EIGRP
{Back to Index}

1. 原理
2. 实验

1 原理

1.1 基本配置

Router(config)# router eigrp <autonomous-system>

Router(config-router)# network <network-number> [wildcard-mask]

1.2 建立邻居条件

AS 号一致
K 值一致 (为了 Metric 的衡量标准统一)
接口有主地址，辅助地址之分，发出 Hello 包，均以主地址为源以确保邻居两端源检测通过，因此建立邻居必须使用主地址
认证

Hello 时间不一致不受影响。

1.3 验证

R1#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   192.168.12.2            Et0/0                    13 16:19:14    9   100  0  9

# Q cnt 表示多少个可靠报文没有得到确认，通常发生在网络特别繁忙时

R1#show ip eigrp topology # 默认只显示后继路由器，all-links 可显示可行后继
EIGRP-IPv4 Topology Table for AS(1)/ID(192.168.12.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 192.168.23.0/24, 1 successors, FD is 307200
        via 192.168.12.2 (307200/281600), Ethernet0/0
P 192.168.12.0/24, 1 successors, FD is 281600
        via Connected, Ethernet0/0

1.4 三张表

邻居表
拓扑表
路由表

1.5 协议数据包

1.5.1 Hello

以固定间隔向 224.0.0.10 发送。

1.5.2 Query(可靠)

当某条路由丢失(又不存在 FS 的情况下)，会向邻居查询路由信息，组播发送，单播重传。

1.5.3 Reply(可靠)

响应 Query ，单播。

1.5.4 Update(可靠)

必要时传递必要信息，仅传递给有需要的路由器，当只有一个路由器需要更新，使用单播发送，当有多个路由器需要，则使用组播发送。

1.5.5 Ack

1.6 计时器

1.6.1 Hello Time

LAN 和点到点链路默认为 5s ，低速链路 (FR, X25) Hello 周期为 60s 。
可以通过 ip hello-interval eigrp <time> 进行修改。

1.6.2 Hold Time

用于表明多长时间未收到邻居的 Hello 或其他 EIGRP 报文时，将邻居视为 DOWN 状态。默认 \(Hold Time = 3 * Hello Time\) 。
可以通过 ip hold-interval eigrp <time> 进行修改。注意：修改了本机的 hold time ，其实是设置给邻居路由器，并在邻居路由器上生效。

1.6.3 SRTT

平滑往返时间，指的是从数据包发送出去直到收到确认包的时间， 该定时器的作用在于确定重传间隔 RTO 。

1.6.4 RTO

6 倍 SRTT ，当 Update 数据包发给邻居后，如果在 RTO 重传间隔时间后邻居还没有确认，则该路由器会给这个邻居重传数据包。
重传包是单播的。当重传次数达到 16 次，路由器会重置邻居关系。

1.6.5 active-time

当路由器中一条路由的后继路由器失效了，且没有 FS 的情况下，该条路由会标记为 Active 。这时会向所有邻居（除了失效的路由器）进行查询，邻居如果也没有该路由信息，也会向它的邻居查询。
在默认 180s 的活动时间内，如果被查询的路由器没有回应，查询的路由会被置于 Stuck In Active 状态。

1.6.6 Multicast flow timer

如果路由器通过可靠的方式发送了组播包，而没有从邻居收到 Ack 的话，就会选择以单播的形式重传，16 次重传之后才宣告邻居失效。
在组播切换到单播之前有个计时器(Multicast flow timer)，超过这个时间后仍然没有收到邻居 Ack 的话，就切换到单播进行重传。单播之间的重传间隔由 RTO 指定。

1.7 Metric

EIGRP 路由 Metric 默认为 延迟 + 带宽 。

Bandwidth(K1)
Delay(K2)
Reliability(K3)
Loading(K4)
MTU(K5)

1.7.1 计算

\[\biggl(\frac{10^7}{min(Bandwidth)} + \frac{sum(Delay)}{10}\biggr) \times 256\]

带宽(kbps)取路由传递路径上的最小带宽值，只是用于计算 Metric ，没有真实意义，即与物理带宽无关
延迟(usec)是取路由来的方向的入接口的延迟总和

1.8 DUAL 算法

可行距离(FD)

本路由器到达目的的 Metric
通告距离(AD)

邻居(下一跳)通告的到达目的的 Metric
后继路由(S)

具有最优 Metric 的路由，即 FD 最小的路由
可行后继路由(FS)

符合可行条件(FC)的次优路由
可行条件(FC)

次优路由成为 FS 的条件，即本路由器的一个邻居路由器所通告的到达目的网络的距离(AD) < 本地路由器到达相同目的网络的可行距离(FD)

1.8.1 DUAL 之查询过程 (该算法可能导致 SIA)

当 EIGRP 路由表中的某一表项丢失，同时拓扑表中没有关于此条目的 FS ，首先将此路由条目设为 Active ，并向所有邻居发送 Query ，同时开始等待所有邻居的 Reply ，此时邻居路由器的逻辑分为三种情况：

邻居路由表有关于此条目的路由，且下一跳不是发起查询的路由器，则邻居会立即回复 Reply ，告知查询路由器可以通过它到达目的网段
邻居路由表没有关于此条目的路由，会立即回复 Reply ，告知不可达
邻居路由表有关于此条目的路由，且下一跳正是发起查询的路由器，并且没有 FS 来替代，则邻居会递归地向它的邻居发送 Query ，并等待它的邻居回复 Reply

此过程会一直泛洪到 EIGRP 的边界网络，即收到 Query 的最后一个路由器除了接收 Query 的接口，再没有其他邻居可以查询，它会发出目标网络不可达信息作为 Reply 回复给查询者，查询者再递归地回复最初发起查询的路由器，这样最初发起查询的路由器就会删除此路由条目。

1.9 被动接口

1.9.1 配置

Router(config-router)# passive-interface <type-number> | default

default 表示将所有接口设置为被动状态。

1.9.2 查看

show ip protocols
show ip eigrp neighbors

1.9.3 作用

禁止通过被动接口建立邻居关系
禁止通过被动接口接收或发送路由更新
被动接口连接的子网仍然会被 EIGRP 进程通告

1.10 命名模式 ¹

2 实验

2.1 被动接口

Figure 1: 实验拓扑

network 192.168.23.2 0.0.0.0 的作用有二个：

通告路由信息，即 192.168.23.0/24 的路由信息可以通过 R2/e0/1 接口通告出去
收发 Hello 数据包 (被动接口的作用就在于在该接口上 抑制收发 Hello 数据包 )

在实验拓扑中，R1 上仍然能学到 192.168.23.0/24 的路由信息，但 R2/e0/0 上没有任何 EIGRP 数据包。

2.2 默认路由

2.2.1 方式一 (`network 0.0.0.0`) [D*]

确保路由表中有静态默认路由，且是以出接口的方式定义的: ip route 0.0.0.0 0.0.0.0 interface ，如使用的是下一跳地址，则只能使用方式二，否则无效
eigrp 进程中配置 network 0.0.0.0

2.2.2 方式二 (重分布静态) [D*EX]

Figure 2: 实验拓扑

确保 GW 上有一条静态默认路由 (ip route 0.0.0.0 0.0.0.0 interface/next-hop)

GW#show ip route
Gateway of last resort is 10.74.113.1 to network 0.0.0.0

S*    0.0.0.0/0 [254/0] via 10.74.113.1
      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        10.74.113.0/24 is directly connected, Ethernet0/1
L        10.74.113.15/32 is directly connected, Ethernet0/1
D     192.168.12.0/24 [90/307200] via 192.168.23.2, 00:01:09, Ethernet0/0
      192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.23.0/24 is directly connected, Ethernet0/0
L        192.168.23.3/32 is directly connected, Ethernet0/0

将静态路由重分布进 EIGRP

GW(config)#router eigrp 90
GW(config-router)#redistribute static    ! 可以考虑使用 route-map 做到精确匹配
GW#show ip eigrp topology
EIGRP-IPv4 Topology Table for AS(90)/ID(192.168.23.3)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 192.168.23.0/24, 1 successors, FD is 281600
        via Connected, Ethernet0/0
P 192.168.12.0/24, 1 successors, FD is 307200
        via 192.168.23.2 (307200/281600), Ethernet0/0
P 0.0.0.0/0, 1 successors, FD is 281600
        via Rstatic (281600/0)

在 R1 观察路由表

R1#show ip route | begin Gateway
Gateway of last resort is 192.168.12.2 to network 0.0.0.0

D*EX  0.0.0.0/0 [170/332800] via 192.168.12.2, 00:11:37, Ethernet0/0
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D     192.168.23.0/24 [90/307200] via 192.168.12.2, 00:18:57, Ethernet0/0
R1#show ip eigrp topology
EIGRP-IPv4 Topology Table for AS(90)/ID(192.168.12.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 192.168.23.0/24, 1 successors, FD is 307200
        via 192.168.12.2 (307200/281600), Ethernet0/0
P 192.168.12.0/24, 1 successors, FD is 281600
        via Connected, Ethernet0/0
P 0.0.0.0/0, 1 successors, FD is 332800
        via 192.168.12.2 (332800/307200), Ethernet0/0

2.2.3 方式三 (接口汇总 summary-address ，可针对特定邻居) [D*]

int s1/0
 ip summary-address eigrp 90 0.0.0.0 0.0.0.0
!

2.2.4 方式四 (`ip defautl-network`)

传递默认路由 尽量不要使用 ip default-network <主类IP> (全局模式下)，因为这个命令只能使用主类网络，如指定一个非主类网络，会自动生成对应主类的静态路由，非常别扭，谁用谁知道。。。

2.3 汇总

2.3.1 手动汇总

抑制明细路由，只通告汇总路由
接口上配置手动汇总会创建一条指向 Null 0 接口的汇总路由，以防止环路发生
当汇总的所有明细路由都不存在时，汇总路由也将被删除
细路由中最小 Metric 作为汇总路由的度量
可以使用 leak-map 做路由泄露

Figure 3: 实验环境

初始配置

----------------- R1 ----------------------
en
conf t
 hostname R1
 no ip do lo
 line con 0
  exec-timeout 0 0
  logging synchronous
 exit
 int e0/0
  ip address 172.16.12.1 255.255.255.0
  no sh
 exit
 int lo0
  ip address 100.1.0.1 255.255.255.0
 !
 int lo1
  ip address 100.1.1.1 255.255.255.0
 !
 int lo2
  ip address 100.1.2.1 255.255.255.0
 !
 int lo3
  ip address 100.1.3.1 255.255.255.0
 !
 router eigrp 90
  network 172.16.12.1 0.0.0.0
  network 100.1.0.0 0.0.255.255
 !
end
----------------- R2 ----------------------
en
conf t
 hostname R2
 no ip do lo
 line con 0
  exec-timeout 0 0
  logging synchronous
 exit
 int e0/0
  ip address 172.16.12.2 255.255.255.0
  no sh
 !
 int s1/0
  ip address 192.168.23.2 255.255.255.0
  no sh
 !
 router eigrp 90
  network 172.16.12.2 0.0.0.0
  network 192.168.23.2 0.0.0.0
 !
end
----------------- R3 ----------------------
en
conf t
 hostname R3
 no ip do lo
 line con 0
  exec-timeout 0 0
  logging synchronous
 exit
 int lo0
  ip address 3.3.3.3 255.255.255.255
 !
 int s1/0
  ip address 192.168.23.3 255.255.255.0
  no sh
 !
 router eigrp 90
  network 192.168.23.3 0.0.0.0
 !
end

R2 初始路由

R2#sh ip rou eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

      100.0.0.0/24 is subnetted, 4 subnets
D        100.1.0.0 [90/409600] via 172.16.12.1, 00:02:46, Ethernet0/0
D        100.1.1.0 [90/409600] via 172.16.12.1, 00:02:46, Ethernet0/0
D        100.1.2.0 [90/409600] via 172.16.12.1, 00:02:46, Ethernet0/0
D        100.1.3.0 [90/409600] via 172.16.12.1, 00:02:46, Ethernet0/0

R1 上执行汇总：

R1(config)#int e0/0
R1(config-if)#ip summary-address eigrp 90 100.1.0.0 255.255.252.0
R1(config-if)#
*Oct  5 15:29:42.638: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 172.16.12.2 (Ethernet0/0) is resync: summary configured

汇总后 R1 路由表

R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

      100.0.0.0/8 is variably subnetted, 9 subnets, 3 masks
D        100.1.0.0/22 is a summary, 00:02:04, Null0
C        100.1.0.0/24 is directly connected, Loopback0
L        100.1.0.1/32 is directly connected, Loopback0
C        100.1.1.0/24 is directly connected, Loopback1
L        100.1.1.1/32 is directly connected, Loopback1
C        100.1.2.0/24 is directly connected, Loopback2
L        100.1.2.1/32 is directly connected, Loopback2
C        100.1.3.0/24 is directly connected, Loopback3
L        100.1.3.1/32 is directly connected, Loopback3
      172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C        172.16.12.0/24 is directly connected, Ethernet0/0
L        172.16.12.1/32 is directly connected, Ethernet0/0
D     192.168.23.0/24 [90/2195456] via 172.16.12.2, 00:05:47, Ethernet0/0

汇总后 R2 路由表

R2#sh ip rou eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

      100.0.0.0/22 is subnetted, 1 subnets
D        100.1.0.0 [90/409600] via 172.16.12.1, 00:00:01, Ethernet0/0

2.3.1.1 明细泄露

R1:

access-list 1 permit 100.1.3.0
!
route-map LEAK.3.1 permit 10
 match ip address 1
!
interface Ethernet0/0
 ip summary-address eigrp 90 100.1.0.0 255.255.252.0 leak-map LEAK.3.1
!

汇总后 R2 路由表

R2#sh ip rou eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

      100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D        100.1.0.0/22 [90/409600] via 172.16.12.1, 00:01:28, Ethernet0/0
D        100.1.3.0/24 [90/409600] via 172.16.12.1, 00:00:07, Ethernet0/0

2.3.2 自动汇总 (主类边界)

高版本 IOS 默认关闭
启用自动汇总会创建一条指向 Null 0 接口的汇总路由，以防止环路发生
只汇总本地产生的路由， 不汇总邻居传过来的路由

Figure 4: 实验环境

配置清单

----------------- R1 ----------------------
en
conf t
 hostname R1
 no ip do lo
 line con 0
  exec-timeout 0 0
  logging synchronous
 exit
 int e0/0
  ip address 172.16.12.1 255.255.255.0
  no sh
 exit
 int lo0
  ip address 1.1.1.1 255.255.255.0
 !
 router eigrp 90
  no auto-summary
  network 172.16.12.1 0.0.0.0
  network 1.1.1.1 0.0.0.0
 !
end
----------------- R2 ----------------------
en
conf t
 hostname R2
 no ip do lo
 line con 0
  exec-timeout 0 0
  logging synchronous
 exit
 int e0/0
  ip address 172.16.12.2 255.255.255.0
  no sh
 !
 int s1/0
  ip address 192.168.23.2 255.255.255.0
  no sh
 !
 int lo0
  ip add 2.2.2.2 255.255.255.0
 !
 router eigrp 90
  auto-summary
  network 172.16.12.2 0.0.0.0
  network 192.168.23.2 0.0.0.0
  network 2.2.2.2 0.0.0.0
 !
end
----------------- R3 ----------------------
en
conf t
 hostname R3
 no ip do lo
 line con 0
  exec-timeout 0 0
  logging synchronous
 exit
 int lo0
  ip address 3.3.3.3 255.255.255.255
 !
 int s1/0
  ip address 192.168.23.3 255.255.255.0
  no sh
 !
 router eigrp 90
  network 192.168.23.3 0.0.0.0
 !
end

R3 路由信息

R3#sh ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

      1.0.0.0/24 is subnetted, 1 subnets
D        1.1.1.0 [90/2323456] via 192.168.23.2, 00:00:24, Serial1/0  ! 仍是明细路由，因为不是 R2 产生的
D     2.0.0.0/8 [90/2297856] via 192.168.23.2, 00:00:17, Serial1/0   ! 汇总路由
D     172.16.0.0/16 [90/2195456] via 192.168.23.2, 00:00:17, Serial1/0

2.4 缓解 SIA 的方式

2.4.1 方式一:路由汇总

该方式的主要思想是为了限制查询范围，即如果某条明细路由丢失，汇总路由器向邻居发送查询请求(针对明细路由)，由于邻居并没有关于明细的路由信息，会直接回复 Reply ，这样查询就不会递归地泛洪出去。

2.4.2 方式二:Stub 区域 (抑制查询区域)

该方式基于的原理是路由器不会向 stub 路由发出 Query 消息。

Figure 5: 实验拓扑

2.4.2.1 默认通告

命令 eigrp stub 默认通告直连 (connected) 和汇总 (summary) 路由:

R2(config)#router eigrp 90
R2(config-router)#eigrp stub
R2(config-router)#
*May  1 12:12:26.944: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.24.4 (Ethernet0/2) is down: peer info changed
*May  1 12:12:26.945: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.12.1 (Ethernet0/0) is down: peer info changed
*May  1 12:12:26.945: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.23.3 (Ethernet0/1) is down: peer info changed
*May  1 12:12:27.440: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.12.1 (Ethernet0/0) is up: new adjacency
*May  1 12:12:27.686: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.24.4 (Ethernet0/2) is up: new adjacency
R2#show running-config | section eigrp
router eigrp 90
 network 192.168.12.2 0.0.0.0
 network 192.168.23.2 0.0.0.0
 network 192.168.24.2 0.0.0.0
 eigrp stub connected summary

观察 R1 路由表的变化：

R1#show ip route  | begin Gateway
Gateway of last resort is not set

      3.0.0.0/32 is subnetted, 1 subnets
D        3.3.3.3 [90/435200] via 192.168.12.2, 00:00:04, Ethernet0/0 # 这时可以看到这条由环回地址通告出来的路由
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D     192.168.23.0/24 [90/307200] via 192.168.12.2, 00:08:17, Ethernet0/0
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:04:25, Ethernet0/0
# 将 R2 设置为 stub 后: 
*May  1 12:12:26.940: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.12.2 (Ethernet0/0) is down: Interface PEER-TERMINATION received
*May  1 12:12:27.449: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.12.2 (Ethernet0/0) is up: new adjacency
R1#show ip route | begin Gateway
Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D     192.168.23.0/24 [90/307200] via 192.168.12.2, 00:00:02, Ethernet0/0
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:00:02, Ethernet0/0 # 只剩下 connected 网段的路由

在 R2 上进行汇总：

R2(config-router)#int e0/0
R2(config-if)#ip summary-address eigrp 90 192.168.23.0/21
R2(config-if)#
*May  1 12:27:30.045: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.12.1 (Ethernet0/0) is resync: summary configured

再看下 R1 上路由表的变化：

R1#show ip route
Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D     192.168.16.0/21 [90/307200] via 192.168.12.2, 00:00:03, Ethernet0/0 # 传递过来的汇总路由
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:00:50, Ethernet0/0 # 传递过来的直连路由

如果 R2 明确指定使用 connected 即 eigrp stub connected ，此时 R1 的路由变为：

R1#show ip route
Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D     192.168.23.0/24 [90/307200] via 192.168.12.2, 00:00:06, Ethernet0/0 # 又变为了直连路由
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:00:06, Ethernet0/0

2.4.2.2 static

使用前提：

stub 路由器上存在静态路由
静态路由需要被重分布至 EIGRP

R2(config)#ip route 192.168.88.0 255.255.255.0 192.168.24.4
R2#show ip route
Gateway of last resort is not set

      3.0.0.0/32 is subnetted, 1 subnets
D        3.3.3.3 [90/409600] via 192.168.23.3, 00:01:08, Ethernet0/1
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.2/32 is directly connected, Ethernet0/0
D     192.168.16.0/21 is a summary, 00:15:01, Null0
      192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.23.0/24 is directly connected, Ethernet0/1
L        192.168.23.2/32 is directly connected, Ethernet0/1
      192.168.24.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.24.0/24 is directly connected, Ethernet0/2
L        192.168.24.2/32 is directly connected, Ethernet0/2
S     192.168.88.0/24 [1/0] via 192.168.24.4
R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router eigrp  90
R2(config-router)#redistribute static
R2(config-router)#eigrp stub static
R2(config-router)#
*May  1 12:45:11.991: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.24.4 (Ethernet0/2) is down: peer info changed
*May  1 12:45:11.991: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.23.3 (Ethernet0/1) is down: peer info changed
*May  1 12:45:11.992: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.12.1 (Ethernet0/0) is down: peer info changed
*May  1 12:45:12.771: %DUAL-5-NBRCHANGE: EIGRP-IPv4 90: Neighbor 192.168.23.3 (Ethernet0/1) is up: new adjacency

R1 路由表：

R1#show ip route
Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D EX  192.168.88.0/24 [170/307200] via 192.168.12.2, 00:00:02, Ethernet0/0

2.4.2.3 receive-only

不会向外传递任何路由，如果外部想要访问 stub 路由器背后的网络，需要自行配置静态路由。

R1#show ip eigrp neighbors detail
EIGRP-IPv4 Neighbors for AS(90)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   192.168.12.2            Et0/0                    10 00:02:04   14   100  0  99
   Version 23.0/2.0, Retrans: 0, Retries: 0
   Topology-ids from peer - 0
   Topologies advertised to peer:   base

   Receive-Only Peer Advertising (No) Routes
   Suppressing queries
Max Nbrs: 0, Current Nbrs: 0
R1#show ip route | begin Gateway
Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0

2.4.2.4 leak-map

通过使用 router-map (利用 ACL 或前缀列表) 把 stub 路由器 背后网络 的某些路由传递出去。

先在 R2 和 R4 上分别配置环回地址 2.2.2.2/32 和 4.4.4.4/32 并通告出去。

此时 R1 的路由表为：

R1#show ip route eigrp | begin Gateway
Gateway of last resort is not set

      2.0.0.0/24 is subnetted, 1 subnets
D        2.2.2.0 [90/409600] via 192.168.12.2, 00:01:33, Ethernet0/0
      3.0.0.0/32 is subnetted, 1 subnets
D        3.3.3.3 [90/435200] via 192.168.12.2, 00:01:30, Ethernet0/0
      4.0.0.0/32 is subnetted, 1 subnets
D        4.4.4.4 [90/435200] via 192.168.12.2, 00:01:33, Ethernet0/0
D     192.168.23.0/24 [90/307200] via 192.168.12.2, 00:00:35, Ethernet0/0
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:01:33, Ethernet0/0

在 R2 上配置 access-list 和 route-map 并开启 leak-map ：

R2(config)#access-list 88 permit 3.3.3.3 /32
R2(config)#route-map Leak
R2(config-route-map)#match ip address 88
R2(config-route-map)#exit
R2(config)#router eigrp 90
R2(config-router)#eigrp stub leak-map Leak
R2#show access-lists
Standard IP access list 88
    10 permit 3.3.3.3 (6 matches)
R2#show route-map
route-map Leak, permit, sequence 10
  Match clauses:
    ip address (access-lists): 88
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes
R2#show running-config | section ei
router eigrp 90
 network 2.2.2.2 0.0.0.0
 network 192.168.12.2 0.0.0.0
 network 192.168.23.2 0.0.0.0
 network 192.168.24.2 0.0.0.0
 eigrp stub connected summary leak-map Leak
router eigrp 9

再观察 R1 的路由表：

R1#show ip route | begin Gateway
Gateway of last resort is not set

      2.0.0.0/24 is subnetted, 1 subnets
D        2.2.2.0 [90/409600] via 192.168.12.2, 00:00:06, Ethernet0/0 # R2 自己通告的网络居然不受 leak-map 控制
      3.0.0.0/32 is subnetted, 1 subnets
D        3.3.3.3 [90/435200] via 192.168.12.2, 00:00:04, Ethernet0/0 # 只泄露出了 3.3.3.3/32 , 4.4.4.4/32 没有泄露出来
      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, Ethernet0/0
L        192.168.12.1/32 is directly connected, Ethernet0/0
D     192.168.23.0/24 [90/307200] via 192.168.12.2, 00:07:58, Ethernet0/0
D     192.168.24.0/24 [90/307200] via 192.168.12.2, 00:07:58, Ethernet0/0

2.5 调整管理距离

Figure 6: 实验环境