this lab will cover route summarization, default gateway using
network-default command, variance and EIGRP passive-interface concept
R1
interface Loopback11
ip address 172.16.1.1 255.255.255.0
!
interface Loopback12
ip address 172.16.2.1 255.255.255.0
!
interface Loopback13
ip address 172.16.3.1 255.255.255.0
!
interface Loopback14
ip address 172.16.4.1 255.255.255.0
!
interface Loopback15
ip address 172.16.5.1 255.255.255.0
interface Serial0/0
ip address 30.30.12.1 255.255.255.252
clock rate 56000
interface Serial0/1
ip address 30.30.13.1 255.255.255.252
clock rate 56000
router eigrp 1
network 30.0.0.0
network 172.16.0.0
no auto-summary
R2
interface FastEthernet0/0
ip address 30.30.23.1 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 30.30.12.2 255.255.255.252
clock rate 2000000
router eigrp 1
network 30.0.0.0
no auto-summary
R3
interface FastEthernet0/0
ip address 30.30.23.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 30.30.13.2 255.255.255.252
clock rate 2000000
router eigrp 1
network 30.0.0.0
no auto-summary
Route Summarization
show ip route on R2 and R3 will show all the route for prefixes 172.16.x.x, what if you have thousands of prefixes? your routing table gonna be a mess. to reduce this, we can summarize it
R2>sh ip rou
..
172.16.0.0/24 is subnetted, 5 subnets
D 172.16.4.0 [90/2297856] via 30.30.12.1, 00:42:12, Serial0/0
D 172.16.5.0 [90/2297856] via 30.30.12.1, 00:42:12, Serial0/0
D 172.16.1.0 [90/2297856] via 30.30.12.1, 00:42:12, Serial0/0
D 172.16.2.0 [90/2297856] via 30.30.12.1, 00:42:12, Serial0/0
D 172.16.3.0 [90/2297856] via 30.30.12.1, 00:42:12, Serial0/0
..
so we have 172.16.1.0 - 172.16.5.0, the best range to contain all the above prefixes is 172.16.0.0/21 or mask 255.255.248.0.. 172.16.0.0 - 172.16.7.255
summarization is applied on the interface, lets apply this R1 Ser 0/0
interface Serial0/0
ip address 30.30.12.1 255.255.255.252
ip summary-address eigrp 1 172.16.0.0 255.255.248.0 5
clock rate 56000
end
check R2 routing table
R2>sh ip rou
....
172.16.0.0/16 is variably subnetted, 6 subnets, 2 masks
D 172.16.4.0/24 [90/2323456] via 30.30.23.2, 00:02:51, FastEthernet0/0
D 172.16.5.0/24 [90/2323456] via 30.30.23.2, 00:02:51, FastEthernet0/0
D 172.16.0.0/21 [90/2297856] via 30.30.12.1, 00:02:51, Serial0/0
D 172.16.1.0/24 [90/2323456] via 30.30.23.2, 00:02:51, FastEthernet0/0
D 172.16.2.0/24 [90/2323456] via 30.30.23.2, 00:02:51, FastEthernet0/0
D 172.16.3.0/24 [90/2323456] via 30.30.23.2, 00:02:51, FastEthernet0/0
you see that (in yellow), route to 172.16.x.x summarize into /21 subnet.. but why there's still storing the un-summarize (green)? notice that it is learned via 30.30.12.2 (R3).. and we didn't summarize route from R1 - R3.
*one more thing we need to remember, above Administrative Distance, the highest priority always the smallest prefix.. even it's learned from RIP, it's still the preferred route compare to EIGRP, OSPF...
ok, now let's summarize those network on R1 Ser0/1 (connected to R3)
ip summary-address eigrp 1 172.16.0.0 255.255.248.0 5
check routing table on both R2 and R3
R2>sh ip rou
...
172.16.0.0/21 is subnetted, 1 subnets
D 172.16.0.0 [90/2297856] via 30.30.12.1, 00:00:41, Serial0/0
now looks good :)
Default Route
let's assume 192.168.99.0/24 is gateway to outside network, and it's connected to R1
create a static route to this gateway on R1 and point it to NULL 0
ip route 192.168.99.0 255.255.255.0 Null0
and advertise it in EIGRP 1
router eigrp 1
network 30.0.0.0
network 172.16.0.0
network 192.168.99.0
no auto-summary
and make it default gateway for R2 and R3
ip default-network 192.168.99.0
show routing table on R2 and R3
R3>sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 30.30.13.1 to network 192.168.99.0
172.16.0.0/21 is subnetted, 1 subnets
D 172.16.0.0 [90/2297856] via 30.30.13.1, 00:15:21, Serial0/0
D* 192.168.99.0/24 [90/2169856] via 30.30.13.1, 1d06h, Serial0/0
30.0.0.0/8 is variably subnetted ....
yes.. that's correct :)
un-equal load balance using Variance
show R1 routing table
R1#sh ip rou
...
D 30.30.23.0/24 [90/2195456] via 30.30.13.2, 02:05:56, Serial0/1
[90/2195456] via 30.30.12.2, 02:05:56, Serial0/0
1
there's two route with same metric from R1 to network 30.30.23.0/24.. let's change this to simulate un-equal load balance
up the bandwith on R1 Ser0/1 to make the preferred path is via R3
interface Serial0/1
bandwidth 256
ip address 30.30.13.1 255.255.255.252
ip summary-address eigrp 1 172.16.0.0 255.255.248.0 5
clock rate 56000
end
and make R1 Ser0/0 to have half of Ser0/1 bandwidth
..
bandwidth 256
..
show routing table again now and you should only see on path
R1#sh ip rou
..
D 30.30.23.0/24 [90/2195456] via 30.30.12.2, 00:01:47, Serial0/0
now check metric to 30.30.23.0/24 on EIGRP topology table
R1#sh ip ei top
..
P 30.30.23.0/24, 1 successors, FD is 2195456
via 30.30.13.2 (10537472/281600), Serial0/1
via 30.30.12.2 (20537600/281600), Serial0/0
now you see the thru R3 has the lower metric.. and value is almost two times
now apply this line
router eigrp 1
variance 2
network 30.0.0.0
network 172.16.0.0
..
this line actually saying that, for every backup path.. where the primary link has twice metric value compare to it, will be load balanced
show routing table should see both path again now.. with un-equal load balance
R1#sh ip route
..
D 30.30.23.0/24 [90/10537472] via 30.30.13.2, 00:06:07, Serial0/1
[90/20537600] via 30.30.12.2, 00:06:07, Serial0/0
see... that's cool isn't it :)
passive-interface
check your EIGRP configuration on R1
router eigrp 1
variance 2
network 30.0.0.0
network 172.16.0.0
network 192.168.99.0
no auto-summary
the line in yellow saying that
-send hello packet to all this network
-advertise all this network
actually it is a security hole to have all interface to be able to send hello packet, any time bad guy can plug in to it and form a neighbor and they can manipulate your network ..
the best practice is to make all the interface passive (not send hello but still being advertised) and only open for the interface that connected to your other EIGRP router
do this on R1
router eigrp 1
variance 2
passive-interface default
network 30.0.0.0
now you will loose all neighbor... now open again for R1 Ser0/0 and Ser0/1
router eigrp 1
no passive-interface Serial0/0
no passive-interface Serial0/1
do the same for R2 and R3, now your router a lot more safer :) happy routing !