorized either based on their operation or their usage. The operation of the dynamic routing protocol is determined based on the algorithm used by this protocol. The protocol can be used for two purposes, either to be used between routers internally within the same network domain or within the same Autonomous System and the protocols used for this purpose are called by “Interior Gateway Protocol” or “IGP”, such as RIP, IGRP, EIGRP, OSPF and ISIS, while the other protocols are used externally which means that these protocols are used between routers belong to different network domains or Autonomous systems and the protocols used for this purpose are called by “Exterior Gateway Protocol” or “EGP”, such as EGP and BGP.

So at this point we categorize the dynamic routing protocols into two categories, IGP and EGP, as well the dynamic routing protocols defined under the IGP category can be more categorized into another two categories, Distance Vector protocols and Link-State protocols. The dynamic routing protocol can be considered as distance vector or link state based on its operation and how it deal with the routing updates it send and routing updates it receive.

Distance Vector Routing protocols:

Simply the distance vector routing protocols are define by this name because each router advertise the attached subnets/networks to its neighbors and this update contain two information, Distance and Direction, for this reason we can call this combination as “Vector”, which means that every router send an update to its neighbors about the subnets/networks it know with vector of “Distance” and “Direction”, at which the distance means that how the advertising router is close to the advertised subnets/networks, the distance represents the metric of the subnet/network, and it maybe hop count, which means that how many hops the router is away from this subnet/network ? or it maybe metric composite of multiple parameters, which means that multiple parameters are used by the router to calculate this composite metric, direction means how the router can reach this subnet/network or out which interface  and through which router this local router can reach this subnet/network, which means that the direction represents exit interface + next hop router. The router running distance vector routing protocols learns the routes from its neighbors based on their calculations, and its neighbors learns the same routes from their neighbors based on their calculations, .. and so on, which means that the router learns the routes with their metric based on the calculations done by its neighbors, hence from its neighbors point of view, and its neighbors learns the routes with their metric based on the calculations done by their own neighbors, hence from their neighbors point of view, .. and so on, for this reason the distance vector routing protocols are called by “routing by rumor” as every router make its own calculations based on the calculations done by its neighbors and for any possible reason these calculations maybe bad values and may result in sub-optimal routing  and sometimes result in routing loops, for this reason methods should be implemented to avoid such behavior.

I will talk about Link-State routing protocols in OSPF and ISIS posts.

EIGRP:

As the name implies, it stands for Enhanced Interior Gateway Routing protocol, which means that it is used to enhance the operation of the IGRP protocol and as we know, IGRP is an old Cisco proprietary dynamic routing protocol and is categorized as distance vector protocol because of its operation. EIGRP provided some enhancements than that is provided by the other distance vector protocols as the following:

  1. The updates are not sent in periodic fashion such as the other distance vector protocols, at which it is sent only once there is a change happen, hence it utilize less bandwidth than the other distance vector protocols utilize as the updates are sent only when needed.
  2. The updates include only the subnet/network that face metric or topology change, hence the size of the update message in most cases is much smaller (except after the EIGRP adjacency is established, as they exchange the Full EIGRP learned routes), so this results in utilizing less bandwidth than the other distance vector protocols utilize.
  3. The updates are sent to the well-known multicast address All-EIGRP Routers (224.0.0.10) to avoid sending the update messages to broadcast address, so that only the EIGRP-speaking routers process the EIGRP messages as no need for other devices within the same subnet to process these EIGRP messages, as well using multicast can result in reducing the flooding of the EIGRP messages in the switched network by using methods to limit the multicast traffic to be sent out the ports where the EIGRP-speaking routers are connected.

 

EIGRP Operation:

EIGRP is able to exchange EIGRP routes either for IP, IPX and AppleTalk, as well it can carry those routes inside either IP packets, IPX packets and AppleTalk packets. Here i will mention only the EIGRP operation within the IP environment. For an EIGRP-speaking routers to learn and exchange the EIGRP learned routes, that actually represent either directly connected subets/networks that participate in the EIGRP process or another subnets/networks that are learned from another routing domain, they have to form an adjacency with each other, and for the adjacency to be established, they have to agree about some parameters configured on the two EIGRP-speaking routers as the following:

  1. Autonomous System Number: The AS number at the EIGRP is just a number representing a process domain, which represent the number of that EIGRP process, so for the EIGRP-speaking routers to establish an adjacency with each other, they have to configure the same AS number, as this means that they are wiling to participate on the same process domain.
  2. “K” values: The K values are representing constant values used in the route distance/metric calculation equation, so for the EIGRP-speaking routers to establish an adjacency with each other, they have to configure the same “K” values, so that they agree on which parameters the EIGRP route distance/metric calculation depend on, hence the EIGRP-speaking routers can calculate the EIGRP route distance/metric in an consistent/synchronized  way, the parameters used to calculate the EIGRP route distance/metric are mentioned in the next section.

The distance/metric value for an EIGRP route is built from multiple parameters, which means that there are multiple parameters that are used to calculate the EIGRP route distance/metric, for this reason the EIGRP route metric is called by “composite metric”. The parameters used by EIGRP to calculate the composite metric are: Bandwidth, Load, Delay and Reliability, i know that many network engineers think that the “MTU” is one of the parameters used to calculate the composite metric, actually this is wrong, the MTU value is not used in the equation used to calculate the composite metric, while it is used to prefer one route over another in case the composite metric is the same. The Bandwidth parameter represents the BW of the link in the outgoing direction (i.e in the direction to reach the subnet/network) and this value is fixed (i.e the value doesn’t change with time), as well it is configurable, this means that we can change the link BW to influence the route selection. The Load parameter represent the current load on the link, at which this value is used to give an indication about the load carried on the link, and for sure the load statistic is variable as the load vary from time to time on the link, this means that this value change with time. The Delay parameter represents the delay this link add to packet transiting it, but in reality this value is fixed, doesn’t change with time and doesn’t reflect the actual delay this link add to packet transiting it, this means that it is just a fixed value used to calculate the EIGRP route metric. The reliability parameter represents the link reliability or how this link is reliable, is the link reliable or not ? at which this value is used to give an indication about the link reliability, as long as the link is reliable, this means that the route known via this reliable link will be more preferred, and for sure the link reliability is variable, which means that it vary from time to time. From this discussion we can deduce that the EIGRP route metric for sure will change from time to time if we use those 4 parameters to calculate the EIGRP composite metric, as both link delay and reliability vary from time to time, hence the resulting composite metric vary from time to time, so what are the cons of this ?  for sure the preferred route will vary from time to time on the router’s routing table, and this can results in many issues and instabilities. For this reason Cisco use only the BW and Delay parameters for the composite metric calculation and this is the default behavior on Cisco IOS, but we can include the other parameters (i.e Load and Reliability) in the composite metric calculation equation. The composite metric calculation equation is as the following:

EIGRP metric

The default K values are:

K1 = 1 , K2 = 0 , K3 = 1  , K4 = 0 and K5 = 0

Note: If K5 = 0, this means that the value (K5/(K4 + Reliability)) is considered to be 1 instead of 0, after using the default values this results in the following equation:

CM1

This mentioned equation is used to calculate the EIGRP composite metric in the EIGRP classic mode, but there is another K value i didn’t mention, which is “K6”, that is actually used by the EIGRP to support the concept of “EIGRP Wide metric”, which is used to include other parameters for the EIGRP composite metric calculation equation, and this “K6” value is used to reflect two new parameters, the energy utilization and jitter of the path from destination to source, as well this “K6” value is used to reflect any other parameters that will be introduced in the future, this means that if this value is not zero, hence these parameters will be used in the composite metric calculation equation, but actually this “K6” value equal zero, hence these new parameters as well are not included in the EIGRP metric calculation equation (by default) because this can results in issues and instabilities from routing/forwarding point of view. In case of EIGRP wide metric support, Cisco IOS use only the minimum BW and delay for the composite metric calculation, the minimum BW is called “minimum Throughput”, and the delay is called “Latency”, before we talk about the “Wide” composite metric calculation equation, we need to mention some constant values used in the equation:
1-EIGRP_BANDWIDTH = 10,000,000, this value is used as well in the classic composite metric calculation equation which equals the value “10^7”.
2-EIGRP_DELAY_PICO = 1,000,000, this value is newly used in the equation, as it is used to convert the delay/latency value from “Picoseconds” to “Microseconds”, as in the context of Wide metric support, the interface delay value is in terms of “Picoseconds”.
3-EIGRP_WIDE_SCALE = 65536, this value is newly used in the equation, as it is used to scale the resulting EIGRP wide composite metric, and at the case of classic composite metric, we use similar constant value used as well to scale the resulting EIGRP composite metric, this constant value is called “EIGRP_CLASSIC_SCALE” and equals “256” as mentioned before. The following represents the composite metric calculation equation for the Wide metric support:

EIGRP wide CM 1

The default K values are:

K1 = 1 , K2 = 0 , K3 = 1  , K4 = 0 , K5 = 0 and K6 = 0

Note: If K5 = 0, this means that the value (K5/(K4 + Reliability)) is considered to be 1 instead of 0, after using the default values this results in the following equation:

EIGRP wide CM 2

 

Based on EIGRP operation, it needs to deliver its message (not all of them) in reliable way, i mean that the EIGRP-speaking router need to guarantee that the EIGRP messages are reliably delivered to its neighbor, for this reason it has to use certain method to achieve this reliable delivery, so Cisco has defined the Reliable Transport Protocol (RTP) that is used for such purpose.

EIGRP define multiple messages used for different purposes:
1-EIGRP hello message: this message is used by the EIGRP-speaking routers to discover its neighbors, form an adjacency and maintain the formed EIGRP adjacency, at which the EIGRP-speaking router send the EIGRP hello message at periodic interval, the default timer is 5 seconds, so the EIGRP-speaking router send the EIGRP hello message out of the EIGRP-enabled interfaces to discover the neighbor(s) and establish the EIGRP adjacency, once the adjacency is established, the EIGRP-speaking router to maintain the EIGRP adjacency with the neighbor(s). The following figure shows the EIGRP hello message format:

eigrp_hello

1-Version: This field indicates the version number of the running EIGRP process, and has value of 2.
2-OpCode: This field indicates the type of the EIGRP message(i.e Hello message, Update message, …), the EIGRP hello message has OpCode value of 5.
3-Checksum: This filed is used to carry the calculated checksum value for the entire EIGRP message.
4-Flags: This filed is used to include some options related to the EIGRP operation.
5-Sequence Number: This filed indicates the sequence number of the EIGRP message within the EIGRP operation, so that the EIGRP message will be delivered in reliable way based on Reliable Transport Protocol that is used by EIGRP for such purpose, as mentioned before.
6-Acknowlegde: This field is used to Acknowledge the EIGRP message previously sent by the EIGRP neighbor, so this field carry the sequence number of this EIGRP message sent by the EIGRP neighbor.
7-Autonomous Number: This field is used to carry the Autonomous number value configured on the EIGRP-speaking router sending this Hello message.
8-TLVs: This filed carry multiple information, and each information is carried inside multiple TLV format, each has Type, Length and Value fields, the following represents the different types of TLVs that can be carried inside the EIGRP hello message:
a-Parameters field: This field is used to carry the “K” values, as well the EIGRP hold time value, which is used to tell the EIGRP neighbor how long it should wait for an EIGRP hello message before consider the peer to be dead, the default hold time value is 15 seconds.
b-Software Version: This filed indicates the IOS version running on the EIGRP-speaking routers sending this EIGRP hello message.

2-EIGRP Update message: this message is used for multiple purposes, at the first it is used during the EIGRP adjacency formation, at which the EIGRP-speaking router use the update message during the three way handshake process, which is used by the EIGRP-speaking routers to completely form the EIGRP adjacency, once the EIGRP adjacency is established, then the EIGRP-speaking routers use the update message for exchanging the EIGRP-learned routes. The following figure shows the EIGRP update message format :

eigrp_update

1-Version: This field indicates the version number of the running EIGRP process, and has value of 2.
2-OpCode: This field indicates the type of the EIGRP message(i.e Hello message, Update message, …), the EIGRP update message has OpCode value of 1.
3-Checksum: This filed is used to carry the calculated checksum value for the entire EIGRP message.
4-Flags: This filed is used to include some options related to the EIGRP operation.
5-Sequence Number: This filed indicates the sequence number of the EIGRP message within the EIGRP operation, so that the EIGRP message will be delivered in reliable way based on Reliable Transport Protocol that is used by EIGRP for such purpose, as mentioned before.
6-Acknowlegde: This field is used to Acknowledge the EIGRP message previously sent by the EIGRP neighbor, so this field carry the sequence number of this EIGRP message sent by the EIGRP neighbor.
7-Autonomous Number: This field is used to carry the Autonomous number value configured on the EIGRP-speaking router sending this Hello message.
8-TLVs: This filed carry multiple information, and each information is carried inside multiple TLV format, each has Type, Length and Value fields, the following represents the different types of TLVs that can be carried inside the EIGRP hello message:
a-IP Internal Routes: This field is used to carry the routing information about the subnets/networks that are considered as part of the EIGRP domain (i.e the subnets/networks of the interfaces of the EIGRP-speaking routers that participate in the EIGRP domain). for this reason these subnets/networks are considered as EIGRP internal routes.
b-IP External Routes: This field is used to carry the routing information about the subnets/networks that are not part of the EIGRP domain (i.e the subnets/networks that are known from another routing domain and are injected inside the EIGRP domain through redistribution). for this reason these subnets/networks are considered as EIGRP external routes.

3-EIGRP Query message: this message is used by the EIGRP-speaking router to query and request routing information about certain subnet/network from its neighbors when the EIGRP-speaking router has no better information about the requested subnet/network. The following figure shows the EIGRP Query message format :

eigrp_query

1-Version: This field indicates the version number of the running EIGRP process, and has value of 2.
2-OpCode: This field indicates the type of the EIGRP message(i.e Hello message, Update message, …), the EIGRP Query message has OpCode value of 3.
3-Checksum: This filed is used to carry the calculated checksum value for the entire EIGRP message.
4-Flags: This filed is used to include some options related to the EIGRP operation.
5-Sequence Number: This filed indicates the sequence number of the EIGRP message within the EIGRP operation, so that the EIGRP message will be delivered in reliable way based on Reliable Transport Protocol that is used by EIGRP for such purpose, as mentioned before.
6-Acknowlegde: This field is used to Acknowledge the EIGRP message previously sent by the EIGRP neighbor, so this field carry the sequence number of this EIGRP message sent by the EIGRP neighbor.
7-Autonomous Number: This field is used to carry the Autonomous number value configured on the EIGRP-speaking router sending this Hello message.
8-TLVs: This filed carry multiple information, and each information is carried inside multiple TLV format, each has Type, Length and Value fields, the following represents the different types of TLVs that can be carried inside the EIGRP hello message:
a-IP Internal Routes: This field is used to carry the routing information about the EIGRP internal subnets/networks that are requested by the sender of the EIGRP query message, and it use the IP Internal route TLV as the requested routes at this case are considered as part of the EIGRP domain.
b-IP External Routes: This field is used to carry the routing information about the EIGRP external subnets/networks that are requested by the sender of the EIGRP query message, and it use the IP External route TLV as the requested routes at this case are not part of the EIGRP domain.

4-EIGRP reply message: this message is used by the EIGRP-speaking router to reply with routing information  about certain subnet/network as it received an EIGRP query message from its neighbor to know such routing informatiton. The following figure shows the EIGRP Reply message format :

eigrp_reply

1-Version: This field indicates the version number of the running EIGRP process, and has value of 2.
2-OpCode: This field indicates the type of the EIGRP message(i.e Hello message, Update message, …), the EIGRP Reply message has OpCode value of 4.
3-Checksum: This filed is used to carry the calculated checksum value for the entire EIGRP message.
4-Flags: This filed is used to include some options related to the EIGRP operation.
5-Sequence Number: This filed indicates the sequence number of the EIGRP message within the EIGRP operation, so that the EIGRP message will be delivered in reliable way based on Reliable Transport Protocol that is used by EIGRP for such purpose, as mentioned before.
6-Acknowlegde: This field is used to Acknowledge the EIGRP message previously sent by the EIGRP neighbor, so this field carry the sequence number of this EIGRP message sent by the EIGRP neighbor.
7-Autonomous Number: This field is used to carry the Autonomous number value configured on the EIGRP-speaking router sending this Hello message.
8-TLVs: This filed carry multiple information, and each information is carried inside multiple TLV format, each has Type, Length and Value fields, the following represents the different types of TLVs that can be carried inside the EIGRP hello message:
a-IP Internal Routes: This field is used to carry the routing information about the EIGRP internal subnets/networks that are requested from the neighbor that previously send an  EIGRP query message, for this reason the sender of this EIGRP Reply message use the IP Internal route TLV as the requested routes from its neighbor at this case are considered as part of the EIGRP domain.
b-IP External Routes: This field is used to carry the routing information about the EIGRP external subnets/networks that are requested from the neighbor that previously send an  EIGRP query message, for this reason the sender of this EIGRP Reply message use the IP External route TLV as the requested routes from its neighbor at this case are not part of the EIGRP domain.

5-EIGRP Acknowledge message: this message is used by the EIGRP-speaking router to acknowledge the reception of one of the EIGRP messages that are needed to be reliably delivered it received from its neighbor. The following figure shows the EIGRP Ack message format :

eigrp_Ack

1-Version: This field indicates the version number of the running EIGRP process, and has value of 2.
2-OpCode: This field indicates the type of the EIGRP message(i.e Hello message, Update message, …), the EIGRP Ack message has OpCode value of 5 as the case of Hello message.
3-Checksum: This filed is used to carry the calculated checksum value for the entire EIGRP message.
4-Flags: This filed is used to include some options related to the EIGRP operation.
5-Sequence Number: This filed indicates the sequence number of the EIGRP message within the EIGRP operation, so that the EIGRP message will be delivered in reliable way based on Reliable Transport Protocol that is used by EIGRP for such purpose, as mentioned before.
6-Acknowlegde: This field is used to Acknowledge the EIGRP message previously sent by the EIGRP neighbor, so this field carry the sequence number of this EIGRP message sent by the EIGRP neighbor.
7-Autonomous Number: This field is used to carry the Autonomous number value configured on the EIGRP-speaking router sending this Hello message.

As mentioned, not all the EIGRP messages needed to be reliably delivered, the following EIGRP messages are reliably delivered using the RTP:
1-EIGRP Update message.
2-EIGRP Query message.
3-EIGRP Reply message.

How the router know that the EIGRP message is successfully delivered to the EIGRP neighbor ?

RTP use the concept of Sequence/Acknowledge mechanism and it is a little bit similar to the mechanism used by TCP to provide the reliable delivery, this means that the EIGRP message must contain two fields, Sequence and Acknowledge fields that are used to provide the Sequence/Acknowledge mechanism, so when the EIGRP-speaking router send one of the EIGRP messages that require reliable delivery, it will include Sequence number in these messages, then it is expecting to receive an EIGRP Ack message from its neighbors with Acknowledge number equal to the Sequence number carried inside this EIGRP message. The following figure shows the Sequence/Acknowledge mechanism used by RTP:

eigrp3

As mentioned before, the EIGRP-speaking routers have to establish an EIGRP adjacency to be able to exchange and learn the EIGRP routes, and they have to agree on the Autonomous system value and the K values. How this happen ? actually the two EIGRP-speaking routers have to send to each other certain EIGRP message so that they can establish the EIGRP adjacency, this message is the “EIGRP hello message”, the EIGRP Hello message format is mentioned before.

The following figure represents the steps describing the EIGRP adjacency operation and packets exchanged between the EIGRP-speaking routers:

 

eigrp1

1-At the first we enabled the EIGRP process on R1 on the appropriate interface (Eth0/0),  and this caused R1 to generate the EIGRP hello message with the appropriate info and send it out this EIGRP-enabled interface (Eth0/0), at which it send the EIGRP hello message to the well-known destination multicast address “All EIGRP Routers” “224.0.0.10”, the following figure represents the EIGRP hello message sent by R1 to the multicast address 224.0.0.10 as seen on Wireshark:

eigrp-pak1

We can deduce the following from this figure:
1-OpCode = 5, which indicates it is an EIGRP hello message
2-Autonomous Number = 100
3-K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0 and K6 = 0
4-EIGRP Hold time = 15 seconds.
5-IOS version = 15.0

2-As well R2 enable the EIGRP process on the appropriate interface (Eth0/0),  and this caused R2 to generate the EIGRP hello message with the appropriate info and send it out this EIGRP-enabled interface (Eth0/0), at which it send the EIGRP hello message to the well-known destination multicast address “All EIGRP Routers” “224.0.0.10”, the following figure represents the EIGRP hello message sent by R2 to the multicast address 224.0.0.10 as seen on Wireshark:

eigrp-pak2

We can deduce the following from this figure:
1-OpCode = 5, which indicates it is an EIGRP hello message
2-Autonomous Number = 100
3-K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0 and K6 = 0
4-EIGRP Hold time = 15 seconds.
5-IOS version = 15.0
6-Peer Topology ID List: this field indicates how many sub-topologies are configured on the sender of this EIGRP message, as the new IOS version starting from 15.0 support the concept of EIGRP Multi Topology Routing, which means that the EIGRP-speaking router support configuring multiple topologies to be carried over the same physical network itself.

3-A this point, i mean when R2 receive the EIGRP hello message sent by R1, and R1 received the EIGRP hello message sent by R2, they become adjacent, but the adjacency is not completely formed, so for the adjacency to be completely formed, they have to exchange EIGRP update message with INIT flag set to 1 (without any routing information), so that they can use the concept of three way handshake to completely form the EIGRP adjacency, so R2 send the EIGRP update message with INIT flag set to 1 (again without any routing information) and it send it to the unicast IP address of R1, to start the three way handshake mechanism used by EIGRP, the following figure represents the EIGRP update message sent by R2 to the unicast IP address of R1 as seen on Wireshark:

eigrp-pak3

We can deduce the following from this figure:
1-OpCode = 1, which indicates it is an EIGRP update message
2-Flags = 0x00000001, which indicates that the INIT flag/bit is set to 1
3-Sequence = 1, which indicates that this is the first EIGRP message within this EIGRP neighborship sent by R2 that is needed to be reliably delivered.
4-Acknwoledge = 0, which indicates that there are no any EIGRP message it receive from its neighbor that is needed to be reliably delivered.
5-Autonomous Number = 100

4-R1 received the EIGRP update message with INIT flag set to 1 (that has no any routing info) that is sent by R2, then it send its EIGRP update message with INIT flag set to 1 (without any routing information) to the unicast IP address of R2 as part of the EIGRP three way handshake mechanism and as well acknowledging the EIGRP update message it receive from R2, the following figure represents the EIGRP update message sent by R1 to the unicast IP address of R2 as seen on Wireshark:

eigrp-pak4

We can deduce the following from this figure:
1-OpCode = 1, which indicates it is an EIGRP update message
2-Flags = 0x00000001, which indicates that the INIT flag/bit is set to 1
3-Sequence = 1, which indicates that this is the first EIGRP message within this EIGRP neighborship sent by R1 that is needed to be reliably delivered.
4-Acknwoledge = 1, which indicates that it is acknowledging the EIGRP message (EIGRP update message) with Seq no. = 1 that it received from its neighbor that is needed to be reliably delivered.
5-Autonomous Number = 100.

5-Once R2 received this EIGRP update message, it mark R1 to be completely adjacent as  the EIGRP three way handshake is completed from its point of view, then it need to acknowledge the EIGRP update message it received from R1 and to complete the EIGRP three way handshake, so it send an EIGRP Acknowledge message, the following figure represents the EIGRP Ack message sent by R1 to the unicast IP address of R2 as seen on Wireshark:

eigrp-pak5

We can deduce the following from this figure:
1-OpCode = 5, which indicates it is an EIGRP hello message, as the EIGRP Ack message is carried inside an EIGRP hello message
2-Flags = 0x00000000, which indicates that no flags are being used inside this Ack message.
3-Sequence = 0,
4-Acknwoledge = 1, which indicates that it is acknowledging the EIGRP message (EIGRP update message) with Seq no. = 1 that it received from its neighbor that is needed to be reliably delivered.
5-Autonomous Number = 100.

So at this point, the two EIGRP-speaking routers (R1 and R2) become completely adjacent once the EIGRP three way handshake successfully happened.

After the EIGRP adjacency is completely formed between the EIGRP-speaking routers, they need to exchange the EIGRP-learned routes with each other, and as mentioned before, the EIGRP-learned routes maybe subnets/networks that are directly connected to the EIGRP-speaking routers that enable the EIGRP on those interfaces, or subnets/networks that are learned from another routing domain and are redistributed inside in the EIGRP domain. To advertise the EIGRP routes, the EIGRP-speaking routers use the EIGRP update message for that purpose, so assume that R1 has Loopback interface with the IP address (1.1.1.1/32) and it need to advertise this subnet/network to its neighbor R2, the following figure represents the steps describe exchanging the EIGRP learned routes inside the EIGRP update message between the EIGRP-speaking routers:

eigrp2

6-R1 configured Loopback interface with an IP address (1.1.1.1/32) and it needs to advertise this subnet/network inside the EIGRP domain, so to advertise it, it carry this subnet/network and its information inside an EIGRP update message, the following figure represents the EIGRP update message sent by R1 to the multicast address 224.0.0.10 as seen on Wireshark:

eigrp-pak6

We can deduce the following from this figure:
1-OpCode = 1, which indicates it is an EIGRP update message that is used to carry the information about subnet/network needed to be advertised.
2-Flags = 0x00000000, which indicates that no flags are being used inside this update message.
3-Sequence = 2, which indicates that this is the second EIGRP message within this EIGRP neighborship sent by R1 that is needed to be reliably delivered.
4-Acknwoledge = 0, which indicates that this message is not used to acknowledge other EIGRP message.
5-Autonomous Number = 100.
6-Internal Route TLV, which indicates the information about the subnet/network (1.1.1.1/32) needed to be advertised, and it includes the following fields:
a-Type = 0x0602, which indicates that the the information carried inside this field is an internal route.
b-Length = 45, which indicates the length of the information carried inside this TLV field.
c-Topology = 0, which indicates that this internal route belongs to the topology ID 0, as  mentioned before the new IOS versions support the Multi topology routing capability, that is used to run multiple topologies over the same physical network, so at this case, this subnet/network belong to the default topology.
d-AFI = 1, which indicates that the Address Family used for this advertisement is for IPv4.
e-Router ID = 1.1.1.1, this indicates that the Router ID for the EIGRP-speaking router originally advertised information about this subnet/network, and the Router ID is 1.1.1.1, and actually this value is used as a method to avoid routing loop as well.
f-Wide Metric, this filed is used to carry the EIGRP parameters (BW, Load, Delay, …)  of the advertised subnet/network that are used for the EIGRP composite metric calculation for this route. The following figure shows the “Wide Metric” field:

eigrp-pak6.11-Offset = 0, this field is used to define the start of the subnet/network information, this means that it is used to tell if there is an information about extended attributes exist here or not, and value of 0 means that no extended attributes carried here for this subnet/network.
2-Priority = 0, this field is used to assign priority value to this subnet/network, this means that when the EIGRP-speaking router receive this subnet/network, it will process the subnet/network with high priority value before the other subnets/networks with lower priority value, and value of 0 means that no priority value assigned to this subnet/network.
3-Reliability = 255, this field indicates the reliability value for this route, and value of 255 indicates that this route is highly reliable.
4-Load = 1,  this field indicates the load value for this route, and value of 1 indicates that this route has lowest load value, hence this value represents the best load value.
5-MTU = 1514, this field indicates the lowest Maximum Transmission Unit value for this route.
6-Hop count = 0, this field indicates the number of hops from the sender of this EIGRP update message to the mentioned subnet/network, and value of 0 means that this subnet/network is directly attached to this router.
7-Delay = 5000000000, this field indicates the delay value for this route and it is represented in terms of Picoseconds, so value of 5000000000 means it is 5000000000 Picoseconds.
8-Bandwidth = 8000000, this field indicates the BW value for this route and it is represented in terms of KiloBits, so value of 8000000 means it is 8000000 Kilobits.
9-Reserved = 0x0000, this filed is used for future purposes.
10-Flags  = 0x0000, this field is used to include options regarding this route.

g-Next Hop = 0.0.0.0. this filed indicates the next hop router address, 0.0.0.0 means that the next hop router is the EIGRP-speaking router advertising this route.
h-Prefix Length = 32, which indicates the prefix length of the advertised subnet/network.
i-Destination = 1.1.1.1, which indicates the network ID of the actual subnet/network needed to be advertised.

7-R2 received this EIGRP update message from R1, then it need to acknowledge the reception of the update message, so it sent the EIGRP Ack message, the following figure represents the EIGRP Ack message sent by R2 to the unicast IP address of R1 as seen on Wireshark:

eigrp-pak7

8-R2 need to perform split horizon with poison reverse as it is used as a way to avoid routing loop, so to do this, it will send an EIGRP update message with the same routing information but it set the Delay attribute to “Infinity”, which means that the subnet/network in this update message is unreachable through it. The following figure represents the EIGRP update message sent by R2 to the multicast address 224.0.0.10 as seen on Wireshark:

eigrp-pak8

We can deduce the following from this figure:
1-OpCode = 1, which indicates it is an EIGRP update message that is used to carry the information about subnet/network needed to be advertised.
2-Flags = 0x00000000, which indicates that no flags are being used inside this update message.
3-Sequence = 3, which indicates that this is the third EIGRP message within this EIGRP neighborship sent by R2 that is needed to be reliably delivered.
4-Acknwoledge = 0, which indicates that this message is not used to acknowledge other EIGRP message.
5-Autonomous Number = 100.
6-Internal Route TLV, which indicates the information about the subnet/network (1.1.1.1/32) needed to be advertised, and it includes the following fields:
a-Type = 0x0602, which indicates that the the information carried inside this field is an internal route.
b-Length = 45, which indicates the length of the information carried inside this TLV field.
c-Topology = 0, which indicates that this internal route belongs to the topology ID 0, as  mentioned before the new IOS versions support the Multi topology routing capability, that is used to run multiple topologies over the same physical network, so at this case, this subnet/network belong to the default topology.
d-AFI = 1, which indicates that the Address Family used for this advertisement is for IPv4.
e-Router ID = 1.1.1.1, this indicates that the Router ID for the EIGRP-speaking router originally advertised information about this subnet/network, and the Router ID is 1.1.1.1, and actually this value is used as a method to avoid routing loop as well.
f-Wide Metric, this filed is used to carry the EIGRP parameters (BW, Load, Delay, …)  of the advertised subnet/network that are used for the EIGRP composite metric calculation for this route. The following figure shows the Delay attribute value inside the Wide Metric field, at which the value is “Infinity” as mentioned before:

eigrp-pak9

9-R1 received this EIGRP update message from R2, then it need to acknowledge the reception of the update message, so it sent the EIGRP Ack message, the following figure represents the EIGRP Ack message sent by R1 to the unicast IP address of R2 as seen on Wireshark:

eigrp-pak10

We can deduce the following from this figure:
1-OpCode = 5, which indicates it is an EIGRP hello message, as mentioned before the EIGRP Ack message is carried inside an EIGRP hello message
2-Flags = 0x00000000, which indicates that no flags are being used inside this Ack message.
3-Sequence = 0.
4-Acknwoledge = 3, which indicates that it is acknowledging the EIGRP message (EIGRP update message) with Seq no. = 3 that it received from its neighbor that is needed to be reliably delivered.
5-Autonomous Number = 100.

I will continue the EIGRP operation and configuration part on the next post.

 

Hope that the post is helpful.

Regards

Mostafa Hamza

2 thoughts on “1-R&S/Enhanced Interior Gateway Routing Protocol (EIGRP) Part 1.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s