In the last post we have seen how we can find the EIGRP neighbour AS number without looking at the router config. We can also find out the remote router's K values in a similar way.
To demonstrate this I will use the existing topology and change the K values on R1. We know that the default K values are K1=K3=1 and K2=K4=K5=0
I will change the values on R1 to K1=K2=K5=1 and K3=K4=0
R1(config-router)#
*Mar 2 08:57:17.219: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 101: Neighbor 10.1.12.2 (FastEthernet0/0) is down: K-value mismatch
Now let's create an ACL which matches the EIGRP traffic and start debug with 'dump' keyword as we did in the last post.
Once we apply the command "debug ip packet detail 101 dump" we can see the hex dump as below
The source is 10.1.12.1 which means that this packet is originated from R1. To find the K values , leave the last two values from this Hex dump ( highlighted in yellow below)
*Mar 2 09:13:31.731: IP: s=10.1.12.1 (FastEthernet0/0), d=224.0.0.10, len 60, rcvd 2, proto=88
47DCA9E0: 0100 5E00000A ..^...
47DCA9F0: C4015760 00000800 45C0003C 00000000 D.W`....E@.<....
47DCAA00: 0158C29E 0A010C01 E000000A 0205EE66 .XB.....`.....nf
47DCAA10: 00000000 00000000 00000000 00000065 ...............e
47DCAA20: 0001000C 01010000 0100000F 00040008 ................
47DCAA30: 0C040102
Now let's look at the third and the fourth block from the bottom. We only need to take in the consideration the first two characters from the third block and the entire fourth block (highlighted in blue)
Now start looking at the values from left to right. Each two digits in this block represents a K value
"01" = 1 = K1
"01" = 1 = K2
"00" = 0 = K3
"00" = 0 = K4
"01" = 1 = K5
so this shows that the K values configured on R1 are 1,1,0,0,1 respectively. Now let's configure R2 with the same K values
We can see that the neighborship has come up.
interesting, will try out.
ReplyDelete