A Over The Top post about EIGRP

Standard

It seems like everything being virtualized these days, we have Virtual LANs, Virtual machines, Virtual networks, Virtual storage, Virtual NICs, and now the latest new thing is WAN Virtualization.

A  WAN virtualization / software-defined WANs aims to provide a consistent experience across your WANs without involving the service provider. Cisco offers a few options such as iWAN, which is DMVPN + PfRv3 + the kitchen sink (we’ll talk about that soon enough) and EIGRP Over The Top which allows EIGRP to work between sites without needing MPLS or a VPN for connectivity.

It does this by tunneling the traffic with LISP so all traffic. All non-EIGRP traffic is embedded in UDP port 4343.

eigrpotp-002

Let’s build a quick lab to play with this feature, all we need is a 5ish CSR routers connected to a unmanaged switch. I’m using VIRL for this but it would work just fine with GNS3 or whatever else you want to use.

eigrpotp-004.png

The logical topology will look like the following:

R2 and R3 will represent the service provider network and R1, R4, and Hub will act as the branches. All transit networks will be running OSPF Area 0 and we will make some loopbacks to advertise into EIGRP AS 14.

The first thing we’ll configure EIGRP OTP between R1 and R4.eigrpotp-006

Once the basic network is setup, make some loopback interfaces for the EIGRP domain.

R1(config)#int l0
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#int l1
R1(config-if)#ip add 192.168.11.1 255.255.255.0
R4(config)#int l0 
R4(config-if)#ip add 192.168.4.4 255.255.255.0 
R4(config-if)#int l1 
R4(config-if)#ip add 192.168.44.4 255.255.255.0

Now to actually configure EIGRP, first create a Named EIGRP instance and put it in AS 14.

R1(config)#router eigrp OTP 
R1(config-router)#address-family ipv4 unicast autonomous-system 14

Then we simple need to use a neighbor statement that points to the other EIGRP router and tells it to use LISP encapsulation like so:

R1(config-router-af)#neighbor 10.3.4.4 g2.102 remote 10 lisp-encap 1
R1(config-router-af)#
*Feb 8 04:53:43.085: %LINEPROTO-5-UPDOWN: Line protocol on Interface LISP1, changed state to up

10.3.4.4 – is R4’s WAN interface that is learned through OSPF.
G2.102  – is the outgoing WAN interface.
Remote – the maximum number of hops allowed.
Lisp-encap – tells EIGRP to use LISP encapsulation and what LISP ID to use.

Finally we just need to advertise the loopback networks like we normally would.

R1(config-router-af)#network 192.168.1.0
R1(config-router-af)#network 192.168.11.0

Once we configure R4 we should see EIGRP come up.

R4(config)#router eigrp OTP
R4(config-router)#address-family ipv4 unicast autonomous-system 14
R4(config-router-af)#neighbor 10.1.2.1 g2.304 remote 10 lisp-encap 1
*Feb 8 04:56:14.155: %DUAL-5-NBRCHANGE: EIGRP-IPv4 14: Neighbor 10.1.2.1 (GigabitEthernet2.304) is up: new adjacency
*Feb 8 04:56:15.093: %LINEPROTO-5-UPDOWN: Line protocol on Interface LISP1, changed state to up
*Feb 8 04:56:15.096: %VXE_VNIC_IF-3-MSGINITERROR: VXE vNIC interface command: multicast_null failed: -1 for LISP1
R4(config-router-af)#network 192.168.4.0
R4(config-router-af)#network 192.168.44.0

Looking at the routing table we can see that we are learning the loopbacks through the LISP interface!

R1(config)#do sh ip route eigrp | be Gate
Gateway of last resort is not set
D 192.168.4.0/24 [90/93994331] via 10.3.4.4, 00:01:55, LISP1
D 192.168.44.0/24 [90/93994331] via 10.3.4.4, 00:01:53, LISP1

R1(config)# do ping 192.168.4.4 so l0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.4.4, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/46/201 ms

If we look at a packet capture we can see that all traffic that uses the EIGRP routes on R1 and R4 are now encapsulated in LISP.eigrpotp-019

However EIGRP traffic itself isn’t directly LISPified.eigrpotp-020

Even though the feature is using LISP, LISP isn’t directly configured on either router. It is all automatic!

R1#show ip lisp map-cache 
% LISP is not running.

Even though the feature is using LISP, LISP isn’t directly configured on either router. It is all automatically done for us!

As you may have guessed with the name of a certain router. The last thing we’ll look at tonight is using OTP is running the feature in a Hub & Spoke topology.

The EIGRP topology will look like this:

eigrpotp-005

All we need to do is point R1 and R4 to the Hub router and then do a little bit of config on the Hub router. R1 will point to the 10.2.11.11 interface and R4  will point to the 10.3.11.11

R1(config)#no router eigrp OTP
R1(config)#router eigrp OTP
R1(config-router)#add ipv4 uni auto 14
R1(config-router-af)#neigh 10.2.11.11 g2.102 remote 10 lisp-encap 1
R1(config-router-af)#network 192.168.0.0 0.0.255.255
R4(config)#no router ei OTP
R4(config)#router eigrp OTP
R4(config-router)#add ipv4 uni auto 14
R4(config-router-af)#neigh 10.3.11.11 g2.304 remote 10 lisp-encap 1
R4(config-router-af)#network 192.168.0.0 0.0.255.255

On the hub we use the remote-neighbor command to tell it to process the incoming LISP traffic.

Hub(config)#router ei OTP
Hub(config-router)#add ipv4 uni auto 14 
Hub(config-router-af)#remote-neigh source g2.211 unicast lisp 1 
Hub(config-router-af)#remote-neigh source g3.211 unicast lisp 1

*Feb 8 06:01:15.833: %DUAL-5-NBRCHANGE: EIGRP-IPv4 14: Neighbor 10.1.2.1 (GigabitEthernet2.211) is up: new adjacency
*Feb 8 06:01:24.507: %DUAL-5-NBRCHANGE: EIGRP-IPv4 14: Neighbor 10.3.4.4 (GigabitEthernet2.311) is up: new adjacency

Because it is a Hub and Spoke topology we will want to disable split-horizon and next-hop-self or at least we would if we didn’t use two subinterfaces 🙂

Hub(config)#router ei OTP
Hub(config-router)#add ipv4 uni auto 14
Hub(config-router-af)#af-interface default
Hub(config-router-af-interface)#no next-hop-self 
Hub(config-router-af-interface)#no split-horizon

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.