The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to configure the Enhanced Interior Gateway Routing Protocol ( EIGRP) on the Cisco NX-OS switch.
This chapter includes the following sections:
EIGRP combines the benefits of distance vector protocols with the features of link-state protocols. EIGRP sends out periodic hello messages for neighbor discovery. Once EIGRP learns a new neighbor, it sends a one-time update of all the local EIGRP routes and route metrics. The receiving EIGRP router calculates the route distance based on the received metrics and the locally assigned cost of the link to that neighbor. After this initial full route table update, EIGRP sends incremental updates to only those neighbors affected by the route change. This process speeds convergence and minimizes the bandwidth used by EIGRP.
This section includes the following topics:
The Reliable Transport Protocol guarantees ordered delivery of EIGRP packets to all neighbors. (See the “Neighbor Discovery and Recovery” section.) The Reliable Transport Protocol supports an intermixed transmission of multicast and unicast packets. The reliable transport can send multicast packets quickly when unacknowledged packets are pending. This provision helps to ensure that the convergence time remains low for various speed links. See the “Configuring Advanced EIGRP” section for details about modifying the default timers that control the multicast and unicast packet transmissions.
The Reliable Transport Protocol includes the following message types:
EIGRP uses the hello messages from the Reliable Transport Protocol to discover neighboring EIGRP routers on directly attached networks. EIGRP adds neighbors to the neighbor table. The information in the neighbor table includes the neighbor address, the interface it was learned on, and the hold time, which indicates how long EIGRP should wait before declaring a neighbor unreachable. By default, the hold time is three times the hello interval or 15 seconds.
EIGRP sends a series of Update messages to new neighbors to share the local EIGRP routing information. This route information is stored in the EIGRP topology table. After this initial transmission of the full EIGRP route information, EIGRP sends Update messages only when a routing change occurs. These Update messages contain only the new or changed information and are sent only to the neighbors affected by the change. See the “EIGRP Route Updates” section.
EIGRP also uses the Hello messages as a keepalive to its neighbors. As long as hello messages are received, Cisco NX-OS can determine that a neighbor is alive and functioning.
The Diffusing Update Algorithm (DUAL) calculates the routing information based on the destination networks in the topology table. The topology table includes the following information:
DUAL uses the distance metric to select efficient, loop-free paths. DUAL selects routes to insert into the unicast Routing Information Base (RIB) based on feasible successors. When a topology change occurs, DUAL looks for feasible successors in the topology table. If there are feasible successors, DUAL selects the feasible successor with the lowest feasible distance and inserts that into the unicast RIB, avoiding unnecessary recomputation.
When there are no feasible successors but there are neighbors advertising the destination, DUAL transitions from the passive state to the active state and triggers a recomputation to determine a new successor or next-hop router to the destination. The amount of time required to recompute the route affects the convergence time. EIGRP sends Query messages to all neighbors, searching for feasible successors. Neighbors that have a feasible successor send a Reply message with that information. Neighbors that do not have feasible successors trigger a DUAL recomputation.
When a topology change occurs, EIGRP sends an Update message with only the changed routing information to affected neighbors. This Update message includes the distance information to the new or updated network destination.
The distance information in EIGRP is represented as a composite of available route metrics, including bandwidth, delay, load utilization, and link reliability. Each metric has an associated weight that determines if the metric is included in the distance calculation. You can configure these metric weights. You can fine-tune link characteristics to achieve optimal paths, but we recommend that you use the default settings for most configurable metrics.
Internal routes are routes that occur between neighbors within the same EIGRP autonomous system. These routes have the following metrics:
Note We recommend you use the default bandwidth value. EIGRP also uses the bandwidth parameter.
By default, EIGRP uses the bandwidth and delay metrics to calculate the distance to the destination. You can modify the metric weights to include the other metrics in the calculation.
External routes are routes that occur between neighbors in different EIGRP autonomous systems. These routes have the following metrics:
EIGRP adds all learned routes to the EIGRP topology table and the unicast RIB. When a topology change occurs, EIGRP uses these routes to search for a feasible successor. EIGRP also listens for notifications from the unicast RIB for changes in any routes redistributed to EIGRP from another routing protocol.
You can use the advanced features of EIGRP to optimize your EIGRP configuration. This section includes the following topics:
EIGRP supports the IPv4 address famil.
Address family configuration mode includes the following EIGRP features:
You cannot configure the same feature in more than one configuration mode. For example, if you configure the default metric in router configuration mode, you cannot configure the default metric in address family mode.
You can configure authentication on EIGRP messages to prevent unauthorized or invalid routing updates in your network. EIGRP authentication supports MD5 authentication digest.
You can configure the EIGRP authentication per virtual routing and forwarding (VRF) instance or interface using key-chain management for the authentication keys. Key-chain management allows you to control changes to the authentication keys used by MD5 authentication digest. See the Cisco Nexus 6000 Series NX-OS Security Configuration Guide, Release 7.x, for more details about creating key-chains.
For MD5 authentication, you configure a password that is shared at the local router and all remote EIGRP neighbors. When an EIGRP message is created, Cisco NX-OS creates an MD5 one-way message digest based on the message itself and the encrypted password and sends this digest along with the EIGRP message. The receiving EIGRP neighbor validates the digest using the same encrypted password. If the message has not changed, the calculation is identical and the EIGRP message is considered valid.
MD5 authentication also includes a sequence number with each EIGRP message that is used to ensure that no message is replayed in the network.
You can use the EIGRP stub routing feature to improve network stability, reduce resource usage, and simplify stub router configuration. Stub routers connect to the EIGRP network through a remote router. See the “Stub Routing” section.
When using EIGRP stub routing, you need to configure the distribution and remote routers to use EIGRP and configure only the remote router as a stub. EIGRP stub routing does not automatically enable summarization on the distribution router. In most cases, you need to configure summarization on the distribution routers.
Without EIGRP stub routing, even after the routes that are sent from the distribution router to the remote router have been filtered or summarized, a problem might occur. For example, if a route is lost somewhere in the corporate network, EIGRP could send a query to the distribution router. The distribution router could then send a query to the remote router even if routes are summarized. If a problem communicating over the WAN link between the distribution router and the remote router occurs, EIGRP could get stuck in active condition and cause instability elsewhere in the network. EIGRP stub routing allows you to prevent queries to the remote router.
You can configure a summary aggregate address for a specified interface. Route summarization simplifies route tables by replacing a number of more-specific addresses with an address that represents all the specific addresses. For example, you can replace 10.1.1.0/24, 10.1.2.0/24, and 10.1.3.0/24 with one summary address, 10.1.0.0/16.
If more specific routes are in the routing table, EIGRP advertises the summary address from the interface with a metric equal to the minimum metric of the more specific routes.
Note EIGRP does not support automatic route summarization.
You can use EIGRP to redistribute direct routes, static routes, routes learned by other EIGRP autonomous systems, or routes from other protocols. You configure route map with the redistribution to control which routes are passed into EIGRP. A route map allows you to filter routes based on attributes such as the destination, origination protocol, route type, route tag, and so on. See Chapter14, “Configuring Route Policy Manager”
You also configure the default metric that is used for all imported routes into EIGRP.
You can use load balancing to allow a router to distribute traffic over all the router network ports that are the same distance from the destination address. Load balancing increases the utilization of network segments, which increases effective network bandwidth.
Cisco NX-OS supports the Equal Cost Multiple Paths (ECMP) feature with up to 64 equal-cost paths in the EIGRP route table and the unicast RIB. You can configure EIGRP to load balance traffic across some or all of those paths.
Note EIGRP in Cisco NX-OS does not support unequal cost load balancing.
You can use split horizon to ensure that EIGRP never advertises a route out of the interface where it was learned.
Split horizon is a method that controls the sending of EIGRP update and query packets. When you enable split horizon on an interface, Cisco NX-OS does not send update and query packets for destinations that were learned from this interface. Controlling update and query packets in this manner reduces the possibility of routing loops.
Split horizon with poison reverse configures EIGRP to advertise a learned route as unreachable back through that the interface that EIGRP learned the route from.
EIGRP uses split horizon or split horizon with poison reverse in the following scenarios:
By default, the split horizon feature is enabled on all interfaces.
This feature supports bidirectional forwarding detection (BFD). BFD is a detection protocol designed to provide fast forwarding-path failure detection times. BFD provides subsecond failure detection between two adjacent devices and can be less CPU-intensive than protocol hello messages because some of the BFD load can be distributed onto the data plane on supported modules. See the Cisco Nexus 6000 Series NX-OS Interfaces Configuration Guide, Release 7.x for more information.
Cisco NX-OS supports multiple instances of the EIGRP protocol that runs on the same system. EIGRP supports Virtual Routing and Forwarding instances (VRFs).
By default, every instance uses the same system router ID. You can optionally configure a unique router ID for each instance.
The following table shows the licensing requirements for this feature:
EIGRP has the following prerequisites:
You must enable the EIGRP feature (see the “Enabling the EIGRP Feature” section).
EIGRP has the following configuration guidelines and limitations:
Note If you are familiar with the Cisco IOS CLI, be aware that the Cisco NX-OS commands for this feature might differ from the Cisco IOS commands that you would use.
Table 7-1 lists the default settings for EIGRP parameters.
|
|
---|---|
This section includes the following topics:
You must enable the EIGRP feature before you can configure EIGRP.
|
|
|
---|---|---|
Use the no feature eigrp command to disable the EIGRP feature and remove all associated configuration.
|
|
---|---|
Disables the EIGRP feature and removes all associated configuration. |
You can create an EIGRP instance and associate an interface with that instance. You assign a unique autonomous system number for this EIGRP process (see the “Autonomous Systems” section). Routes are not advertised or accepted from other autonomous systems unless you enable route redistribution.
Ensure that you have enabled the EIGRP feature (see the “Enabling the EIGRP Feature” section).
EIGRP must be able to obtain a router ID (for example, a configured loopback address) or you must configure the router ID option.
1. If you configure an instance tag that does not qualify as an AS number, you must configure the AS number explicitly or this EIGRP instance will remain in the shutdown state.
4. (Optional) log-adjacency-changes
5. (Optional) log-neighbor-warnings [ seconds ]
6. interface interface-type slot/port
Use the no router eigrp command to remove the EIGRP process and the associated configuration.
|
|
---|---|
Note You should also remove any EIGRP commands configured in interface mode if you remove the EIGRP process.
This example shows how to create an EIGRP process and configure an interface for EIGRP:
switch(config-router)# router eigrp Test1
switch(config-router)# address-family ipv4 unicast
switch(config-router-af)# autonomous-system 1
switch(config-router-af)# exit
switch(config)# i nterface ethernet 1/2
switch(config-if)# no switchport
switch(config-if)# ipv6 router eigrp Test1
switch(config-if)# no shutdown
switch(config-if)# copy running-config startup-config
For more information about other EIGRP parameters, see the “Configuring Advanced EIGRP” section.
You can restart an EIGRP instance. This clears all neighbors for the instance.
To restart an EIGRP instance and remove all associated neighbors, use the following commands:
You can gracefully shut down an EIGRP instance. This action emoves all routes and adjacencies but preserves the EIGRP configuration.
To disable an EIGRP instance, use the following command in address family mode:
|
|
---|---|
Disables this instance of EIGRP. The EIGRP router configuration remains. |
You can configure a passive interface for EIGRP. A passive interface does not participate in EIGRP adjacency but the network address for the interfacee remains in the EIGRP topology table.
To configure a passive interface for EIGRP, use the following command in interface configuration mode:
You can gracefully shut down EIGRP on an interface. This action removes all adjacencies and stops EIGRP traffic on this interface but preserves the EIGRP configuration.
To disable EIGRP on an interface, use the following command in interface configuration mode:
|
|
---|---|
Disables EIGRP on this interface. The EIGRP interface configuration remains. The instance tag can be any case-sensitive, alphanumeric string up to 20 characters. |
This section includes the following topics:
You can configure authentication between neighbors for EIGRP. See the “Authentication” section.
You can configure EIGRP authentication for the EIGRP process or for individual interfaces. Interface EIGRP authentication configuration overrides the EIGRP process-level authentication configuration.
Ensure that you have enabled the EIGRP feature (see the “Enabling the EIGRP Feature” section).
Ensure that all neighbors for an EIGRP process share the same authentication configuration, including the shared authentication key.
Create the key-chain for this authentication configuration. See the Cisco Nexus 6000 Series NX-OS Security Configuration Guide, Release 7.x.
3. address-family ipv4 unicast
4. authentication key-chain key-chain
6. interface interface-type slot/port
8. ip router eigrp instance-tag
9. ip authentication key-chain eigrp instance-tag key-chain
This example shows how to configure MD5 message digest authentication for EIGRP over Ethernet interface 1/2:
switch(config)# router eigrp Test1
switch(config)# interface ethernet 1/2
switch(config-if)# no switchport
switch(config-if)# ip router eigrp Test1
switch(config-if)# ip authentication key-chain eigrp Test1 routeKeys
switch(config-if)# ip authentication mode eigrp Test1 md5
switch(config-if)# copy running-config startup-config
To configure a router for EIGRP stub routing, use the following command in address-family configuration mode:
This example shows how to configure a stub router to advertise directly connected and redistributed routes:
switch(config)# router eigrp Test1
switch(config-router)# address-family ipv4 unicast
switch(config-router-af)# stub direct redistributed
switch(config-router-af)# copy running-config startup-config
Use the show ip eigrp neighbor detail command to verify that a router has been configured as a stub router. The last line of the output shows the stub status of the remote or spoke router. This example shows the output from the show ip eigrp neighbor detail command:
You can configure a summary aggregate address for a specified interface. If any more specific routes are in the routing table, EIGRP will advertise the summary address out the interface with a metric equal to the minimum of all more specific routes. See the “Route Summarization” section.
To configure a summary aggregate address, use the following command in interface configuration mode:
This example causes EIGRP to summarize network 192.0.2.0 out Ethernet 1/2 only:
switch(config-if)# no switchport
You can redistribute routes in EIGRP from other routing protocols.
Note Redistribution does not work if the access list is used as a match option in route-maps.
Ensure that you have enabled the EIGRP feature (see the “Enabling the EIGRP Feature” section).
You must configure the metric (either through the default-metric configuration option or through a route map) for routes redistributed from any other protocol.
You must create a route map to control the types of routes that are redistributed into EIGRP. See Chapter14, “Configuring Route Policy Manager”
3. address-family ipv4 unicast
4. redistribute { bgp as | { eigrp | ospf | ospfv3 | rip } instance-tag | direct | static } route-map name
5. default-metric bandwidth delay reliability loading mtu
This example shows how to redistribute BGP into EIGRP for IPv4:
switch(config)# router eigrp Test1
switch(config-router)# redistribute bgp 100 route-map BGPFilter
switch(config-router)# default-metric 500000 30 200 1 1500
switch(config-router)# copy running-config startup-config
Route redistribution can add many routes to the EIGRP route table. You can configure a maximum limit to the number of routes accepted from external protocols. EIGRP provides the following options to configure redistributed route limits:
Ensure that you have enabled the EIGRP feature (see the “Enabling the EIGRP Feature” section).
3. redistribute { bgp id | direct | eigrp id | ospf id | rip id | static } route-map map-name
4. redistribute maximum-prefix max [ threshold ] [ warning-only | withdraw [ num-retries timeout ]]
This example shows how to limit the number of redistributed routes into EIGRP:
switch(config)# router eigrp Test1
switch(config-router)# redistribute bgp route-map FilterExternalBGP
switch(config-router)# redistribute maximum-prefix 1000 75
You can configure load balancing in EIGRP. You can configure the number of Equal Cost Multiple Path (ECMP) routes using the maximum paths option. See the “Configuring Load Balancing in EIGRP” section.
Ensure that you have enabled the EIGRP feature (see the “Enabling the EIGRP Feature” section).
This example shows how to configure equal cost load balancing for EIGRP over IPv4 with a maximum of six equal cost paths:
switch(config)# router eigrp Test1
switch(config-router)# maximum-paths 6
switch(config-router)# copy running-config startup-config
You can adjust the interval between hello messages and the hold time.
By default, hello messages are sent every 5 seconds. The hold time is advertised in hello messages and indicates to neighbors the length of time that they should consider the sender valid. The default hold time is three times the hello interval, or 15 seconds.
To change the interval between hello packets, use the following command in interface configuration mode:
On very congested and large networks, the default hold time might not be sufficient time for all routers to receive hello packets from their neighbors. In this case, you might want to increase the hold time.
To change the hold time, use the following command in interface configuration mode:
Use the show ip eigrp interface detail command to verify timer configuration.
You can use split horizon to block route information from being advertised by a router out of any interface from which that information originated. Split horizon usually optimizes communications among multiple routing switches, particularly when links are broken.
By default, split horizon is enabled on all interfaces.
To disable split horizon, use the following command in interface configuration mode:
|
|
---|---|
You can configure optional parameters to tune EIGRP for your network.
You can configure the following optional parameters in address-family configuration mode:
You can configure the following optional parameters in interface configuration mode:
You can set the administrative distance of routes added by EIGRP into the RIB.
Ensure that you are in the correct VDC (or use the switchto vdc command).
Step 1 Enters global configuration mode.
Step 2 Creates a new EIGRP instance and enters router configuration mode.
Step 3 Configures a table map with route map information. You can enter up to 63 alphanumeric characters for the map name. The filter keyword filters routes rejected by the route map and does not download them to the RIB.
Step 4 (Optional) Saves the change persistently through reboots and restarts by copying the running configuration to the startup configuration.
You can create multiple VRFs and use the same or multiple EIGRP processes in each VRF. You assign an interface to a VRF.
Note Configure all other parameters for an interface after you configure the VRF for an interface. Configuring a VRF for an interface deletes all other configuration for that interface.
Ensure that you have enabled the EIGRP feature (see the “Enabling the EIGRP Feature” section).
4. interface ethernet slot/port
This example shows how to create a VRF and add an interface to the VRF:
switch(config)# vrf context NewVRF
switch(config-vrf)# router eigrp Test1
switch(config-router)# i nterface ethernet 1/2
switch(config-if)# no switchport
switch(config-if)# ip router eigrp Test1
switch(config-if)# vrf member NewVRF
switch(config-if)# copy running-config startup-config
To display the EIGRP configuration information, perform one of the following tasks:
To display EIGRP statistics, use the following commands:
|
|
---|---|
show ip eigrp [instance-tag] route-map statistics redistribute |
|
This example shows how to configure EIGRP:
See Chapter 14, “Configuring Route Policy Manager” for more information on route maps.
For additional information related to implementing EIGRP, see the following sections:
|
|
---|---|
Cisco Nexus 6000 Series Command Reference, Cisco NX-OS Releases 7.x |
|
http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a008012dac4.shtml |
|
|
---|---|
To locate and download MIBs, go to the following URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml |