From: Scott Morris (swm@emanon.com)
Date: Sat Mar 05 2005 - 16:03:12 GMT-3
Well, a simple way to do it (at least in a lab) is "debug ip packet". And
either you will or will not see traffic destined for the multicast address.
If you do not, then life is good! If you do then it's not good!
Your ACLs will only work if done inbound since traffic generated by the
router isn't subject to an ACL.
But seeing that "S" for static neighbor is a dead givewaway as well!
Good labbing!
Scott
-----Original Message-----
From: Chuck Ryan [mailto:chryan@cisco.com]
Sent: Saturday, March 05, 2005 12:53 PM
To: swm@emanon.com
Cc: 'Tom Young'; ccielab@groupstudy.com
Subject: RE: eigrp neighbor command
Scott,
Thanks for the helpful information.
I was just about to ask some further questions, but before I did, I told
myself to take some of my own medicine and lab it up and find out for
myself. :-p
So I did......
These were my questions (I've supplied my own answers after testing this in
the lab):
Q) if you configure "neighbor x.x.x.x s0/0" under the EIGRP process how do
you verify that it's working?
A) issue the "show ip eigrp nei" command, and on the far right hand side
under "Type", you should see an S for static neighbor. When "Type" is blank,
it means the neighbor was discovered dynamically.
Q) How else can I verify that packets/updates are being sent unicast and not
via multicast to 224.0.0.10 ?
A) You can configure an extended ACL to "permit eigrp any any log-input"
like so:
access-list 101 permit eigrp any any log-input
apply the ACL on the inbound side of your interface connecting to your EIGRP
neighbor:
ip access-group 101 in
and then you should see matches for the ACL that show eigrp packets coming
from source x.x.x.x with a destination address of your connecting interface
address, and not that of the multicast address 224.0.0.10. If you remove the
"neighbor x.x.x.x int y/z" command from the EIGRP process (on both sides),
then your ACL will show that you are receiving eigrp packets from neighbor
x.x.x.x with a destination address of 224.0.0.10.
Thanks,
Chuck
At 11:03 AM 3/5/2005, Scott Morris wrote:
>You have to be careful NOT to use passive-interface here. It functions
>differently with EIGRP. Notes to this effect are also present in the
>command reference on DocCD.
>
>Scott
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Chuck Ryan
>Sent: Saturday, March 05, 2005 10:21 AM
>To: Tom Young
>Cc: ccielab@groupstudy.com
>Subject: Re: eigrp neighbor command
>
>Hello Tom,
>
>Your correct in that hello packets to 224.0.0.10 will not be used. To
>see what really happens when you use the neighbor command and
>passive-interface under EIGRP, lab this up between 2 routers and observe
the results.
>
>I believe that you'll find the results you get when using this with
>EIGRP, are nowhere near the same as when used with RIP.
>
>Also, take a look at the EIGRP FAQ here on CCO with regards to the use
>of the neighbor command under EIGRP, and what benefits it does not bring
you:
>
>http://www.cisco.com/en/US/partner/tech/tk365/technologies_q_and_a_item
>09186
>a008012dac4.shtml#ten
>
>Regards,
>
>Chuck
>
>At 09:56 AM 3/5/2005, Tom Young wrote:
> >hi group
> >
> > The eigrp use multicast ip 224.0.0.10 for sharing the routing,but
> >if I use the neighbor command in eigrp, it will transfer ip
> >information by unicast to neighbor ,multicast ip 224.0.0.10 will not be
used,right?
> >
> >
> >__________________________________
> >Let's Celebrate Together!
> >Yahoo! JAPAN
> >http://pr.mail.yahoo.co.jp/so2005/
> >
> >_____________________________________________________________________
> >__ Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:41 GMT-3