4

through my studies on CCNP ROUTE, while sniffing EIGRP packets, I noticed that packets have IP TTL of 2. I also verified this for RIP. OSPF doesn't have this property since it's link state.

Why does the EIGRP and RIP have IP TTL of 2?

I already asked one CCIE person, but he didn't know.

I came to believe that this may have something to do with frame relay hub&spoke topologies. For example hub routing EIGRP multicasts from one spoke to another (assuming subinterfaces)?

Any advice/idea/explanation would be greatly appreciated.

Thanks.

Kveri
  • 380
  • 2
  • 13
  • +1 Great question. EIGRP makes use of the "pseudo-broadcast" feature of frame relay on cisco devices (adding broadcast command) to facilitate multicast support... I wonder if the TTL is being changed when the packet is moved between dlci's by this feature ? OSPF can just use a DR to handle all the traffic in a hub position- so it can avoid this scenario... Would love to know if the TTL is changed this way, haven't been able to see it decrement on GNS3, but real world may differ... but why would FR need to touch the IP header??? – Niall Byrne Mar 17 '12 at 21:21

3 Answers3

3

It permits spoke-to-spoke route advertisement using neighbor command. That's it.

Sergii Shevchyk
  • 38,716
  • 12
  • 50
  • 61
  • I'm not convinced it's quite this simple. Why would frame relay be modifying the IP header when the hub device moves a packet from spoke 1's dlci to spoke 2's dlci- this is not a layer 3 hop. – Niall Byrne Mar 20 '12 at 21:05
  • Hub in hub&spoke topology can be configured in two ways: 1. using point-to-point subinterfaces on hub (one per spoke) - in this case there are 2 subnets, it doesn't make sense to create neighborship between spokes (and it wouldn't work because of eigrp neighborship requirements) 2. using point-to-multipoint subinterface or physical interface on hub - in this case there is only one subnet so when spoke sends packet to another spoke thru hub, hub only switches this packet (not routing), because it's the same subnet, so hub doesn't touch the IP TTL field since it doesn't route. – Kveri Mar 29 '12 at 10:32
  • Of course, this is theory, but I was unable to set a lab in which FR hub decrements IP TTL field in eigrp/rip packets. – Kveri Mar 29 '12 at 10:37
  • Altough there may be a way to force hub to actually route this packet even if subnet and in and out interface is the same (at least in linux, this is possible). – Kveri Mar 29 '12 at 10:39
2

Let's look at this simple hub&spoke frame relay topology:

      R2
     /
R1--
     \
      R3

with R1 being a hub (R2 and R3 don't have PVC between them).

  • R1's DLCI 102 to R2
  • R1's DLCI 103 to R3
  • R2's DLCI 201 to R1
  • R3's DLCI 301 to R1

I used physical/multipoint interfaces (subinterfaces) with one subnet:

  • R1 - 10.0.0.1/24
  • R2 - 10.0.0.2/24
  • R3 - 10.0.0.3/24

Working layer 3 connectivity between R1-R2 and R1-R3 is provided by frame relay inverse arp automatically. I used static mapping to make layer 3 work between R2 and R3 by mapping each other's IP address to DLCI to R1. (ex. frame-relay map ip 10.0.0.3 201 on R2).

This way there is full layer 3 connectivity.

Then I created loopback on R2 and R3 to announce one subnet and enabled EIGRP routing for those subnets. Next, I manually configured R2 to create neighbuorship with R3 IP on 10.0.0.0/24 subnet and vice versa.

And now the conclusion... R2 (or R3) sends EIGRP HELLO with IP TTL of 2, R1 gets this packet and notices that it's destination is on the same interface as it arrived in. This is generally solved by sending an ICMP redirect message, which got sent. Also the EIGRP HELLO is rerouted to the same interface (not switched!) and therefore gets it's TTL decreased.

Kveri
  • 380
  • 2
  • 13
1

TTL value of 2 is set on NBMA (Non-Broadcast Multi-Access) networks only.

NBMA is a special network with these features:

  • All Peers belong to the same IP subnet (broadcast domain).
  • Layer-2 connection has a hub-and-spoke (star) topology.
  • All communication between spokes will pass through hub, eventhough the spokes belong to same IP subnet.

Examples of NBMA:

  1. Framerelay.
  2. DMVPN Hub-and-spoke.

In a normal LAN, all the peers can directly reach one another.Therefore, the TTL will be '1' for a normal LAN.

In NBMA, the TTL value must be increased to '2' to cater to the extra hop introduced by the hub router. Therefore, EIGRP uses TTL of '2' on NBMA networks.

Gopinath
  • 4,066
  • 1
  • 14
  • 16