Friday, April 11, 2014

EIGRP AS go figure!

I know it has been a lot of time since i blogged but here I'm again :)

Have you ever faced a situation that you want to peer with a router using EIGRP and you can't even touch or telnet to that device, well you 're gonna tell me so where is the catch here ?!! go with your normal config and in your lovely config mode and type (config)#router eigrp AS-Number and you should be good to go!

and here is the catch you didn't get it, I don't know The EIGRP AS dude!!!!!!!
so again to keep our case pretty simple i will just use two router with their loopbacks, so nothing fancy here:






and here is our simple config so far and by the way I am using version 15 here :D :D


R1#sh ver | in IOS
Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
R1#sh ip int br | ex una
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            12.0.0.1        YES manual up                    up
Loopback0                  1.1.1.1         YES manual up                    up


 R2#sh ver | in IOS
Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 15.1(4)M2, RELEASE SOFTWARE (fc1)
R2#sh ip int br | ex una
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            12.0.0.2        YES manual up                    up
Loopback0                  2.2.2.2         YES manual up                    up

Now R2 is running EIGRP and Assume we are unable to telnet to it and we have no clue of what is going on there, so we need to know its AS. here is the trick :D

on R1 we can create ACL and include it in debug ip packet detail to see if we can get a useful info that can lead us to get our mystery neighbor EIGRP AS


 R1(config)#access-list 100 per ip host 12.0.0.2 host 224.0.0.10
R1(config)#do debug ip packet det 100
IP packet debugging is on (detailed) for access list 100
R1(config)#
*Apr 11 15:15:19.251: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, input feature, proto=88, MCI Check(80), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 11 15:15:19.255: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:15:19.259: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:15:19.259: FIBipv4-packet-proc: packet routing failed
*Apr 11 15:15:19.263: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, unroutable, proto=88
*Apr 11 15:15:19.263: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
R1(config)#
*Apr 11 15:15:19.267: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:15:19.267: FIBipv4-packet-proc: packet routing failed
R1(config)#
*Apr 11 15:15:23.855: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, input feature, proto=88, MCI Check(80), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 11 15:15:23.859: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:15:23.863: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:15:23.863: FIBipv4-packet-proc: packet routing failed
*Apr 11 15:15:23.867: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, unroutable, proto=88
*Apr 11 15:15:23.871: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
R1(config)#
*Apr 11 15:15:23.871: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:15:23.871: FIBipv4-packet-proc: packet routing failed
R1(config)#do
*Apr 11 15:15:28.331: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, input feature, proto=88, MCI Check(80), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 11 15:15:28.335: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:15:28.339: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:15:28.339: FIBipv4-packet-proc: packet routing failed
*Apr 11 15:15:28.339: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, unroutable, proto=88
*Apr 11 15:15:28.343: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
R1(config)#do u a
*Apr 11 15:15:28.347: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:15:28.347: FIBipv4-packet-proc: packet routing failed
R1(config)#do u all
All possible debugging has been turned off
R1(config)#

unfortunately we didn't get any helpful info that can lead us to our neighbor AS :(

Now we can use a hidden option which I'm not sure why Cisco hides it which is Dump, according to Cisco Command Reference  it Displays IP debugging information along with raw packet data in hexadecimal and ASCII forms. This keyword can be enabled with individual access lists and also with the detail keyword.


R1(config)#do debug ip packet det 100 dump
IP packet debugging is on (detailed) (dump) for access list 100
R1(config)#
*Apr 11 15:22:59.491: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, input feature, proto=88
0F1777C0:                       0100 5E00000A            ..^...
0F1777D0: CA010EDC 00080800 45C0003C 00000000  J..\....E@.<....
0F1777E0: 0158CC9E 0C000002 E000000A 0205F1A6  .XL.....`.....q&
0F1777F0: 00000000 00000000 00000000 0000012C  ...............,
0F177800: 0001000C 01000100 0000000F 00040008  ................
0F177810: 06000300                             ....            , MCI Check(80), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 11 15:22:59.507: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:22:59.511: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:22:59.511: FIBipv4-packet-proc: packet routing failed
*Apr 11 15:22:59.511: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, unroutable, proto=88
0F1777C0:                       0100 5E00000A            ..^...
0F1777D0: CA010EDC 000
R1(config)#80800 45C0003C 00000000  J..\....E@.<....
0F1777E0: 0158CC9E 0C000002 E000000A 0205F1A6  .XL.....`.....q&
0F1777F0: 00000000 00000000 00000000 0000012C  ...............,
0F177800: 0001000C 01000100 0000000F 00040008  ................
0F177810: 06000300                             ....
*Apr 11 15:22:59.527: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:22:59.531: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:22:59.531: FIBipv4-packet-proc: packet routing failed
R1(config)#
*Apr 11 15:23:04.439: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, input feature, proto=88
0F177900:                       0100 5E00000A            ..^...
0F177910: CA010EDC 00080800 45C0003C 00000000  J..\....E@.<....
0F177920: 0158CC9E 0C000002 E000000A 0205F1A6  .XL.....`.....q&
0F177930: 00000000 00000000 00000000 0000012C  ...............,
0F177940: 0001000C 01000100 0000000F 00040008  ................
0F177950: 06000300                             ....            , MCI Check(80), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 11 15:23:04.455: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:23:04.459: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:23:04.459: FIBipv4-packet-proc: packet routing failed
*Apr 11 15:23:04.463: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, unroutable, proto=88
0F177900:                       0100 5E00000A            ..^...
0F177910: CA010EDC 000
R1(config)#80800 45C0003C 00000000  J..\....E@.<....
0F177920: 0158CC9E 0C000002 E000000A 0205F1A6  .XL.....`.....q&
0F177930: 00000000 00000000 00000000 0000012C  ...............,
0F177940: 0001000C 01000100 0000000F 00040008  ................
0F177950: 06000300                             ....
*Apr 11 15:23:04.475: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:23:04.479: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:23:04.479: FIBipv4-packet-proc: packet routing failed
R1(config)#do u all
All possible debugging has been turned off
R1(config)#
*Apr 11 15:23:09.403: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, input feature, proto=88
0F006400:                       0100 5E00000A            ..^...
0F006410: CA010EDC 00080800 45C0003C 00000000  J..\....E@.<....
0F006420: 0158CC9E 0C000002 E000000A 0205F1A6  .XL.....`.....q&
0F006430: 00000000 00000000 00000000 0000012C  ...............,
0F006440: 0001000C 01000100 0000000F 00040008  ................
0F006450: 06000300                             ....            , MCI Check(80), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
*Apr 11 15:23:09.419: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:23:09.423: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:23:09.423: FIBipv4-packet-proc: packet routing failed
*Apr 11 15:23:09.427: IP: s=12.0.0.2 (FastEthernet0/0), d=224.0.0.10, len 60, unroutable, proto=88
0F006400:                       0100 5E00000A            ..^...
0F006410: CA010EDC 000
R1(config)#80800 45C0003C 00000000  J..\....E@.<....
0F006420: 0158CC9E 0C000002 E000000A 0205F1A6  .XL.....`.....q&
0F006430: 00000000 00000000 00000000 0000012C  ...............,
0F006440: 0001000C 01000100 0000000F 00040008  ................
0F006450: 06000300                             ....
*Apr 11 15:23:09.439: FIBipv4-packet-proc: route packet from FastEthernet0/0 src 12.0.0.2 dst 224.0.0.10
*Apr 11 15:23:09.443: FIBfwd-proc: Default:224.0.0.0/24 receive entry
*Apr 11 15:23:09.443: FIBipv4-packet-proc: packet routing failed
R1(config)#

and voila, if we take a good look here in Bolded underlined numbers which i highlighted above we will see the magic when we convert them into decimal :

E0|00|00|0A =  224.0.0.10 (Our EIGRP multicast IP Address), and the 5th number after that will lead us to our EIGRP AS,
0000012C = 300

So let's go back to R1 to make sure we are on the right road and we have reached our promised land :D :D


 R1(config)#router ei 300
R1(config-router)#no auto
R1(config-router)#net 0.0.0.0 255.255.255.255
R1(config-router)#end
R1#
*Apr 11 15:34:39.799: %DUAL-5-NBRCHANGE: EIGRP-IPv4 300: Neighbor 12.0.0.2 (FastEthernet0/0) is up: new adjacency
*Apr 11 15:34:40.203: %SYS-5-CONFIG_I: Configured from console by console
R1#

and Yes we are here :D :D
R1#sh ip ei neighbors
EIGRP-IPv4 Neighbors for AS(300)
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   12.0.0.2                Fa0/0             10 00:00:45  111   666  0  3
R1#sh ip route ei
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      2.0.0.0/32 is subnetted, 1 subnets
D        2.2.2.2 [90/156160] via 12.0.0.2, 00:00:52, FastEthernet0/0
R1#ping 2.2.2.2 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/70/108 ms
R1#




Finally, i wanna say Thanks Scott M. (The Uber-Geek) for the Tip, you're one of the Best.


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)