EIGRP Packets

 

Time to play packets. EIGRP Packets to be precise.

 

EIGRP when running in a routed environment utilizes five types of packets. A Hello, Update, Query, Reply and Acknowledgement (ACK) packet.

 

Hello Packets

Pretty much used for neighbor discovery. Multicasts with ACK # of 0.

 

Update

Update packets contain route change information. They are send to affected routers. Updates routers that the particular route has used to converge. Sent as multicasts when a route becomes passive. Syncs by unicasting during startup. Sent reliably.

 

Query

Performed in route computation when no FS is found. Sent to neighbors asking if they have a route to destination. Usually multicast but can be send as unicast. Sent reliably.

 

Reply

Send in response to a query. Must always reply. Sent reliably.

 

ACK

Acknowledges updates, queries, and replies. Unicast hello’s that contain a non zero ACK number. (Hello’s and ACK don’t require ACK’s)

 

 

image

 

Above An example Hello Packet. Notice the information provided by a simple packet sniff.

 

image

 

Above Here is an exchange of connected routes via an Update packet.

 

image

Above An example of another update packet, this time declaring it cannot reach certain networks.

 

 

A thank you to Stretch over at Packetlife for his Captures library. I am currently away from my lab.

Advertisements

EIGRP–Study Notes

ROUTE begins with a EIGRP brush up and pow-wow. I ❤ EIGRP due to it’s fast failover times but being proprietary it makes me a little sad.

Fun Facts

 

An Advanced Distance Vector Routing Protocol.

Keeps Backup Routes  in Topology table as FS

 

Combined the best attributes of a DV whilst not being as intensive as OSPF with Databases.

 

Summarization can be done anywhere unlike OSPF at ABR and ABSR

Unequal load cost balancing .

EIGRP uses Multicast and Unicast rather than broadcast. It uses the multicast address of 224.0.0.10

Administrative Distance – Cost between Routers

Feasible Distance – The sum of costs.

 

Successor –  Route with lowest FD to destination. Proven to not be a part of a Routing Loop.
Successors are offered to the Routing Table to Forward packets. Can be many if they have same FD.

 

Feasible Successor – DUAL remembers backup paths. 2nd best route to Destination. Kept in the topology table. FS are selected when successors are. Topology table maintains many FS’s.

Neighbor table

Everyone Router contains a neighbor table with Directly Connected router. Neighbor relationship stable with Hello Packets. Neighbor tables include data such as address of each neighbor, interface it is connected too and keeps Round Trip Timers in regards to optimal retransmission periods.

 

Topology table

Topology table lists best routes to a network, Successor routes, Also lists second best routes, known as Feasible Successor. (Also 3rd, 4th and so on). Instantaneously switches. Topology table maintains the metric that neighbors advertise for each destination (AD). Also the metric that the router would use to reach the dest. Via the( FD).

 

If there is a topology change, DUAL gets funky. It immediately checks if it has a FS to the Destination. If it does, no computation is required and the FS becomes the successor.

 

If there is no FS, the router sends out Query Packets to its neighbors.  If any neighbors have routes to the destination they send back a Reply Packet. If not, the neighbor sends Query packets to it’s neighbors. During this stage the destination is in Active state, a router cannot change Routing table information for the destination.

 

No route from neighbors reply with unreachable. If at least one has a route the destination returns to a passive state and becomes successor.

 

Routing table

Routing Table (show ip route shows off the best routes the router knows about).

Router compares all FDs to reach a specific network and selects the lowest FD . It earns it’s place in the routing table. FD chosen for the successor is the EIGRP metric to reach that network in the table.

image

Above: Notes regarding the Neighbor table, Topology table and Routing table.

Not a bad start. The understanding of EIGRP’s tables is paramount to it’s success maintaining uptime in your EIGRP environment.