EIGRP Intro
Home Up

 

 

S.E.A.D.S. Cisco EIGRP Page

 

 

Introduction to EIGRP

IP Routing

Introduction to EIGRP

 
 
 

Document ID: 13669



Contents

Introduction
Before You Begin
      Conventions
      Prerequisites
      Components Used
What is IGRP?
What is EIGRP?
How Does EIGRP Work?
EIGRP Concepts
      Neighbor Table
      Topology Table
      Feasible Successors
      Route States
      Packet Formats
      Route Tagging
Compatibility Mode
DUAL Example
Frequently Asked Questions
      Is configuring EIGRP as easy as configuring IGRP?
      Do I have debugging capabilities like IGRP?
      Are the same features available in IP-EIGRP as are available in IP-IGRP?
      How much bandwidth and processor resources does EIGRP use?
      Does IP-EIGRP support aggregation and variable length subnet masks?
      Does EIGRP support areas?
Cisco Support Community - Featured Conversations
Related Information
 

Introduction

This paper is an introduction to the Interior Gateway Routing Protocol (IGRP) suite of routing protocols designed and developed by Cisco Systems. This paper should be used as an information-only document intended as a technology introduction and does not represent a protocol specification or product description.

Before You Begin

Conventions

Refer to Cisco Technical Tips Conventions for more information on document conventions.

Prerequisites

There are no specific prerequisites for this document.

Components Used

This document is not restricted to specific software and hardware versions.

What is IGRP?

IGRP is used in TCP/IP and Open System Interconnection (OSI) Internets. The original IP version was designed and deployed successfully in 1986. It is regarded as an IGP but has also been used extensively as an Exterior Gateway Protocol (EGP) for inter-domain routing. IGRP uses distance vector routing technology. The concept is that each router need not know all the router/link relationships for the entire network. Each router advertises destinations with a corresponding distance. Each router hearing the information adjusts the distance and propagates it to neighboring routers.

The distance information in IGRP is represented as a composite of available bandwidth, delay, load utilization, and link reliability. This allows fine tuning of link characteristics to achieve optimal paths.

What is EIGRP?

EIGRP is an enhanced version of IGRP. The same distance vector technology found in IGRP is also used in EIGRP, and the underlying distance information remains unchanged. The convergence properties and the operating efficiency of this protocol have improved significantly. This allows for an improved architecture while retaining existing investment in IGRP.

The convergence technology is based on research conducted at SRI International. The Diffusing Update Algorithm (DUAL) is the algorithm used to obtain loop-freedom at every instant throughout a route computation. This allows all routers involved in a topology change to synchronize at the same time. Routers that are not affected by topology changes are not involved in the recomputation. The convergence time with DUAL rivals that of any other existing routing protocol.

EIGRP has been extended to be network-layer-protocol independent, thereby allowing DUAL to support other protocol suites.

How Does EIGRP Work?

EIGRP has four basic components:

  • Neighbor Discovery/Recovery
  • Reliable Transport Protocol
  • DUAL Finite State Machine
  • Protocol Dependent Modules

Neighbor Discovery/Recovery is the process that routers use to dynamically learn of other routers on their directly attached networks. Routers must also discover when their neighbors become unreachable or inoperative. This process is achieved with low overhead by periodically sending small hello packets. As long as hello packets are received, a router can determine that a neighbor is alive and functioning. Once this is determined, the neighboring routers can exchange routing information.

The reliable transport is responsible for guaranteed, ordered delivery of EIGRP packets to all neighbors. It supports intermixed transmission of multicast or unicast packets. Some EIGRP packets must be transmitted reliably and others need not. For efficiency, reliability is provided only when necessary. For example, on a multi-access network that has multicast capabilities, such as Ethernet, it is not necessary to send hellos reliably to all neighbors individually. So EIGRP, sends a single multicast hello with an indication in the packet informing the receivers that the packet need not be acknowledged. Other types of packets, such as updates, require acknowledgment and this is indicated in the packet. The reliable transport has a provision to send multicast packets quickly when there are unacknowledged packets pending. This helps insure that convergence time remains low in the presence of varying speed links.

The DUAL finite state machine embodies the decision process for all route computations. It tracks all routes advertised by all neighbors. The distance information, known as a metric, is used by DUAL to select efficient loop free paths. DUAL selects routes to be inserted into a routing table based on feasible successors. A successor is a neighboring router used for packet forwarding that has a least cost path to a destination that is guaranteed not to be part of a routing loop. When there are no feasible successors but there are neighbors advertising the destination, a recomputation must occur. This is the process where a new successor is determined. The amount of time it takes to recompute the route affects the convergence time. Even though the recomputation is not processor-intensive, it is advantageous to avoid recomputation if it is not necessary. When a topology change occurs, DUAL will test for feasible successors. If there are feasible successors, it will use any it finds in order to avoid any unnecessary recomputation. Feasible successors are defined in more detail later in this document.

The protocol-dependent modules are responsible for network layer, protocol-specific requirements. For example, the IP-EIGRP module is responsible for sending and receiving EIGRP packets that are encapsulated in IP. IP-EIGRP is responsible for parsing EIGRP packets and informing DUAL of the new information received. IP-EIGRP asks DUAL to make routing decisions and the results of which are stored in the IP routing table. IP-EIGRP is responsible for redistributing routes learned by other IP routing protocols.

EIGRP Concepts

This section describes some details about Cisco's EIGRP implementation. Both data structures and the DUAL concepts are discussed.

Neighbor Table

Each router keeps state information about adjacent neighbors. When newly discovered neighbors are learned, the address and interface of the neighbor is recorded. This information is stored in the neighbor data structure. The neighbor table holds these entries. There is one neighbor table for each protocol dependent module. When a neighbor sends a hello, it advertises a HoldTime. The HoldTime is the amount of time a router treats a neighbor as reachable and operational. In other words, if a hello packet isn't heard within the HoldTime, then the HoldTime expires. When the HoldTime expires, DUAL is informed of the topology change.

The neighbor table entry also includes information required by the reliable transport mechanism. Sequence numbers are employed to match acknowledgments with data packets. The last sequence number received from the neighbor is recorded so out of order packets can be detected. A transmission list is used to queue packets for possible retransmission on a per neighbor basis. Round trip timers are kept in the neighbor data structure to estimate an optimal retransmission interval.

Topology Table

The Topology Table is populated by the protocol dependent modules and acted upon by the DUAL finite state machine. It contains all destinations advertised by neighboring routers. Associated with each entry is the destination address and a list of neighbors that have advertised the destination. For each neighbor, the advertised metric is recorded. This is the metric that the neighbor stores in its routing table. If the neighbor is advertising this destination, it must be using the route to forward packets. This is an important rule that distance vector protocols must follow.

Also associated with the destination is the metric that the router uses to reach the destination. This is the sum of the best advertised metric from all neighbors plus the link cost to the best neighbor. This is the metric that the router uses in the routing table and to advertise to other routers.

Feasible Successors

A destination entry is moved from the topology table to the routing table when there is a feasible successor. All minimum cost paths to the destination form a set. From this set, the neighbors that have an advertised metric less than the current routing table metric are considered feasible successors.

Feasible successors are viewed by a router as neighbors that are downstream with respect to the destination. These neighbors and the associated metrics are placed in the forwarding table.

When a neighbor changes the metric it has been advertising or a topology change occurs in the network, the set of feasible successors may have to be re-evaluated. However, this is not categorized as a route recomputation.

Route States

A topology table entry for a destination can have one of two states. A route is considered in the Passive state when a router is not performing a route recomputation. The route is in Active state when a router is undergoing a route recomputation. If there are always feasible successors, a route never has to go into Active state and avoids a route recomputation.

When there are no feasible successors, a route goes into Active state and a route recomputation occurs. A route recomputation commences with a router sending a query packet to all neighbors. Neighboring routers can either reply if they have feasible successors for the destination or optionally return a query indicating that they are performing a route recomputation. While in Active state, a router cannot change the next-hop neighbor it is using to forward packets. Once all replies are received for a given query, the destination can transition to Passive state and a new successor can be selected.

When a link to a neighbor that is the only feasible successor goes down, all routes through that neighbor commence a route recomputation and enter the Active state.

Packet Formats

EIGRP uses five packet types:

  • Hello/Acks
  • Updates
  • Queries
  • Replies
  • Requests

As stated earlier, hellos are multicast for neighbor discovery/recovery. They do not require acknowledgment. A hello with no data is also used as an acknowledgment (ack). Acks are always sent using a unicast address and contain a non-zero acknowledgment number.

Updates are used to convey reachability of destinations. When a new neighbor is discovered, update packets are sent so the neighbor can build up its topology table. In this case, update packets are unicast. In other cases, such as a link cost change, updates are multicast. Updates are always transmitted reliably.

Queries and replies are sent when destinations go into Active state. Queries are always multicast unless they are sent in response to a received query. In this case, it is unicast back to the successor that originated the query. Replies are always sent in response to queries to indicate to the originator that it does not need to go into Active state because it has feasible successors. Replies are unicast to the originator of the query. Both queries and replies are transmitted reliably.

Request packets are used to get specific information from one or more neighbors. Request packets are used in route server applications. They can be multicast or unicast. Requests are transmitted unreliably.

Route Tagging

EIGRP has the notion of internal and external routes. Internal routes are ones that have been originated within an EIGRP autonomous system (AS). Therefore, a directly attached network that is configured to run EIGRP is considered an internal route and is propagated with this information throughout the EIGRP AS. External routes are ones that have been learned by another routing protocol or reside in the routing table as static routes. These routes are tagged individually with the identity of their origination.

External routes are tagged with the following information:

  • The router ID of the EIGRP router that redistributed the route.
  • The AS number where the destination resides.
  • A configurable administrator tag.
  • Protocol ID of the external protocol.
  • The metric from the external protocol.
  • Bit flags for default routing.

As an example, suppose there is an AS with three border routers. A border router is one that runs more than one routing protocol. The AS uses EIGRP as the routing protocol. Let's say two of the border routers, BR1 and BR2, use Open Shortest Path First (OSPF) and the other, BR3, uses Routing Information Protocol (RIP).

Routes learned by one of the OSPF border routers, BR1, can be conditionally redistributed into EIGRP. This means that EIGRP running in BR1 advertises the OSPF routes within its own AS. When it does so, it advertises the route and tags it as an OSPF learned route with a metric equal to the routing table metric of the OSPF route. The router-id is set to BR1. The EIGRP route propagates to the other border routers. Let's say that BR3, the RIP border router, also advertises the same destinations as BR1. Therefore BR3, redistributes the RIP routes into the EIGRP AS. BR2, then, has enough information to determine the AS entry point for the route, the original routing protocol used, and the metric. Further, the network administrator could assign tag values to specific destinations when redistributing the route. BR2 can use any of this information to use the route or re-advertise it back out into OSPF.

Using EIGRP route tagging can give a network administrator flexible policy controls and help customize routing. Route tagging is particularly useful in transit ASes where EIGRP would typically interact with an inter-domain routing protocol that implements more global policies. This combines for very scalable policy based routing.

Compatibility Mode

EIGRP provides compatibility and seamless inter-operation with IGRP routers. This is important so users can take advantage of the benefits of both protocols. The compatibility features do not require users to have a flag day to enable EIGRP. EIGRP can be enabled in strategic places carefully without disruption to IGRP performance.

There is an automatic redistribution mechanism used so IGRP routes are imported into EIGRP and vice versa. Since the metrics for both protocols are directly translatable, they are easily comparable as if they were routes that originated in their own AS. In addition, IGRP routes are treated as external routes in EIGRP so the tagging capabilities are available for custom tuning.

IGRP routes take precedence over EIGRP routes by default. This can be changed with a configuration command that does not require the routing processes to restart.

DUAL Example

The following network diagram illustrates how DUAL converges. The example focuses on destination N only. Each node shows its cost to N (in hops). The arrows show the node's successor. So, for example, C uses A to reach N and the cost is 2.

/image/gif/paws/13669/1a.gif

If the link between A and B fails, B sends a query informing its neighbors that it has lost its feasible successor. D receives the query and determines if it has any other feasible successors. If it does not, it has to start a route computation and enter the active state. However in this case, C is a feasible successor because its cost (2) is less than than D's current cost (3) to destination N. D can switch to C as its successor. Note A and C did not participate because they were unaffected by the change.

Now let's cause a route computation to occur. In this scenario, let's say the link between A and C fails. C determines that it has lost its successor and has no other feasible successors. D is not considered a feasible successor because its advertised metric (3) is greater than C's current cost (2) to reach destination N. C must perform a route computation for destination N. C sends a query to its only neighbor D. D replies because its successor has not changed. D does not need to perform a route computation. When C receives the reply it knows that all neighbors have processed the news about the failure to N. At this point, C can choose its new feasible successor D with a cost of (4) to reach destination N. Note that A and B were unaffected by the topology change and D needed to simply reply to C.

Frequently Asked Questions

Is configuring EIGRP as easy as configuring IGRP?

Yes, you configure EIGRP just like you configure IGRP. You configure a routing process and which networks the protocol should run over. Existing configuration files can be used.

Do I have debugging capabilities like IGRP?

Yes, there are both protocol independent and dependent debug commands that inform you what the protocol is doing. There is a suite of show commands that give you neighbor table status, topology table status, and EIGRP traffic statistics.

Are the same features available in IP-EIGRP as are available in IP-IGRP?

All of the features that you have used in IGRP are available in EIGRP. One feature to point out is multiple routing processes. You can use a single process that runs both IGRP and EIGRP. You can use multiple processes that run both. You can use one process that runs IGRP and another to run EIGRP. You can mix and match. This can help customize your routing to a particular protocol as your needs change.

How much bandwidth and processor resources does EIGRP use?

The bandwidth utilization issue has been addressed by implementing partial and incremental updates. Therefore, only when a topology change occurs does routing information get sent. Regarding processor utilization, the feasible successor technology greatly reduces the total processor utilization of an AS by requiring only the routers that were affected by a topology change to perform the route recomputation. Furthermore, the route recomputation only occurs for routes that were affected. Only those data structures are accessed and used. This greatly reduces search time in complex data structures.

Does IP-EIGRP support aggregation and variable length subnet masks?

Yes it does. IP-EIGRP performs route aggregation the same way IGRP does. That is, subnets of an IP network are not advertised over another IP network. The subnet routes are summarized into a single network number aggregate. In addition, IP-EIGRP will allow aggregation on any bit boundary in an IP address and can be configured at network interface granularity.

Does EIGRP support areas?

No, a single EIGRP process is analogous to an area of a link-state protocol. However, within the process, information can be filtered and aggregated at any interface boundary. If one wants to bound the propagation of routing information, multiple routing processes can be configured to achieve a hierarchy. Since DUAL itself limits route propagation, multiple routing processes are typically used to define organizational boundaries.

Cisco Support Community - Featured Conversations

Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers. Below are just some of the most recent and relevant conversations happening right now.

 

Want to see more? Join us by clicking here
  • EIGRP Network Commandrich_foster2 Replies2 weeks, 5 days ago
    I've noticed that in 12.4(24)T3 when using the network command in EIGRP it also advertises static routes.  For example in my lab I issued the following commands:   router eigrp 1   network 88.0.0.0   ip route 88.0.0.0 255.0.0.0 Null0   And can see the route appear and disappear on a neighboring EIGRP router (as I delete and re-apply the static route): R8#sh ip eigrp topology 88.0.0.0 255.0.0.0 IP-EIGRP (AS 1): Topology entry for 88.0.0.0/8   State is Passive, Query origin flag is 1, 1 Successor(s), FD is 33280   Routing Descriptor Blocks:   70.15.1.17 (FastEthernet3/0), from 70.15.1.17, Send flag is 0x0       Composite metric is (33280/30720), Route is Internal       Vector metric:         Minimum bandwidth is 100000 Kbit         Total delay is 300 microseconds         Reliability is 0/255         Load is 1/255         Minimum MTU is 1500         Hop count is 3   This obviously isn't a problem, it's just the 12.4T documentation states the following:   When the network command is configured for an  EIGRP routing process, the router matches one or more local interfaces.  The network command matches only local interfaces that are configured with  addresses that are within the same subnet as the address that has been  configured with the network command.   http://www.cisco.com/en/US/docs/ios/iproute_eigrp/command/reference/ire_i1.html#wp1026909   Is there any reason why this is happening?
    • Re: EIGRP Network Commandjon.marshall2 weeks, 5 days ago
      rich_foster wrote:   I've noticed that in 12.4(24)T3 when using the network command in EIGRP it also advertises static routes.  For example in my lab I issued the following commands:   router eigrp 1   network 88.0.0.0   ip route 88.0.0.0 255.0.0.0 Null0     This obviously isn't a problem, it's just the 12.4T documentation states the following:   When the network command is configured for an  EIGRP...
  • EIGRP Multiple-AS Redistribution...kfarrington1 Reply5 months, 1 week ago
    Hi Guys,   I have the following network topology (please see attached)   Now,  if the prefix on the WAN on site 1 192.168.1.x is advertised to the core on site1, the core switch has two EIGRP *** and redistributes this from AS100 to AS101. (one-way) A couple of questions if I may.   1.  If there was a transmission delay on the Site1 to Site2 link, and the route update was passed to site2 via site3 and site4, the prefix would go into the RT under the AS101.  Then the Site2 router received an update from site1 over the direct link.  What would happen.  Assuming that's the metric for the prefix is less on the direct link, would it purge the route from AS101 topo table in the RT now with the route from AS100 with the lower metric?   2.  When routes are redist between EIGRP ***, does the metric get zeroed, or carried into the new AS?   I seem to remember that there have been discussions before and maybe a code change changed the behavior?  Ie,  the site2 router would just use the update that it received first, or the site2 router would use the update with the lowest EIGRP AS number or, the site2 router would use the route with the lowest metric (assuming AD, prefix-length are the same)   Can someone confirm this for me please?   Many thx, Ken

    Attachments:

    • Re: EIGRP Multiple-AS Redistribution...https://supportforums.cisco.com/people/andrew.prince%40monster.com5 months, 1 week ago
      1.  If there was a transmission delay on the Site1 to Site2 link, and the route update was passed to site2 via site3 and site4, the prefix would go into the RT under the AS101.  Then the Site2 router received an update from site1 over the direct link.  What would happen.  Assuming that's the metric for the prefix is less on the direct link, would it purge the route from AS101 topo table in the RT now with the route from...
  • show ip eigrp events: route ignored,...stevejennings3 Replies3 months, 2 weeks ago
    When I do a "show ip eigrp events" I see "Ignored route, neighbor info: 10.46.246.14 FastEthernet0/2". Two things: (1) FastEthernet0/2 is administratively shutdown (2) there isn't a dup router. I have had a Cisco TAC case opened on this for about 6 weeks with several people looking at the configs and agreeing there's no dup router-id. Yet, I haven't gotten an explanation for what the heck this means. Anyone else ever see something similar?     437  12:23:50.006 RDB delete: 10.46.135.114/32 0.0.0.0 438  12:23:50.006 queued for recalculation: 439  12:23:50.006 min metric/result code: 512000 2 440  12:23:50.006 added/metric: 0 0 441  12:23:50.006 Revise summary: 10.46.128.0/18 442  12:23:50.006 Find FS: 10.46.135.114/32 4294967295 443  12:23:50.006 Free reply status: 10.46.135.114/32 444  12:23:50.006 Clr handle num/bits: 1 0x0 445  12:23:50.006 Clr handle dest/cnt: 10.46.135.114/32 0 446  12:23:50.006 Rcv reply met/succ met: 4294967295 4294967295 447  12:23:50.006 Rcv reply dest/nh: 10.46.135.114/32 10.46.246.14 448  12:23:50.006 Ignored route, neighbor info: 10.46.246.14 FastEthernet0/2 449  12:23:50.006 Ignored route, dup router: 10.46.242.62     Thanks, Steve
    • Re: show ip eigrp events: route...stevejennings3 months, 2 weeks ago
      Also . . . the route being ignored is coming from a BGP redistribution into EIGRP.   And . . . the 10.46.246.14 address is the G0/2.1 subinterface of the sending router.   Thanks again, Steve
      • Re: show ip eigrp events: route...giuslar3 months, 2 weeks ago
        Hello Steve, is the redistribution of BGP into EIGRP taking place on the same device or on the neighbor device or both are redistributing the same BGP prefix?   about the next-hop, if I understand correctly the IP 10.46.246.14 is that of a regular EIGRP neighbor?   Is correct to say that this output is taken by a debug ip eigrp events rather then a show command?   There are some non-sense messages in EIGRP debug messages like...
        • Re: show ip eigrp events: route...stevejennings3 months, 2 weeks ago
          <<<<<is the redistribution of BGP into EIGRP taking place on the same device or on the neighbor device or both are redistributing the same BGP prefix?>>>>>   There are 3 7204's involved, all receiving the same BGP distribution into the same EIGRP processes.     <<<<<about the next-hop, if I understand correctly the IP 10.46.246.14 is that of a regular EIGRP...
  • introduction to Network administration!vmzyece19772 Replies2 years, 10 months ago
    Does anyone out there know whether the Intoduction to network administration, DHCP and Bootp are covered in the CCNA exams??? Thank you!
    • Re: introduction to Network...jrensink782 years, 10 months ago
      You can see the exam topics for the new test being released in August at http://www.cisco.com/web/learning/le3/current_exams/640-802.html .   Knowing about and configuring DHCP is on that list of topics.  I didn't see bootp on the list.    Network administration is a pretty broad category.  There are some facets of it in the test.  I would mainly stick to that list of exam topics for what you want to study.
    • Re: introduction to Network...bchoi99992 years, 10 months ago
      if you need to learn subnetting, go to easysubnet.com
  • ASA 5505 Introductionmartynch12 Replies1 month, 6 days ago
      Data VLAN 192.168.3.0 Voice VLAN 10.50.50.0 DHCP Server with both  ranges is 192.168.3.201 Gateway Linksys: 192.168.3.254   Switch  configuration: - ip routing no ip domain-lookup !         vlan  2-3 ! interface FastEthernet0/1 description *****Link to  2801***** switchport trunk encapsulation dot1q switchport trunk  native vlan 2 switchport mode trunk duplex full speed 100 spanning-tree portfast ! interface FastEthernet0/2 description *****DHCP Server***** switchport access vlan 2 switchport trunk native vlan 2 switchport voice vlan 3 spanning-tree portfast ! interface FastEthernet0/33 description *****Martyn's IP Phone***** switchport access vlan 2 switchport mode access switchport voice vlan 3 shutdown spanning-tree portfast ! interface FastEthernet0/44 description *****AP***** switchport trunk encapsulation dot1q switchport trunk native vlan 2 switchport trunk allowed vlan 1-3 switchport mode trunk spanning-tree portfast ! interface  FastEthernet0/48 description *****LINKSYS***** switchport trunk  encapsulation dot1q switchport trunk native vlan 2 switchport  mode trunk ! interface Vlan1 no ip address ! interface  Vlan2 description *****Data***** ip address 192.168.3.250  255.255.255.0 ! interface Vlan3 description *****Voice***** ip address 10.50.50.250 255.255.255.0 ip helper-address  192.168.3.201   AP Configuration dot11 vlan-name Data vlan 2 dot11 vlan-name  Voice vlan 3 ! dot11 ssid Data    vlan 2    authentication  open    guest-mode !         dot11 ssid Voice    vlan 3     authentication open ! power inline negotiation prestandard  source ! bridge irb ! ! interface Dot11Radio0 no ip  address no ip route-cache ! encryption vlan 3 key 1 size  128bit 7 E3BEDBF2515AF471C34CFBB0 transmit-key encryption vlan 3  mode wep mandatory ! encryption vlan 2 key 1 size 128bit 7  2E17A6E62FA4D039AD5B57BB transmit-key encryption vlan 2 mode wep  mandatory ! ssid Data ! ssid Voice ! station-role root ! interface Dot11Radio0.2 encapsulation  dot1Q 2 native ip helper-address 192.168.3.250 no ip route-cache bridge-group 1 bridge-group 1 block-unknown-source no  bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio0.3 encapsulation dot1Q 3 ip helper-address 192.168.3.250 no ip  route-cache bridge-group 3 bridge-group 3  subscriber-loop-control bridge-group 3 block-unknown-source no  bridge-group 3 source-learning no bridge-group 3 unicast-flooding bridge-group 3 spanning-disabled ! interface Dot11Radio1 no  ip address no ip route-cache shutdown ! encryption vlan 3  key 1 size 128bit 7 E3BEDBF25198471C34CFBB0 transmit-key encryption vlan 3 mode wep mandatory ! encryption vlan 2 key 1  size 128bit 7 2E17A6E65A4D039AD5B57BB transmit-key encryption  vlan 2 mode wep mandatory ! ssid Data ! ssid Voice ! no dfs band block channel dfs station-role root ! interface  Dot11Radio1.2 encapsulation dot1Q 2 native no ip route-cache bridge-group 1 bridge-group 1 block-unknown-source no  bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio1.3 encapsulation dot1Q 3 no ip route-cache bridge-group 3 bridge-group 3 subscriber-loop-control bridge-group 3  block-unknown-source no bridge-group 3 source-learning no  bridge-group 3 unicast-flooding bridge-group 3 spanning-disabled ! interface  FastEthernet0 no ip address no ip route-cache duplex auto speed auto ! interface FastEthernet0.2 encapsulation dot1Q 2  native no ip route-cache bridge-group 1 no bridge-group 1  source-learning bridge-group 1 spanning-disabled ! interface  FastEthernet0.3 encapsulation dot1Q 3 ip helper-address  192.168.3.250 no ip route-cache bridge-group 3 no  bridge-group 3 source-learning bridge-group 3 spanning-disabled ! interface  BVI1 ip address 192.168.3.244 255.255.255.0 ip helper-address  192.168.3.250 no ip route-cache   The above is working  well but I want to introduce an ASA and remove the Linksys, my ASA only  has 3 VLAN's with the key I have, so VLAN 1, 2 and 3   So my  question to the experts here is "how do I introduce it with my current  config?"   Thanks for your time   Martyn
    • Re: ASA 5505 Introductionhttps://supportforums.cisco.com/people/rwagner%40partners-intl.net1 month, 6 days ago
      You actually only have 2.5 VLANs with the 5505.  If you use the .5 vlan it has to restrict traffic flow to 1 of the vlans.     Also you can create additional vlans but you can not associate them with access-list or NATing.     You have a couple options. 1) You buy a 5510 2) you use the following setup     WAN = vlan 2 (default for asa5505 -- from memory) LAN = vlan 1 (aslo default for asa5505 -- from memory)...
      • Re: ASA 5505 Introductioncoto.fusionet1 month, 6 days ago
        If you have an ASA 5505 with base license, you have the INSIDE and OUTSIDE interfaces and a DMZ (with limited access to only another interface). If you purchase a Security Plus license, then you will have 3 fully usable and routable interfaces on the 5505.   Federico.
  • Introduction CCNA(03) to "CCNA"sportsroute2473652 Replies4 years, 1 week ago
    Hello guys.  Just wanted to introduce myself to the crowd.  The name is DeWayne.  I look to make some friends here, pick up some mentors, and get support on renewing my CCNA.  My hobbies are Meeting new folks, learning new things, Sports (esp. Soccer), Reading, eActivities, and Internet.   My current status is that I have read about half of the CCNA Study Guide (by Lammle) but got distracted for a week straight so I decided that I was going to start over (pls don't call me a geek but the internetworking stuff is fun).    Anyway, pls feel free to send me messages anytime.  Again, looking to have fun with you guys/girls.   Oh, I hail from Dallas, TX.
    • Re: Introduction CCNA(03) to "CCNA"stomasko4 years, 1 week ago
      Just a suggestion, if you already have CCNA why not start working towards CCNP.  Each passed exam automatically renews CCNA for additional 3 years.  Just a suggestion to slowly boost your career while retaining CCNA.   Good luck Steve
      • Re: Introduction CCNA(03) to "CCNA"sportsroute2473654 years, 1 week ago
        Thanks Stomasko.  Your reply actually prompted me to do the research.  Please ur sooo right.  Here's the official Cisco reference text to support your advice just for future newbies.   "CCNA certifications are valid for three years. To recertify, either pass the current CCNA exam, or pass the ICND exam, or pass any 642 professional level or Cisco Qualified Specialist exam (excluding Sales Specialist exams), or pass a CCIE...
  • Root Guard and Rogue Switch Introductionhttps://supportforums.cisco.com/people/scott.2.brown%40bt.com6 Replies1 year, 3 months ago
    Hi All,   I have a question which occurred to me while studying form my BCMSN on route guard.    Assume i had a network similar to the one described in Figure 2 of the Root Guard feature page on Cisco here:-   http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96b.shtml   and deployed root guard on Switch C in the interface connecting to D.   When i switch on D and when D starts to send BPDU's advertising itself as the root, Switch C will block it and put the port into root inconsistent state UNTIL it stops receiving BPDU's on that port.   Am i right in assuming that manual intervention to change the root priority on D is require before any traffic can pass through C?    The article linked seems to indicate it is somehow an automatic process. Does Switch D just give up sending superior BPDU's after a certain time or does it simply sit there claiming to be the root for its own little segment indefinitely?   Thanks
    • Re: Root Guard and Rogue Switch...giuslar1 year, 3 months ago
      Hello Scott, Switch D has to stop sending better BPDUs then current root bridge.   So a manual intervention on switch D to remove spanning-tree vlan X priority Y   is needed   Hope to help Giuseppe  
    • Re: Root Guard and Rogue Switch...msobier1231 year, 3 months ago
        As soon as aSwitch recieves Better BPDUs claiming to be a root bridge, and the (Root Guard) feature is enabled on the Root Switch, it will block the port due to the inconsistency.   Root inconsistency is not an STP state, its a log message generated by the Switch when it occurs.     HTH Mohamed
      • Re: Root Guard and Rogue Switch...https://supportforums.cisco.com/people/scott.2.brown%40bt.com1 year, 3 months ago
        Hi Mohamed, according to the link i provided above:-   "Switch C in Figure 2 blocks the port that connects to Switch D, after the switch receives a superior BPDU. Root guard puts the port in the root-inconsistent STP state. No traffic passes through the port in this state. After device D ceases to send superior BPDUs, the port is unblocked again."   Whilst i agree that root-inconsistent is not an STP "state" as such, like listening or...
    • Re: Root Guard and Rogue Switch...msobier1231 year, 3 months ago
      Scott,   In PVST+ , the Ports has well known 4 STP states as follows:   1- Blocking 2- listening 3- learning 4- forwarding   If the Switch running RSTP, then STP port states are:   1- Discarding 2- Learning 3- Forwarding   If u do agree that (Inconsistency) is not an STP state, then thats what i was pointing at, I wanted to remind u about  STP Port states.     HTH Mohamed
      • Re: Root Guard and Rogue Switch...giuslar1 year, 3 months ago
        Hello Mohamed, a port in incosistent state is not usable.   The behavior is vlan specific so the feature is smart and doesn't require a shut/no shut like bpdu guard.   You can check with sh spanning-tree inconsistent   It is not correct to say it is a legitimate RSTP state and also it is not correct to say it is just a log message.   You can think of it as a variation of Discarding state that can move to other state if the...
  • Virtual Tunnel Interface using EIGRPfilterfilter1 Reply40 minutes ago
    We are using EIGRP to propagate routes thru VTI with IPSEC from our HQ to our branches, using 3 provider. On one of the link, the EIGRP is often down and comes up right away ( flapping ? ) thus making our link unstable and slow. we are using a same configuration for each provider/link. is the issue come from the provider or our configuration ? should we change our EIGRP hello/holdtime from the default to 60/180 ? ( our link is 256 ) , or is there any particular thing we could do to assess this problem further ?   please advise   thank you
    • Re: Virtual Tunnel Interface using EIGRPrburts40 minutes ago
      You do not tell us how many remote sites you have. But if you have multiple sites using Virtual Tunnel Interface with EIGRP and only one of them is having problems then it is not so likely that it is a problem in your configuration. Have you verified that the site with the problem is running the same version of code as the other sites? Have you verified that the site with the problem is really configured the same as the other sites? Perhaps...
  • Introduction of Bogus DHCP server to...rossdmcco3 Replies2 years, 7 months ago
    We run an all cisco network wth a 6500 core switch and 3500 access layer switches.   In one instance a customer had a VOIP gateway device plugged in improperly and as a result all clients on that specific VLAN looses their regularly assigned IP address and picks up on from the VOIP Gateway which is setup to be a DHCP server.   Is there anything that can be doneto prevent unauthorized DHCP servers from causing outages such as these?  
    • Re: Introduction of Bogus DHCP server...https://supportforums.cisco.com/people/m.parry%40skynetsystems.co.uk2 years, 7 months ago
        Hi   The newer switches have a feature called dhcp snooping which prevents unauthorised DHCP servers taking out your network.  Unfortunately I don't believe that your legacy 3500 switches will have support for this feature.   Details on dhcp snooping can be found here:   http://www.cisco.com/en/US/docs/switches/lan/catalyst2970/software/release/12.1_19_ea1/configuration/guide/swdhcp82.html    
    • Re: Introduction of Bogus DHCP server...paul.matthews2 years, 7 months ago
      TBH I don't think there is much you can do from where you are. As mentioned, DHCP snooping may help, but another aspect to consider - How big are your subnets? Smaller subnets would mean fewer users would be affected by an incident like this.
      • Re: Introduction of Bogus DHCP server...rossdmcco2 years, 7 months ago
        Thanks to both of you for your responses.   I realize this may be the case however I wanted to be certain.   I will read up on DHCP snooping and find out what I would need to put in place to mitigate incidences as these.   Thanks again.    
  • Product/Model Introduction Datesabbas.ali1 Reply2 years, 11 months ago
    Where can on CCO the information about the Product/Model introduction dates be found.  I looked into CCO, but couldn't find such information.  For Example,   1.Cisco Unified Call Manager 5.1 ? 2.Cisco MCS7845H2-K9-CMA2 3.Cisco Unity Unified Messaging 4.2 ? Voice Messaging 1.Cisco MCS-7815-I2-ECS1 2.Cisco MCS-7825-H2-ECS1 3.Cisco MCS-7835-H2-ECS1 4.Cisco MCS-7845-H2-ECS2 3.Cisco Emergency Responder 2.0 ? E911 Services 1.Cisco MCS-7825-H3-IPC1 4.Cisco Mobility Manager 1.2 ? Mobility Services 1.Cisco MCS-7825-H3-IPC1  

Related Information

 

 


Updated: Aug 10, 2005 Document ID: 13669

 
 
 
 

 

 

Welcome to S.E.A.D.S. Support pages. Your comments welcome
seads_llc@bellsouth.net 

Return to S.E.A.D.S. Home page, Return to S.E.A.D.S. Support pages. Return to the September 11 Dedication pages.