Permanently Stuck (In Active)

Standard

Hi all!

I was watching INE’s EIGRP videos and it put an idea in my head about how it might be possible to use FPM to prevent the EIGRP reply from making it back and therefore forcing things into a SIA state. Since I was bored today (terrible weather out) I did that very thing!

Here is the config I used to break stuff

Step 1: Load the IP.phdf

CSR01(config)#do copy ftp://10.10.2.11/ip.phdf flash:
Destination filename [ip.phdf]? 
CSR01(config)#load protocol flash:ip.phdf

Step 2: Make a FPM class-map that matches the query reply

class-map type access-control match-all CM_EIGRP_REPLY
 match start l3-start offset 21 size 1 eq 4
 match field IP protocol eq 88

Step 3: Make a FPM policy-map and drop the traffic then apply it to the relevant interface(s)

policy-map type access-control PM_DROP_EIGRP_REPLY
 class CM_EIGRP_REPLY
   drop

interface g2.103
 service-policy type access-control input PM_DROP_EIGRP_REPLY

Now if we kill my 100.2.2.2/32 route the reply will be filtered so SIA will be forced!

R02(config-subif)#do sh ip eigrp top 100.2.2.2/32
EIGRP-IPv4 VR(LAB) Topology Entry for AS(123)/ID(172.16.1.85) for 100.2.2.2/32
  State is Passive, Query origin flag is 1, 1 Successor(s), FD is 163840
  Descriptor Blocks:
  0.0.0.0 (Loopback0), from Connected, Send flag is 0x0
      Composite metric is (163840/0), route is Internal
      Vector metric:
        Minimum bandwidth is 8000000 Kbit
        Total delay is 1250000 picoseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1514
        Hop count is 0
        Originating router is 172.16.1.85

R02(config-subif)#  int g0/1.102
R02(config-subif)#shut
R02(config-subif)#
*Apr 25 23:24:33.902: %DUAL-5-NBRCHANGE: EIGRP-IPv4 123: Neighbor 10.0.2.254 (GigabitEthernet0/1.102) is down: interface down

CSR01#sh ip eigrp topology 100.2.2.2/32
EIGRP-IPv4 VR(LAB) Topology Entry for AS(123)/ID(172.16.1.74) for 100.2.2.2/32
  State is Active, Query origin flag is 1, 0 Successor(s), FD is 1392640, RIB is 10880
Waiting for 1 replies
  Descriptor Blocks:
  10.0.2.2 (GigabitEthernet2.102), from 10.0.2.2, Send flag is 0x0
      Composite metric is (Infinity/Infinity), route is Internal
      Vector metric:
        Minimum bandwidth is 4294967295 Kbit
        Total delay is 281474976710655 picoseconds
        Reliability is 255/255
        Load is 1/255
        Minimum MTU is 1500
        Hop count is 255
        Originating router is 172.16.1.85

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.