EIGRP 2 (CCNP – Load balancing,convergency, SIA, route filtering, summary, Default route)

Unequal Metric route load balancing

Also called load sharing, balancing traffic on a per-destination IP address basis, provides following benefits:

Making use of the available bandwidth, all the links are carrying traffics.
Faster convergence, multiple routes are placed into the routing tables for a single prefix. Router does not need to look for FS routes nor go active on the route.

Every routing protocol supports equal cost path load balancing. In addition, Interior Gateway Routing Protocol (IGRP) and EIGRP also support unequal cost path load balancing. In equal load balancing, two route with same metric can be considered equal path, and each path share the same amount of traffic, this is easy to achieve.

In unequal load balancing, how to set a standard and tell the router to add all the route that meet the metric standard to the routing table for unequal load balancing is a problem. This is because the EIGRP integer metric calculation often results in 8-10 digit integer metrics. Predicting the exact metric of different routes for the same prefix is statistically unlikely. So it’s better to tell the router “all the routes with metric in this range can be added to the routing table”.

The variance is used to overcome this problem. Use the variance n command in order to instruct the router to include routes with a metric of less than n times the minimum metric route (FD) for that destination.

Traffic is also distributed among the links with unequal costs, proportionately, with respect to the metric.

Configuration

define the number of allowed routes for each prefix/prefix length:
R1(config-router)# maximum-paths number
Default setting is 4.
Metric calculation:

The variable n can take a value between 1 and 128. The default is 1, which means equal cost load balancing.

R1(config-router)# Variance multiplier

EIGRP router subcommand defines an integer in the range of 1 through 128.

The router then multiplies the variance by the successor route’s FD- the metric of the best route to reach that subnet. Any FS routes whose metric is less than or equal to the product of the variance by the FD are considered to be equal routes and can be placed into the routing table:

$Metric\leqslant FD * Variance$

In summary:

The variance is multiplied by the current FD ( the metric of the best route to reach a subnet)
Any FS routes whose calculated metric is less than or equal to the product of variance and FD are added to the IP routing table, assuming that the maximum-paths settings allows more routes.
Routes that are neither successor nor feasible successor routes can never be added to the IP routing table, regardless of the variance setting.

optimizing EIGRP convergence

The design goal: EIGRP uses faster convergence methods for as many routes as possible, and when not possible, that EIGRP converge as quickly as it can without introducing routing loops.

Fast convergence to feasible successors

For a particular subnet, the route with the best metric is called the successor, with the router filling the IP routing table with this route. (This route’s metric is called the feasible distance)

Of the other routes to reach that same subnet—routes whose metrics were larger than the FD for the route—EIGRP needs to determine which can be used immediately if the currently best route fails, without causing a routing loop. EIGRP runs a simple algorithm to identify which routes could be used, keeping these loop-free backup routes in its topology table and using them if the currently best route fails.

These alternative, immediately usable routes are called feasible successor routes, because they can feasibly be used when the successor route fails.

A router determines if a route is a feasible successor based on the feasibility condition:

If a nonsuccessor route’s RD is less than the FD, the route is a feasible successor route.

Check out the example here: http://frankfu.click/networking/cisco/eigrp/2/#loopfree

Verify the FS:

show ip eigrp topology

Only list successor and feasible successor routes.

show ip eigrp topology all-links

List all possible routes, including those that are neither successor nor feasible successor routes.

Converging by going active

Going active: When no FS route exists, the router begins a process by which the router discovers whether any loop-free alternative routes exist to reach that prefix.

Routes for which the successor route fails, and no feasible successor routes exist, move to an active state:

Change the state, as listed in the show ip eigrp topology command, from passive(p) to active (a)
Send EIGRP query messages to every neighbor except the neighbor in the failed route. The query asks a neighbor whether that neighbor has a loop-free route for the listed prefix/length.
The neighbor considers itself to have a loop-free route if that neighbor is passive for that prefix/length. If so, the neighbor first sends an eigrp reply message, telling the original router that it does indeed have a loop-free route, and then, does not forward the query.
If the neighbor itself is active on this route, the neighbor first floods eigrp query messages to its neighbors and then does not immediately send an eigrp reply back to the original router.
When a router has received reply messages from all neighbors to which it sent any Query messages, that router can then send a reply message to any of its neighbors as necessary.
When a router has received a Reply for all its Query messages, that router can safely use the best of the routes confirmed to be loop-free.

By configuring EIGRP so that the entire Query process can be avoided. However, in some cases, it’s impossible to creating FS routes for all roues on all routers. We can use stub routers and route summarization to reduce the work performed by the DUAL and the scope of the query messages.

Stub routers on query scope

Some routers that are not responsible for forwarding traffic between different sites.Such as a far branch router.

Stub router is a router that should not forward traffic between two remote EIGRP-learned subnets.

Stub router don’t advertise EIGRP-learned routes from one neighbor to other EIGRP neighbors. But note that, stub router still form neighborship with other routers.
Non-stub routers note which EIGRP neighbors are stub routers, and the non-stub routers don’t send query messages to the stub routers. This action greatly reduces the scope of query messages when a route goes active.

Configuration:

eigrp stub option

if you only issue eigrp stub, the default options are connected and summary.However, there are other options you can use.

option:

connected: advertise connected routes but only for interfaces matched with a network command.
summary: advertise auto-summarized or statically configured summary routes
static: advertise static routes, assuming that the redistribute static command is configured.
leak-map name : advertise routes specified by a leak map.
redistributed: advertise redistributed routes, assuming that redistribution is configured
receive-only: Does not advertise any routes, this option can not be used with any other option.

Impact of summary routes on query scope

If a router receives an EIGRP query for a prefix, does not have an exacly matching route, but does have a summary route that includes the prefix, the receiving router immediately sends an EIGRP reply and does not flood the query to its own neighbors.

Stuck in active (SIA)

In a large network, when routers exist several hops away, the number of queries might be a string of routers that all must wait on multiple reply messages before they can issue a reply. In order to troubleshoot the problem, view the show ip eigrp topology or show ip eigrp topology active command output and follow the trail of the r.

E.g.

show ip eigrp topology

P 10.1.2.0/24, 1 successors, FD is 254300

Via Connected, FastEthernet0/0

A 10.6.1.0/24, 0 successors, FD is 33841212,Q

1 replies, active 00:00:41, query-origin:Local origin

Remaining replies:

via 10.1.2.1, r. FastEthernet0/0

Router R1 is waiting for a reply from the neighbor 10.1.2.1 in response to the query sent out about network 10.6.1.0/24.

To deal with this potentially long time waiting, IOS first sets a limit on how long it should take to receive all such replies. The timer, which is called the active timer, is set to 3 minutes by default.

You can configure it by timers active-time time_in_minutes

Methods to reacting to SIA routes:

Early version: bring down the uncooperative neighbors. All routes known through the failed neighbor would also be considered to have failed.
Later version (12.2 or newer): make an attempt to avoid failing the neighborship. At the halfway point through the Active timer (90seconds), a router sends an SIA-Query EIGRP message to each neighbor that has yet to send back a reply.
- If the neighbor is still waiting for replies to its own queries, router knows that the neighbor is still alive and working, so no need to kill the neighborship.
- If the router get nothing in reply, the action of failing the neighborship is reasonable.

Route filtering

router filtering allows the engineer to filter which routes are advertised in an EIGRP update.

Eg. A router in a branch don’t need to learn routes about subnets in other branches, routers can filter that routing information. a router for one department is not supposed to forward packets to another division.

The concept is: The distribute list refers to an ACL, prefix list and decide if a route should be permitted to be sent/received in an EIGRP update or be denied (filtered). This distribute list also specifies the direction- outbound or inbound, and the specific interface ( optional) on which to filter updates.

Filtering by referencing ACLs

If the ACL match a route with permit clause, then the route is allowd to be advertised.

If the ACL match a route with deny clause, then the route is filterd.

Distribute-list support standard IP ACLs, can be either numbered or named. So the filtering is based on the source IP address of the packet.

Configuration:

router eigrp 1

distribute-list 2 out s0/0/0.1

Filtering by Referencing IP prefix lists

Advantages:

IP prefix lists allow mathing of the prefix length, whereas the ACLs can not.
IP prefix lists more intuitive for ocnfiguring route filtering
Faster matching, due to internal tree structure.

IP prefix list concepts

Two components:

The route prefix (subnet number)
The prefix length (subnet mask)

Example:

prefix-list Command Parameter	Routes Matched from Previous List of Prefixes	Result
10.0.0.0/8	1	Without ge or le configured, both the prefix (10.0.0.0) and length (8) must be an exact match.
10.0.0.0/8 ge 9	2–6	The 10.0.0.0/8 means “all routes whose first octet is 10.” The prefix length must be between 9 and 32, inclusive.
0.0.0.0/0	None	0.0.0.0/0 means “match all prefixes.” However, because no le nor ge parameter is configured, the /0 also means that the prefix length must be 0. So, it would match all routes’ prefixes but none of their prefix lengths. Only a default route would match this prefix list.
0.0.0.0/0 le 32	All	The range implied by 0.0.0.0/0 is all IPv4 addresses. The le 32 combined with prefix length 0 implies any prefix length between 0 and 32, inclusive. This is the syntax for “match all”prefix list logic.

Syntax:

ip prefix-list list-name [seq seq-value] {deny | permit prefix/prefix-length} [ge ge-value] [le le-value]

explaination:

ge-value: greater-than-or-equal-to

le-value: less-than-or-equal-to

logic:

step 1: The prefix must be within the range of addresses implied by the prefix-list command’s prefix parameters.

step 2: The route’s prefix length must match the range of prefixes implied by the prefix-length, ge, and le parameters.

most common prefix list command:

ip prefix-list permit-any seq 5 permit 0.0.0.0/0 le 32

Filtering by route Maps

Route maps provide programming logic similar to the If/Then/Else logic.

Route maps can be used for many functions besides route filtering, such as set Border Gateway Protocol (BGP) Path Attributes(PA) for the purpose of influencing the choice of the best routes in an internetwork.

Route map has several route-map commands, with the commands in the same route map all having the same text name.
When referenced by the distribute-list command, cisco IOS processes the commands in the route map sequentially, based on the sequence number in the commands. Cisco IOS adds the sequence numbers automatically if omitted when configuring the route-map commands.
After a particular route has been matched and determined to be either filtered(deny) or allowed to pass (permit), even if more route-map commands exist later in the list, cisco IOS stops processing the route map for that route.

Each route-map command includes the name of the route map, an action (permit or deny), and possibly a sequence number ( optional).

These are some of the differences between route maps and ACLs:

•Route maps frequently use ACLs as matching criteria.

•The main result from the evaluation of an access list is a yes or no answer—An ACL either permits or denies input data. Applied to redistribution, an ACL determines if a particular route can (route matches ACLs permit statement) or can not (matches deny statement) be redistributed. Typical route maps not only permit (some) redistributed routes but also modify information associated with the route, when it is redistributed into another protocol.

•Route maps are more flexible than ACLs and can verify routes based on criteria which ACLs can not verify. For example, a route map can verify if the type of route is internal.

•Each ACL ends with an implicit deny statement, by design convention; there is no similar convention for route maps. If the end of a route map is reached during matching attempts, the result depends on the specific application of the route map. Fortunately, route maps that are applied to redistribution behave the same way as ACLs: if the route does not match any clause in a route map then the route redistribution is denied, as if the route map contained deny statement at the end.

Syntax:

route-map name {permit | deny} [sequence_number] 
match ( 1st set of criteria)
route-map name {permit | deny} [sequence_number]
match ( 2nd set of criteria)

Note that

If the match command reference an ACL or prefix list, decision to filter a route or allow the route through is based on the deny or permit in the route-map command, and not the deny or permit in the ACL or prefix list.
If a route is denied by the ACL or prefix list, this match clause is ignored and Cisco IOS consider the next route-map command.
THe route-map command includes an implied deny all clause at the end; to configure a permit all, use the route-map command, with a permit action, but without a match command.

Match and Set Clause Values

Each route map clause has two types of values:

•A match value selects routes to which this clause should be applied.

•A set value modifies information that will be redistributed into the target protocol.

Note Do not configure a set command in a route map deny clause because the deny clause prohibits route redistribution—there is no information to modify.

(Match) Defining a Route to Match a Specific Destination Address

To define a route to match a specified destination address, perform the following steps

Detailed Steps

	Command	Purpose
Step 1	route-map name {permit \| deny} [sequence_number] Example: hostname(config)# route-map name permit 12	Creates the route map entry. Enters route-map configuration mode. (config-route-map) Route map entries are read in order. You can identify the order using the sequence_number option.
Step 2	Enter one of the following match commands to match routes to a specified destination address:
	hostname(config-route-map)# match ip address acl_id [acl_id] [...] [prefix-list]	Matches any routes that have a destination network that matches a standard ACL or prefix list. If you specify more than one ACL, then the route can match any of the ACLs.
	hostname(config-route-map)# match metric metric_value	Matches any routes that have a specified metric. The metric_value can range from 0 to 4294967295.
	hostname(config-route-map)# match ip next-hop acl_id [acl_id] [...]	Matches any routes that have a next hop router address that matches a standard ACL. If you specify more than one ACL, then the route can match any of the ACLs.
	hostname(config-route-map)# match interface if_name	Matches any routes with the specified next hop interface. If you specify more than one interface, then the route can match either interface.
	hostname(config-route-map)# match ip route-source acl_id [acl_id] [...]	Matches any routes that have been advertised by routers that match a standard ACL. If you specify more than one ACL, then the route can match any of the ACLs.
	hostname (config-route-map)# match route-type {internal \| external [type-1 \| type-2]}	Matches the route type.

(Set) Configuring the Metric Values for a Route Action

If a route matches the match commands, then the following set commands determine the action to perform on the route before redistributing it.

Detailed Steps


	Command	Purpose
Step 1	route-map name {permit \| deny} [sequence_numbe]	Creates the route map entry. Route map entries are read in order. You can identify the order using the sequence_number argument.
Step 2	To set a metric for the route map, enter one or more of the following set commands:
	hostname (config-route-map)#set metric metric_value	Sets the metric value. The metric_value argument can range from 0 to 294967295.
	hostname(config-route-map)#set metric-type {type-1 \| type-2}	Sets the metric type. The metric-type argument can be type-1 or type-2.

Configuration Example for Route Maps

The following example shows how to redistribute routes with a hop count equal to 1 into OSPF

The router redistributes these routes as external LSAs with a metric of 5 and a metric type of Type 1.

hostname(config)# route-map 1-to-2 permit

hostname(config-route-map)# match metric 1

hostname(config-route-map)# set metric 5

hostname(config-route-map)# set metric-type type-1

The following example shows how to redistribute the 10.1.1.0 static route into eigrp process 1 with the configured metric value:

hostname(config)# route outside 10.1.1.0 255.255.255.0 192.168.1.1
hostname(config-route-map)# access-list mymap2 line 1 permit 10.1.1.0 255.255.255.0
hostname(config-route-map)# route-map mymap2 permit 10
hostname(config-route-map)# match ip address mymap2
hostname(config)# router eigrp 1
hostname(config-router)# redistribute static metric 10000 100 255 1 1500 route-map mymap2

http://frankfu.click/networking/cisco/ccnp/route-maps-cisco/

Route summarization

Basic concept, calculation, and configuration: http://frankfu.click/networking/cisco/eigrp-advanced-configuration-and-troubleshooting/

Choosing where to summarize routes

EIGRP support route summarization at any router.

Influencing the choice of best route for summary routes

often, engineers plan route summarization for the same address block on multiple routers. Such a design take advantage of redundancy and can be used to perform basic load balancing.

The main reason for the route choice is the following fact about summary routes with Cisco IOS: set the summary route’s metric components based on the lowest metric route upon which the summary route is based.

To set lower metric on the faster link, better utilize the the link speed.

Suboptimal forwarding with summarization

An important concept to consider when summarizing routes is that the packets might take a longer path than if summarization is not used. Just like you know Asia and don’t know how to get to Japan directly, so you choose a cheapest flight to any Asia country, and then buy another flight to Japan after reaching Japan. This can potentially choose a longer journey.

When EIGRP advertises a summary route, the advertising router considers the summary route to be up and working unless all subordinate routes fail. This may case the packets to a failed link will still be forwarded to the summarizing router and then been discarded.

Route summarization benefits and trade-offs

Benefits:

Smaller routing tables
Reduces query scope: the EIGRP query stops at a router that has a summary route that includes the subnet listed in the query but not the specific route listed in the query.
EIGRP supports summarization at any location in the internetwork
The summary has the metric of the best of the subnets being summarized.

Trad-offs:

Can casue suboptimal routing
Packets destined for inaccessible destinations will flow to the summarizing router before being discarded.

Configure the summarization

Router(config-if)# ip summary-address eigrp as-number network-address subnet-mask

After configuring summarization, the router changes its logic for the EIGRP update messages sent out the interface:

The router brings down, and then back up, all EIGRP neighbors reachable on that interface, effectively causing neighbors to forget previous topology information and to listen to new information.
When the neighborships recover, the router advertises the summary route, per ip summary-address command, assuming that the router has at least one route whose address range is inside the range of the summary route.
The router does not advertise the subordinate routes.
The router adds a route to its own routing table, for the summary prefix/prefix length, with an outgoing interface of null0.

When a router receives a packet within the summary route’s range:

If the packet matches a more specific route than the summary route, the packet is forwarded based on that route
When the packet does not match a more specific route, it matches the summary route, it will be discarded.Its basically a Loop Prevention mechanism. Traffic destined for any specific route that’s part of summary but doesn’t exist in one of case where it will silently drop the traffic and preventing traffic from looping around. For more, check here:https://learningnetwork.cisco.com/thread/62541 and here .

Auto-summary

First we must understand contiguous network and discontiguous network:

Contiguous network: A single classful network in which packets sent between every pair of subnets will pass only through subnets of that same classful network, without having to pass through subnets of any other classful network. Eg. following networks belong to one classful network(class A)
Discontiguous network: A single classful network in which packets sent between at least one pair of subnets must pass through subnets of a different classful network. Following example, A Class B network 172.16.0.0 exist on the left and right, with subnets of Class C network 192.168.0 in the middle of the internetwork.

If the auto-summary is working in EIGRP, some packets might be delivered to the correct host and others not.

Solutions:

Don’t use discontiguous network.
Disable Auto-summary using command no auto-summary.

Note : the auto-summary and no auto-summary commands have no effect on routes that connect to a single classful network.

Default route

Advertising static default routes with EIGRP with these steps:

Step 1. Create a static route default route using command ip route 0.0.0.0 0.0.0.0 outgoing_interface

Step 2. Inject this route into the EIGRP topology database, either using the R1(config-router)#network 0.0.0.0 command or by redistributing the static route R1(config-router)# redistribute static.

Configure a default network:

Step 1. On the router to which all traffic should be directed, identify a classful network that can be advertised into the EIGRP domain, and ensure that network is being advertised into EIGRP.

Step 2. Configure that network as a default network using the global command ip default-network network_prefix

Most often, the network is either a loopback for testing purpose or an existing route on the Internet side of the router.

Check this link for more info: http://frankfu.click/networking/cisco/create-default-route/