(Terminando a trilogia)
Para fecharmos o assunto, pelo menos por enquanto, vamos ver como configurar o EIGRP.
Usaremos a topologia abaixo, onde temos três caminhos de R1 para R5, sendo que de R1 para R2 temos banda e delay padrão, de R1 para R3 temos o delay de 110 e autenticação, e de R1 para R4 estaremos fazendo a sumarização das rotas.
Configuração inicial, para referência.
R1 hostname R1 interface Loopback0 ip address 10.1.0.1 255.255.255.0 interface Loopback1 ip address 10.1.1.1 255.255.255.0 interface Loopback2 ip address 10.1.2.1 255.255.255.0 interface Ethernet0/0 ip address 192.168.0.2 255.255.255.252 interface Ethernet0/1 ip address 192.168.1.2 255.255.255.252 delay 110 interface Ethernet0/2 ip address 192.168.2.2 255.255.255.252 R2 hostname R2 interface Ethernet0/0 ip address 192.168.0.1 255.255.255.252 interface Ethernet0/1 ip address 192.168.10.1 255.255.255.252 router eigrp 10 network 192.168.0.0 0.0.0.3 network 192.168.10.0 0.0.0.3 R3 hostname R3 interface Ethernet0/0 ip address 192.168.1.1 255.255.255.252 ip authentication mode eigrp 10 md5 ip authentication key-chain eigrp 10 EIGRPPASS interface Ethernet0/1 ip address 192.168.11.1 255.255.255.252 ip authentication mode eigrp 10 md5 ip authentication key-chain eigrp 10 EIGRPPASS router eigrp 10 network 192.168.1.0 0.0.0.3 network 192.168.11.0 0.0.0.3 key chain EIGRPPASS key 1 key-string cisco123 R4 hostname R4 interface Ethernet0/0 ip address 192.168.2.1 255.255.255.252 interface Ethernet0/1 ip address 192.168.12.1 255.255.255.252 router eigrp 10 network 192.168.2.0 0.0.0.3 network 192.168.12.0 0.0.0.3 R5 hostname R5 interface Loopback0 ip address 10.2.0.1 255.255.255.0 interface Loopback1 ip address 10.2.1.1 255.255.255.0 interface Loopback2 ip address 10.2.2.1 255.255.255.0 interface Ethernet0/0 ip address 192.168.10.2 255.255.255.252 interface Ethernet0/1 ip address 192.168.11.2 255.255.255.252 interface Ethernet0/2 ip address 192.168.12.2 255.255.255.252
Existem duas formas de configurar o EIGRP: modo clássico e modo nomeado.
R1 será configurado usando o modo clássico (como R2, R3 e R4 foram configurados), e R5 será configurado com o modo nomeado.
Configuração R1
Vamos habilitar o EIGRP especificando o AS 10. O AS precisa ser o mesmo entre os roteadores que formarão vizinhança. Na sequência devemos especificar, com o comando network, em quais interfaces o EIGRP será habilitado. Se não for especificada a máscara (wildcard) o EIGRP considera a máscara padrão (classful).
conf t router eigrp 10 network 10.0.0.0 network 192.168.0.0 0.0.255.255
Com essa configuração R1 já formará vizinhança com R2 e R4. A vizinhança com R3 ainda não vai funcionar porque precisamos configurar a autenticação.
R1#show ip eigrp neighbors EIGRP-IPv4 Neighbors for AS(10) H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 2 192.168.2.1 Et0/2 10 00:05:56 12 100 0 39 1 192.168.0.1 Et0/0 11 00:05:56 9 100 0 37 R1#
Para incrementar nosso exemplo, vamos configurar a autenticação na interface E0/1 (link com R3), utilizando key chain, e fazer a sumarização manual na interface E0/2 (link com R4). Aliás esta é uma vantagem do EIGRP, que nos permite fazer a sumarização em qualquer ponto da rede (diferente do OSPF).
conf t key chain EIGRPPASS key 1 key-string cisco123 interface Ethernet0/1 ip authentication mode eigrp 10 md5 ip authentication key-chain eigrp 10 EIGRPPASS interface Ethernet0/2 ip summary-address eigrp 10 10.1.0.0 255.255.0.0
Agora sim podemos ver os 3 neighbors (R2, R3 e R4).
R1#show ip eigrp neighbors EIGRP-IPv4 Neighbors for AS(10) H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 2 192.168.2.1 Et0/2 12 00:00:18 943 5000 0 72 0 192.168.1.1 Et0/1 12 00:18:41 10 100 0 57 1 192.168.0.1 Et0/0 12 00:57:41 7 100 0 55 R1#
Também observe que foi criada uma entrada na tabela de roteamento de R1 apontando para Null0, por conta da sumarização.
R1#show ip route eigrp Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks D 10.1.0.0/16 is a summary, 00:00:05, Null0 192.168.10.0/30 is subnetted, 1 subnets D 192.168.10.0 [90/307200] via 192.168.0.1, 00:59:29, Ethernet0/0 192.168.11.0/30 is subnetted, 1 subnets D 192.168.11.0 [90/309760] via 192.168.1.1, 00:20:30, Ethernet0/1 192.168.12.0/30 is subnetted, 1 subnets D 192.168.12.0 [90/307200] via 192.168.2.1, 00:02:06, Ethernet0/2 R1#
Configuração R5
Vamos fazer as mesmas configurações em R5, mas neste caso usaremos o modo “named”.
conf t key chain EIGRPPASS key 1 key-string cisco123 router eigrp MyEIGRP address-family ipv4 unicast autonomous-system 10 af-interface Ethernet0/2 summary-address 10.2.0.0 255.255.0.0 exit-af-interface af-interface Ethernet0/1 authentication mode md5 authentication key-chain EIGRPPASS exit-af-interface topology base exit-af-topology network 10.2.0.0 0.0.255.255 network 192.168.0.0 0.0.255.255 exit-address-family
Podemos fazer as mesmas verificações que fizemos em R1.
R5#show ip eigrp neighbors EIGRP-IPv4 VR(MyEIGRP) Address-Family Neighbors for AS(10) H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 2 192.168.11.1 Et0/1 14 00:00:45 2 100 0 63 1 192.168.12.1 Et0/2 10 00:02:35 9 100 0 81 0 192.168.10.1 Et0/0 14 00:02:36 9 100 0 61 R5# R5#show ip route eigrp Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP a - application route + - replicated route, % - next hop override Gateway of last resort is not set 10.0.0.0/8 is variably subnetted, 11 subnets, 3 masks D 10.1.0.0/16 [90/4096000] via 192.168.12.1, 00:02:48, Ethernet0/2 D 10.1.0.0/24 [90/4096000] via 192.168.11.1, 00:00:58, Ethernet0/1 [90/4096000] via 192.168.10.1, 00:00:58, Ethernet0/0 D 10.1.1.0/24 [90/4096000] via 192.168.11.1, 00:00:58, Ethernet0/1 [90/4096000] via 192.168.10.1, 00:00:58, Ethernet0/0 D 10.1.2.0/24 [90/4096000] via 192.168.11.1, 00:00:58, Ethernet0/1 [90/4096000] via 192.168.10.1, 00:00:58, Ethernet0/0 D 10.2.0.0/16 is a summary, 00:02:52, Null0 192.168.0.0/30 is subnetted, 1 subnets D 192.168.0.0 [90/1536000] via 192.168.10.1, 00:00:58, Ethernet0/0 192.168.1.0/30 is subnetted, 1 subnets D 192.168.1.0 [90/1536000] via 192.168.11.1, 00:00:58, Ethernet0/1 192.168.2.0/30 is subnetted, 1 subnets D 192.168.2.0 [90/1536000] via 192.168.12.1, 00:00:58, Ethernet0/2 R5#
O comando debug eigrp packets pode ser usado para confirmar que temos autenticação na interface E0/1.
R1#debug eigrp packets (UPDATE, REQUEST, QUERY, REPLY, HELLO, UNKNOWN, PROBE, ACK, STUB, SIAQUERY, SIAREPLY) EIGRP Packet debugging is on R1# *Sep 3 19:21:42.800: EIGRP: Received HELLO on Et0/2 - paklen 20 nbr 192.168.2.1 *Sep 3 19:21:42.801: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0 *Sep 3 19:21:44.337: EIGRP: Received HELLO on Et0/0 - paklen 20 nbr 192.168.0.1 *Sep 3 19:21:44.337: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0 *Sep 3 19:21:44.596: EIGRP: Sending HELLO on Et0/2 - paklen 20 *Sep 3 19:21:44.596: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 *Sep 3 19:21:44.763: EIGRP: received packet with MD5 authentication, key id = 1 *Sep 3 19:21:44.763: EIGRP: Received HELLO on Et0/1 - paklen 60 nbr 192.168.1.1 *Sep 3 19:21:44.763: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/0
Mais informações e exemplos neste link.
Até a próxima.
Excelente. Foi a explicação mais objetiva que encontrei sobre esse tema.
Obrigado.