Let's talk about another IOS EIGRP feature today which is still less known...Ummm...Okay atleast for CCNP/CCIPs. It's called Leak Maps. I am going to use simple 2 routers topology given below to demonstrate it's different flavors.
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 12.12.12.1/24
Loopback0 is up, line protocol is up
Internet address is 1.1.1.1/32
Loopback1 is up, line protocol is up
Internet address is 172.16.1.1/24
Loopback2 is up, line protocol is up
Internet address is 172.16.2.1/24
Loopback3 is up, line protocol is up
Internet address is 172.16.3.1/24
R1#sh run | s r e
router eigrp 100
network 0.0.0.0
no auto-summary
R2#sh prot | e una| do
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 12.12.12.2/24
Loopback0 is up, line protocol is up
Internet address is 2.2.2.2/32
R2#sh run | s r e
router eigrp 100
network 0.0.0.0
no auto-summary
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
172.16.0.0/24 is subnetted, 3 subnets
D 172.16.1.0 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
D 172.16.2.0 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
D 172.16.3.0 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
R1(config)#int f0/0
R1(config-if)#ip summary-address eigrp 100 172.16.1.0 255.255.252.0
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:04:20, FastEthernet0/0
172.16.0.0/22 is subnetted, 1 subnets
D 172.16.0.0 [90/409600] via 12.12.12.1, 00:00:07, FastEthernet0/0
Case 1 :
======
R1(config-if)#ip summary-address eigrp 100 172.16.1.0 255.255.252.0 leak-map LEAK
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:11:59, FastEthernet0/0
172.16.0.0/22 is subnetted, 1 subnets
D 172.16.0.0 [90/409600] via 12.12.12.1, 00:06:34, FastEthernet0/0
Case 2:
======
R1(config)#route-map LEAK per 10
R1(config-route-map)#exit
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:13:10, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
D 172.16.0.0/22 [90/409600] via 12.12.12.1, 00:07:45, FastEthernet0/0
D 172.16.1.0/24 [90/409600] via 12.12.12.1, 00:00:23, FastEthernet0/0
D 172.16.2.0/24 [90/409600] via 12.12.12.1, 00:00:23, FastEthernet0/0
D 172.16.3.0/24 [90/409600] via 12.12.12.1, 00:00:23, FastEthernet0/0
Case 3 :
======
R1(config)#access-l 1 per 172.16.2.0 0.0.0.0
R1(config)#route-map LEAK per 10
R1(config-route-map)#match ip address 1
R1(config-route-map)#end
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:15:03, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
D 172.16.0.0/22 [90/409600] via 12.12.12.1, 00:09:39, FastEthernet0/0
D 172.16.2.0/24 [90/409600] via 12.12.12.1, 00:02:17, FastEthernet0/0
As a Side Note - Current IOS EIGRPv6 implementation doesn't allow Leak Map configuration.
HTH...
Deepak Arora
Evil CCIE
So next question that comes in mind is - What it does or capable of ?
The EIGRP leak map is similar to BGP suppress and unsupress maps if you have heard of. We all are quite familiar with EIGRP manual summarization feature which is interface specific and allows administrator to summarize multiple specific routes to a single less specific summarize route. From EIGRP administration point of view it helps atleast with two concers :
1. If a more specific routes inside summary fails, the EIGRRP QUERY is not generated. So basically helps with query scoping.
2. Small routing table means less Memory and CPU overhead on the router - From resource point of view.
But say you want to leak a particular route for instance from that summary route for some traffic engineering or any other purpose. Hmmm... How would you do that ?
And the ANSWER will be - Leak Maps, using which we can leak/allow any particular more specific routes to be advertised along with summary route.
To configure EIGRP leak map all you need is :
1. Create an ACL/Prefix List to match routes which you want to leak
2. Create a Route Map and call the ACL into it
3. Map the Route Map with "ip summary-address eigrp" command with "Leak" keyword in the end and call the route map
Lets hop on to CLI to see things in action. Few tips to keep into mind are :
1. Calling the Leak Map, but no route-map is yet created will end up doing nothing but only summary route will be advertised.
2. Calling the leak map , along with route-map being created but no acl yet created to match routes to be leaked - Result will be advertising summary route along with more specific route.
3. Calling a leak map along with Route map referring ACL to match routes to be leaked - Summary route along with leaked routes will be advertised.
Lets see all this on CLI.
R1#sh prot | e una|do
Global values:Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 12.12.12.1/24
Loopback0 is up, line protocol is up
Internet address is 1.1.1.1/32
Loopback1 is up, line protocol is up
Internet address is 172.16.1.1/24
Loopback2 is up, line protocol is up
Internet address is 172.16.2.1/24
Loopback3 is up, line protocol is up
Internet address is 172.16.3.1/24
R1#sh run | s r e
router eigrp 100
network 0.0.0.0
no auto-summary
R2#sh prot | e una| do
Global values:
Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
Internet address is 12.12.12.2/24
Loopback0 is up, line protocol is up
Internet address is 2.2.2.2/32
R2#sh run | s r e
router eigrp 100
network 0.0.0.0
no auto-summary
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
172.16.0.0/24 is subnetted, 3 subnets
D 172.16.1.0 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
D 172.16.2.0 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
D 172.16.3.0 [90/409600] via 12.12.12.1, 00:00:46, FastEthernet0/0
R1(config)#int f0/0
R1(config-if)#ip summary-address eigrp 100 172.16.1.0 255.255.252.0
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:04:20, FastEthernet0/0
172.16.0.0/22 is subnetted, 1 subnets
D 172.16.0.0 [90/409600] via 12.12.12.1, 00:00:07, FastEthernet0/0
Case 1 :
======
R1(config-if)#ip summary-address eigrp 100 172.16.1.0 255.255.252.0 leak-map LEAK
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:11:59, FastEthernet0/0
172.16.0.0/22 is subnetted, 1 subnets
D 172.16.0.0 [90/409600] via 12.12.12.1, 00:06:34, FastEthernet0/0
Case 2:
======
R1(config)#route-map LEAK per 10
R1(config-route-map)#exit
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:13:10, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
D 172.16.0.0/22 [90/409600] via 12.12.12.1, 00:07:45, FastEthernet0/0
D 172.16.1.0/24 [90/409600] via 12.12.12.1, 00:00:23, FastEthernet0/0
D 172.16.2.0/24 [90/409600] via 12.12.12.1, 00:00:23, FastEthernet0/0
D 172.16.3.0/24 [90/409600] via 12.12.12.1, 00:00:23, FastEthernet0/0
Case 3 :
======
R1(config)#access-l 1 per 172.16.2.0 0.0.0.0
R1(config)#route-map LEAK per 10
R1(config-route-map)#match ip address 1
R1(config-route-map)#end
R2#sh ip ro ei
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1 [90/409600] via 12.12.12.1, 00:15:03, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
D 172.16.0.0/22 [90/409600] via 12.12.12.1, 00:09:39, FastEthernet0/0
D 172.16.2.0/24 [90/409600] via 12.12.12.1, 00:02:17, FastEthernet0/0
As a Side Note - Current IOS EIGRPv6 implementation doesn't allow Leak Map configuration.
HTH...
Deepak Arora
Evil CCIE
10 comments:
Again A good post from Deepak...............He is real champ in cisco...............for todays gen.
keep going Deepak best of luck and good luck
Again very knowledgeable post from One of finest Cisco learner.Good luck and best wishes
This is an excellent post from the EVIL. thanks a lot.:)
I just want to point out one thing.
Going forward, kindly hit the tab key and expand on the sh run | s r e
and sh prot | e una|do
so that people reading the article could figure out the meaning of the show command. (i know what's behind s r e and e una .. just wanted to request in general :)
Hi Deepak,
What about Stub leak Maps. Can you explain that as well..
Good post! Just an added note, leaking routes when aggregating with EIGRP does not natively work when using sub-interfaces. To get around this, you can configure a virtual-template and assigned all your logical configurations to this interface, including you aggregation and route leaking.
A stub leak map is also a way through which you can deny or permit routes to other routers from the device which has been configured for a stub.
Whenever you will configure Stub in an EIGRP process then that device cannot be used as a transit system to pass the routes to other devices. So; stub leak map is a way to do this.
Thanks.
why, when, Where this concept is used can you can explain bit more??
@ Gagandeep - Pls read the comments from other people and you will get the idea.
Also Leak Map can be used in EIGRP network for Traffic Engineering Purpose for multiple reasons including Maintenance.
We've just used this to solve an EIGRP -> OSPF -> BGP4 issue we've been having (lost networks when failing over between two Internet feeds). If you ever find a guy called Fahim Ahmed looking for a job, hire him!
Very useful articles about EIGRP Deepak. You made it simple for understanding. Thanks once again..
Post a Comment