Time to play packets. EIGRP Packets to be precise.

 

EIGRP when running in a routed environment utilizes five types of packets. A Hello, Update, Query, Reply and Acknowledgement (ACK) packet.

 

Hello Packets

Pretty much used for neighbor discovery. Multicasts with ACK # of 0.

 

Update

Update packets contain route change information. They are send to affected routers. Updates routers that the particular route has used to converge. Sent as multicasts when a route becomes passive. Syncs by unicasting during startup. Sent reliably.

 

Query

Performed in route computation when no FS is found. Sent to neighbors asking if they have a route to destination. Usually multicast but can be send as unicast. Sent reliably.

 

Reply

Send in response to a query. Must always reply. Sent reliably.

 

ACK

Acknowledges updates, queries, and replies. Unicast hello’s that contain a non zero ACK number. (Hello’s and ACK don’t require ACK’s)

 

 

image

 

Above An example Hello Packet. Notice the information provided by a simple packet sniff.

 

image

 

Above Here is an exchange of connected routes via an Update packet.

 

image

Above An example of another update packet, this time declaring it cannot reach certain networks.

 

 

A thank you to Stretch over at Packetlife for his Captures library. I am currently away from my lab.

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*