Internetworks: June 2022

The leak-map name keyword configures the stub router to advertise selected EIGRP-learned routes which are not ordinarily advertised. The name refers to a route map that matches one or more ACLs or prefix lists and permits the matched subnets or addresses to be leaked.

The EIGRP Stub feature is very useful when we want to prevent unnecessary EIGRP queries and want to filter a few routes that we advertise but when we want to configure our EIGRP router as a stub and still we want to make an exception to some routes (network) to advertise this is possible with the help of Leak-map.

In summary route-

Whenever we configure our EIGRP summary route, all the networks within the range of our summary are no longer advertised on interfacing the only this is left is a summary route, but we want to advertise some networks separately next to our summary route this can also be done with summary leak-map. Let's see how to configure the leak map.

Topology: -

Goal:

Configure the topology as per the diagram.
Assigning the IP addresses to their interfaces.
Configure EIGRP 1234 on all the routers.
Configure EIGRP STUB connected on router 3.
Configure Leak-Map on router 3 with the exception that network 192.168.32.1 network only advertises to all the routers.

R1(config)#interface serial 4/0

R1(config-if)#ip address 1.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#interface loopback 0

R1(config-if)#ip address 10.1.1.1 255.0.0.0

R1(config-if)#no shutdown

R1(config-if)#exit

R2(config)#interface serial 4/1

R2(config-if)#ip address 2.2.2.2 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R2(config)#interface loopback 0

R2(config-if)#ip address 20.1.1.1 255.0.0.0

R2(config-if)#no shutdown

R2(config-if)#exit

R3(config)#interface serial 4/0

R3(config-if)#ip address 1.1.1.2 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface serial 4/1

R3(config-if)#ip address 2.2.2.1 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R3(config)#interface serial 4/2

R3(config-if)#ip address 3.3.3.1 255.0.0.0

R3(config-if)#no shutdown

R3(config-if)#exit

R4(config)#interface fastEthernet 2/1

R4(config-if)#ip address 192.168.32.1 255.255.255.0

R4(config-if)#no shutdown

R4(config-if)#no keepalive

R4(config-if)#exit

R4(config)#interface serial 4/2

R4(config-if)#ip address 3.3.3.2 255.0.0.0

R4(config-if)#no shutdown

R4(config-if)#exit

R4(config)#interface fastEthernet 0/0

R4(config-if)#ip address 192.168.30.1 255.255.255.0

R4(config-if)#no shutdown

R4(config-if)#no keepalive

R4(config-if)#exit

R4(config)#interface fastEthernet 2/0

R4(config-if)#ip address 192.168.31.1 255.255.255.0

R4(config-if)#no shutdown

R4(config-if)#no keepalive

R4(config-if)#exit

R1#show ip interface brief

Interface IP-Address OK? Method Status Protocol

Serial4/0 1.1.1.1 YES manual up up

Loopback0 10.1.1.1 YES manual up up

R2#show ip interface brief

Interface IP-Address OK? Method Status Protocol

Serial4/1 2.2.2.2 YES manual up up

Loopback0 20.1.1.1 YES manual up up

R3#show ip interface brief

Interface IP-Address OK? Method Status Protocol

Serial4/0 1.1.1.2 YES manual up up

Serial4/1 2.2.2.1 YES manual up up

Serial4/2 3.3.3.1 YES manual up up

R4#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 192.168.30.1 YES manual up up

FastEthernet2/0 192.168.31.1 YES manual up up

FastEthernet2/1 192.168.32.1 YES manual up up

Serial4/2 3.3.3.2 YES manual up up

R1(config)#router eigrp 1234

R1(config-router)#network 0.0.0.0 255.255.255.255

R1(config-router)#no auto-summary

R1(config-router)#exit

*Jun 2 23:22:30.379: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.2 (Serial4/0) is up: new adjacency

R2(config)#router eigrp 1234

R2(config-router)#network 0.0.0.0 255.255.255.255

R2(config-router)#no auto-summary

R2(config-router)#exit

*Jun 2 23:52:39.419: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.1 (Serial4/1) is up: new adjacency

R3(config)#router eigrp 1234

R3(config-router)#network 0.0.0.0 255.255.255.255

R3(config-router)#no auto-summary

R3(config-router)#exit

*Jun 2 23:52:43.191: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is resync: summary configured

*Jun 2 23:52:40.287: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is up: new adjacency

R4(config)#router eigrp 1234.

R4(config-router)#network 0.0.0.0 255.255.255.255

R4(config-router)#no auto-summary

R4(config-router)#exit

*Jun 3 00:14:00.539: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.1 (Serial4/2) is up: new adjacency

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C 1.0.0.0/8 is directly connected, Serial4/0

D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:04:44, Serial4/0

D 192.168.31.0/24 [90/2684416] via 1.1.1.2, 00:00:14, Serial4/0

D 3.0.0.0/8 [90/2681856] via 1.1.1.2, 00:03:45, Serial4/0

D 192.168.30.0/24 [90/2684416] via 1.1.1.2, 00:00:14, Serial4/0

D 20.0.0.0/8 [90/2809856] via 1.1.1.2, 00:04:43, Serial4/0

C 10.0.0.0/8 is directly connected, Loopback0

D 192.168.32.0/24 [90/2684416] via 1.1.1.2, 00:00:14, Serial4/0

R3(config)#router eigrp 1234

R3(config-router)#eigrp stub ?

connected Do advertise connected routes

leak-map Allow dynamic prefixes based on the leak-map

receive-only Set IP-EIGRP as receive only neighbor

redistributed Do advertise redistributed routes

static Do advertise static routes

summary Do advertise summary routes

<cr>

R3(config-router)#eigrp stub connected

*Jun 3 00:15:23.055: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is down: peer info changed

*Jun 3 00:15:23.055: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is down: peer info changed

*Jun 3 00:15:23.063: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is down: peer info changed

R3(config-router)#

*Jun 3 00:15:26.391: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is up: new adjacency

*Jun 3 00:15:26.443: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is up: new adjacency

*Jun 3 00:15:26.955: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is up: new adjacency

R3(config-router)#exit

R3(config)#router eigrp 1234

R3(config-router)#eigrp stub connected leak

R3(config-router)#eigrp stub connected leak-map Route-Leak

*Jun 3 00:16:53.475: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is down: peer info changed

*Jun 3 00:16:53.483: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is down: peer info changed

*Jun 3 00:16:53.487: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is down: peer info changed

*Jun 3 00:16:54.003: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is up: new adjacency

R3(config-router)#exit

*Jun 3 00:16:54.783: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is up: new adjacency

R3(config-router)#exit

R3(config)#route-map Route-Leak

R3(config-route-map)#match ip address 1

R3(config-route-map)#exit

*Jun 3 00:18:07.935: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is resync: route configuration changed

*Jun 3 00:18:07.935: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is resync: route configuration changed

*Jun 3 00:18:07.939: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is resync: route configuration changed

R3(config)#access-list 1 permit 192.168.32.0 0.0.0.255

*Jun 3 00:18:51.583: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is down: route configuration changed

*Jun 3 00:18:51.599: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is down: route configuration changed

*Jun 3 00:18:51.603: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is down: route configuration changed

*Jun 3 00:18:52.079: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 2.2.2.2 (Serial4/1) is up: new adjacency

*Jun 3 00:18:52.735: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 1.1.1.1 (Serial4/0) is up: new adjacency

*Jun 3 00:18:55.883: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 1234: Neighbor 3.3.3.2 (Serial4/2) is up: new adjacency

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C 1.0.0.0/8 is directly connected, Serial4/0

D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:00:09, Serial4/0

D 3.0.0.0/8 [90/2681856] via 1.1.1.2, 00:00:09, Serial4/0

C 10.0.0.0/8 is directly connected, Loopback0

D 192.168.32.0/24 [90/2684416] via 1.1.1.2, 00:00:08, Serial4/0

R1#ping 192.168.32.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.32.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/32/36 ms

R1#traceroute 192.168.32.1

Type escape sequence to abort.

Tracing the route to 192.168.32.1

1 1.1.1.2 8 msec 8 msec 12 msec

2 3.3.3.2 16 msec 12 msec 24 msec

R1#traceroute 192.168.32.1

Type escape sequence to abort.

Tracing the route to 192.168.32.1

1 1.1.1.2 40 msec 20 msec 20 msec

2 3.3.3.2 16 msec 32 msec 40 msec

R2#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

D 1.0.0.0/8 [90/2681856] via 2.2.2.1, 00:00:19, Serial4/1

C 2.0.0.0/8 is directly connected, Serial4/1

D 3.0.0.0/8 [90/2681856] via 2.2.2.1, 00:00:19, Serial4/1

C 20.0.0.0/8 is directly connected, Loopback0

D 192.168.32.0/24 [90/2684416] via 2.2.2.1, 00:00:16, Serial4/1

R2#ping 192.168.32.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.32.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/27/36 ms

R2#ping 192.168.31.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.31.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

R3#show ip protocols

Routing Protocol is "eigrp 1234"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Default networks flagged in outgoing updates

Default networks accepted from incoming updates

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP maximum hopcount 100

EIGRP maximum metric variance 1

EIGRP stub, connected, leak-map Route-Leak

Redistributing: eigrp 1234

EIGRP NSF-aware route hold timer is 240s

Automatic network summarization is not in effect

Maximum path: 4

Routing for Networks:

0.0.0.0

Routing Information Sources:

Gateway Distance Last Update

2.2.2.2 90 00:48:15

1.1.1.1 90 00:48:12

3.3.3.2 90 00:48:11

Distance: internal 90 external 170

Internetworks

Pages

Wednesday, 8 June 2022

What is ASA firewall? How to configure Adaptive Security Appliance?

Friday, 3 June 2022

What is Route Leaking? How to configure Leak-Map?