EIGRP Lab 5 Stub and Leak-map
Previous Next
Download Lab: GNS3
Prerequisites:
Cisco IOSv (vios-adventerprisek9-m.vmdk.SPA.156-2.T)
Introduction:
This lab showing you how access routers in the EIGRP domain when configured as stub can advertise routes learned from another stub router to none stub routers.
Topology:
Scenario:
AR1 and AR2 are eigrp stub routers advertising the only summary and connected routes, each of them has one uplink to distribution routers and also they are interconnected. Since access routers are a stub, they learned each other connected subnets but do not announce them to the rest of the routers in the domain. If one of the uplinks to distribution routers goes down, one of them will be isolated. To solve this connectivity problem you can use route-map and floating static route to provide a backup path from and to the island stub router.
Lab procedures:
Task1: Enable EIGRP Stub feature for both AR1 and AR2.
AR1(config)#router eigrp 10
AR1(config-router)#eigrp stub
!
AR2(config)#router eigrp 10
AR2(config-router)#eigrp stub
Task2: Shutdown DR1’s interface g0/2 to verify that AR1 becomes island router.
DR1(config)#interface g0/2
DR1(config-if)#shutdown
Verify DR1 and DR2’s routing table there should be no subnets of R1.
DR1# show ip route eigrp
D*EX 0.0.0.0/0 [170/2816] via 10.0.0.1, 00:39:13, GigabitEthernet0/0
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
D 10.0.0.4/30 [90/3072] via 10.0.0.1, 00:39:19, GigabitEthernet0/0
D 10.0.0.20/30 [90/3328] via 10.0.0.10, 00:00:16, GigabitEthernet0/1
172.16.0.0/24 is subnetted, 4 subnets
D 172.16.4.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
D 172.16.5.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
D 172.16.6.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
D 172.16.7.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
DR2# show ip route eigrp
D*EX 0.0.0.0/0 [170/2816] via 10.0.0.5, 00:02:17, GigabitEthernet0/0
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
D 10.0.0.0/30 [90/3072] via 10.0.0.5, 00:02:18, GigabitEthernet0/0
D 10.0.0.20/30 [90/3072] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
172.16.0.0/24 is subnetted, 4 subnets
D 172.16.4.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
D 172.16.5.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
D 172.16.6.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
D 172.16.7.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
Task3: Configure floating default static route on the AR1 using the next-hop address of AR2, Administrative distance has to be higher than the current AD of the default route in EIGRP network because when the link to DR1 is back up again AR1 has to use path via DR1 instead.
AR1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.22 171
Task4: From AR1 verify connectivity to the core network.
AR1#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/7 ms
Seems that default route solved our issue but before jumping to conclusions you have to be sure that AR1 subnets are able to reach core network.
AR1#ping 1.1.1.1 source 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.0.1
.....
Success rate is 0 percent (0/5)
Ping to the core network from R1’s subnets is timing out due to the fact that none of the routers aware of AR1’s subnets except AR2.
Task5: AR2 has to advertise AR1’s subnets to the distribution router.
Step1: Identify AR1’s subnets with prefix-list.
AR2(config)#ip prefix-list AR1_SUBNETS permit 172.16.0.0/22 le 24
Step2: Match AR1’s subnets in the route-map.
AR2(config)# route-map RM_AR1_SUBNETS permit 10
AR2(config-route-map)#match ip address prefix-list AR1_SUBNETS
Step3: Reconfigure on the AR2 EIGRP Stub to include route-map.
AR2(config)#router eigrp 10
AR2(config-router)#eigrp stub leak-map RM_AR1_SUBNETS
Step4: Verify that the leakmap is enabled on the AR2:
AR2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "eigrp 10"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP-IPv4 Protocol for AS(10)
Metric weight K1=1, K2=0, K3=1, K4=0, K5=0
Soft SIA disabled
NSF-aware route hold timer is 240
Router-ID: 0.0.2.2
Stub, connected, summary, leakmap RM_AR1_SUBNETS
Topology : 0 (base)
Active Timer: 3 min
Distance: internal 90 external 170
Maximum path: 4
Maximum hopcount 100
Maximum metric variance 1
Automatic Summarization: disabled
Maximum path: 4
Routing for Networks:
10.0.0.16/30
10.0.0.20/30
172.16.4.0/22
Routing Information Sources:
Gateway Distance Last Update
10.0.0.17 90 00:04:34
10.0.0.21 90 00:04:32
Distance: internal 90 external 170
Task6: Verify that the core network has AR1’s subnets in its routing table.
Core1#show ip route eigrp
10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
D 10.0.0.8/30 [90/3072] via 10.0.0.6, 00:55:02, GigabitEthernet0/1
[90/3072] via 10.0.0.2, 00:55:02, GigabitEthernet0/0
D 10.0.0.16/30 [90/3072] via 10.0.0.6, 00:55:02, GigabitEthernet0/1
D 10.0.0.20/30 [90/3328] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
172.16.0.0/24 is subnetted, 8 subnets
D 172.16.0.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.1.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.2.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.3.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.4.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
D 172.16.5.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
D 172.16.6.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
D 172.16.7.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
Task7: Confirm that connectivity from AR1’s subnets to the core network is possible.
AR1#ping 1.1.1.1 source 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Task8: Restore link between DR1 and AR1.
DR1(config)#interface g0/2
DR1(config-if)#no shutdown
DR1(config-if)# end
*Aug 7 12:35:57.610: %LINK-3-UPDOWN: Interface GigabitEthernet0/2, changed state to up
*Aug 7 12:35:58.610: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
*Aug 7 12:35:58.621: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.0.0.14 (GigabitEthernet0/2) is up: new adjacency
DR1#copy running-config startup-config
Task9: This is a challenge, for you to complete on your own mirror configurations to prevent AR2 from becoming the isolated router when the link to DR2 goes down.
Download Lab: GNS3
Prerequisites:
Cisco IOSv (vios-adventerprisek9-m.vmdk.SPA.156-2.T)
Introduction:
This lab showing you how access routers in the EIGRP domain when configured as stub can advertise routes learned from another stub router to none stub routers.
Topology:
Scenario:
AR1 and AR2 are eigrp stub routers advertising the only summary and connected routes, each of them has one uplink to distribution routers and also they are interconnected. Since access routers are a stub, they learned each other connected subnets but do not announce them to the rest of the routers in the domain. If one of the uplinks to distribution routers goes down, one of them will be isolated. To solve this connectivity problem you can use route-map and floating static route to provide a backup path from and to the island stub router.
Lab procedures:
Task1: Enable EIGRP Stub feature for both AR1 and AR2.
AR1(config)#router eigrp 10
AR1(config-router)#eigrp stub
!
AR2(config)#router eigrp 10
AR2(config-router)#eigrp stub
Task2: Shutdown DR1’s interface g0/2 to verify that AR1 becomes island router.
DR1(config)#interface g0/2
DR1(config-if)#shutdown
Verify DR1 and DR2’s routing table there should be no subnets of R1.
DR1# show ip route eigrp
D*EX 0.0.0.0/0 [170/2816] via 10.0.0.1, 00:39:13, GigabitEthernet0/0
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
D 10.0.0.4/30 [90/3072] via 10.0.0.1, 00:39:19, GigabitEthernet0/0
D 10.0.0.20/30 [90/3328] via 10.0.0.10, 00:00:16, GigabitEthernet0/1
172.16.0.0/24 is subnetted, 4 subnets
D 172.16.4.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
D 172.16.5.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
D 172.16.6.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
D 172.16.7.0 [90/131072] via 10.0.0.10, 00:06:15, GigabitEthernet0/1
DR2# show ip route eigrp
D*EX 0.0.0.0/0 [170/2816] via 10.0.0.5, 00:02:17, GigabitEthernet0/0
10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
D 10.0.0.0/30 [90/3072] via 10.0.0.5, 00:02:18, GigabitEthernet0/0
D 10.0.0.20/30 [90/3072] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
172.16.0.0/24 is subnetted, 4 subnets
D 172.16.4.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
D 172.16.5.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
D 172.16.6.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
D 172.16.7.0 [90/130816] via 10.0.0.18, 00:02:12, GigabitEthernet0/2
Task3: Configure floating default static route on the AR1 using the next-hop address of AR2, Administrative distance has to be higher than the current AD of the default route in EIGRP network because when the link to DR1 is back up again AR1 has to use path via DR1 instead.
AR1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.22 171
Task4: From AR1 verify connectivity to the core network.
AR1#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/7 ms
Seems that default route solved our issue but before jumping to conclusions you have to be sure that AR1 subnets are able to reach core network.
AR1#ping 1.1.1.1 source 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.0.1
.....
Success rate is 0 percent (0/5)
Ping to the core network from R1’s subnets is timing out due to the fact that none of the routers aware of AR1’s subnets except AR2.
Task5: AR2 has to advertise AR1’s subnets to the distribution router.
Step1: Identify AR1’s subnets with prefix-list.
AR2(config)#ip prefix-list AR1_SUBNETS permit 172.16.0.0/22 le 24
Step2: Match AR1’s subnets in the route-map.
AR2(config)# route-map RM_AR1_SUBNETS permit 10
AR2(config-route-map)#match ip address prefix-list AR1_SUBNETS
Step3: Reconfigure on the AR2 EIGRP Stub to include route-map.
AR2(config)#router eigrp 10
AR2(config-router)#eigrp stub leak-map RM_AR1_SUBNETS
Step4: Verify that the leakmap is enabled on the AR2:
AR2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "eigrp 10"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP-IPv4 Protocol for AS(10)
Metric weight K1=1, K2=0, K3=1, K4=0, K5=0
Soft SIA disabled
NSF-aware route hold timer is 240
Router-ID: 0.0.2.2
Stub, connected, summary, leakmap RM_AR1_SUBNETS
Topology : 0 (base)
Active Timer: 3 min
Distance: internal 90 external 170
Maximum path: 4
Maximum hopcount 100
Maximum metric variance 1
Automatic Summarization: disabled
Maximum path: 4
Routing for Networks:
10.0.0.16/30
10.0.0.20/30
172.16.4.0/22
Routing Information Sources:
Gateway Distance Last Update
10.0.0.17 90 00:04:34
10.0.0.21 90 00:04:32
Distance: internal 90 external 170
Task6: Verify that the core network has AR1’s subnets in its routing table.
Core1#show ip route eigrp
10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
D 10.0.0.8/30 [90/3072] via 10.0.0.6, 00:55:02, GigabitEthernet0/1
[90/3072] via 10.0.0.2, 00:55:02, GigabitEthernet0/0
D 10.0.0.16/30 [90/3072] via 10.0.0.6, 00:55:02, GigabitEthernet0/1
D 10.0.0.20/30 [90/3328] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
172.16.0.0/24 is subnetted, 8 subnets
D 172.16.0.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.1.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.2.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.3.0 [90/131328] via 10.0.0.6, 00:08:55, GigabitEthernet0/1
D 172.16.4.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
D 172.16.5.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
D 172.16.6.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
D 172.16.7.0 [90/131072] via 10.0.0.6, 00:18:35, GigabitEthernet0/1
Task7: Confirm that connectivity from AR1’s subnets to the core network is possible.
AR1#ping 1.1.1.1 source 172.16.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
Task8: Restore link between DR1 and AR1.
DR1(config)#interface g0/2
DR1(config-if)#no shutdown
DR1(config-if)# end
*Aug 7 12:35:57.610: %LINK-3-UPDOWN: Interface GigabitEthernet0/2, changed state to up
*Aug 7 12:35:58.610: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
*Aug 7 12:35:58.621: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.0.0.14 (GigabitEthernet0/2) is up: new adjacency
DR1#copy running-config startup-config
Task9: This is a challenge, for you to complete on your own mirror configurations to prevent AR2 from becoming the isolated router when the link to DR2 goes down.
Comments
Post a Comment