Neighbor Relationship and Authentication

Useful Commands
Neighbor Relationship

router# show ip eigrp neighbor
router(config-router)# neighbor <IP-add> <dest-int>

Neighbor Authentication

router(config)# key chain <key-chain-name>
router(config-keychain)# key <number>
router(config-keychain-key)# key-string <password>
router(config)#interface <int-id>
router(config-if)# ip authentication mode eigrp <eigrp-as> <md5|sha256>
router(config-if)# ip authentication key-chain eigrp <eigrp-as> <key-chain-name>

Key take aways
Neighbor Relationships

Neighbor Relationships

EIGRP is – at it’s heart – a distance vector protocol so when it is fired up it is getting all of it’s information from it’s neighbors that are directly connected to it and the rest of the network is invisible to EIGRP. Neighbors need to be trusted and the information that is sent by them is what makes EIGRP work.

The more neighbors that EIGRP is able to get to the better, the more neighbors the greater amount information available to EIGRP to calculate the best routes through the network.

FRAME RELAY and MPLS can be problematic for EIGRP, for instance on frame-relay networks Broadcast and multicast traffic are not allowed which means that EIGRP multicast packets cannot be sent. This means that EIGRP discovery will not run for these network types, in these instances you will need to configure static neighbor relationships.

Neighbor Authentication

EIGRP authentication is via MD5 hashed passwords (newer devices can use SHA256).

Configuration examples for neighbor authentication:

Basic config:

router(config)# key chain
router(config-keychain)# key 1
router(config-keychain-key)# key-string
router(config)#interface e0/0
router(config-if)# ip authentication mode eigrp md5
router(config-if)# ip authentication key-chain eigrp

Adding Key Lifetimes:

router(config)# key chain rotating-keys
router(config-keychain)# key 1
router(config-keychain-key)# key-string january-february
router(config-keychain-key)# accept-lifetime 00:00:00 Jan 1 2015 00:00:00 Mar 1 2015
router(config-keychain-key)# send-lifetime 00:00:00 Jan 1 2015 00:00:00 Mar 1 2015
router(config-keychain-key)# exit
router(config-keychain)# key 2
router(config-keychain-key)# key-string march-april
router(config-keychain-key)# accept-lifetime 00:00:00 Mar 1 2015 00:00:00 May 1 2015
router(config-keychain-key)# send-lifetime 00:00:00 Mar 1 2015 00:00:00 May 1 2015

If you need a new website or your website needs updating go to https://10kinds.tech.

10 Kinds Technology
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram