EIGRP Authentication
Aninda May 16, 2011 6:18 AMHi guys,
Below is the lab I'm working on (from CBT Nuggets Route).
I thought I'd just try fooling around a bit, just to see what does what. Mess up things and see what happens you know.
Now from what I know, we enable authention after setting up key chains in eigrp. And since it only supports md5 and no clear text so that is the only real option we got.
I went and set up the key chains as follows:
On BB:
BB(config-keychain-key)#do sho key chain
Key-chain EIGRP_KEYS:
key 1 -- text "cisco1"
accept lifetime (00:00:00 UTC Mar 1 2002) - (infinite) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (infinite) [valid now]
On R2:
R2(config-keychain-key)#do sh key chain
Key-chain EIGRP_KEYS:
key 2 -- text "cisco2"
accept lifetime (00:00:00 UTC Mar 1 2002) - (infinite) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (infinite) [valid now]
On R3:
R3(config-keychain-key)#do sho key chain
Key-chain EIGRP_KEYS:
key 1 -- text "cisco1"
accept lifetime (00:00:00 UTC Mar 1 2002) - (infinite) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (infinite) [valid now]
I then enabled md5 authentication on ONLY BB Router (on s0/0):
BB(config)#int s0/0
BB(config-if)#ip authentication mode eigrp 35 md5
Now, I understand due to a mismatch in authentication type (one side uses md5 - the other no authentication enabled at all), the neighbor relationship would go down.
But for some reason, it keeps bouncing between neighbor up and down. I don't get it.
R2(config)#
*Mar 1 00:38:24.687: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:38:29.095: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:39:48.619: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:39:52.283: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:41:11.799: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:41:14.947: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:42:34.463: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:42:37.931: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:43:57.447: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:43:59.659: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:45:19.179: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:45:22.663: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:46:42.179: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:46:46.575: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
R2(config)#
*Mar 1 00:48:06.091: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is down: retry limit exceeded
R2(config)#
*Mar 1 00:48:09.579: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 35: Neighbor 10.1.24.1 (Ser ial0/0) is up: new adjacency
What is happening here, can someone please explain this?