Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco-proprietary advanced distance-vector routing protocol that offers fast convergence and efficient bandwidth usage. Unlike OSPF, EIGRP uses Diffusing Update Algorithm (DUAL) to guarantee loop-free paths and provides unequal-cost load balancing. This guide walks through configuring EIGRP on Cisco IOS routers from scratch, covering neighbor establishment, route advertisement, authentication, and route summarization. These skills are essential for the CCNA and ENCOR certifications, where EIGRP configuration scenarios appear frequently in both written exams and lab simulations.
Enable EIGRP and Configure Router ID
Enter global configuration mode and enable EIGRP with an autonomous system number. The AS number must match on all routers in the EIGRP domain. Set a Router ID manually to ensure stability — by default, the highest loopback IP is used, which can cause issues if interfaces flap.
Router> enable
Router# configure terminal
Router(config)# router eigrp 100
Router(config-router)# eigrp router-id 1.1.1.1Use a private AS number (64512-65535) for lab environments to avoid conflicts with production networks.
EIGRP Router ID must be unique across the entire EIGRP domain. Duplicate Router IDs prevent neighbor adjacency.
Advertise Connected Networks
Use the network command to advertise directly connected interfaces into EIGRP. Specify the network address and wildcard mask. EIGRP will enable itself on any interface matching the network statement and begin sending Hello packets to discover neighbors.
Router(config-router)# network 192.168.1.0 0.0.0.255
Router(config-router)# network 10.0.0.0 0.0.0.255Use the 'passive-interface default' command followed by 'no passive-interface' on specific interfaces to prevent EIGRP from sending Hellos out unwanted interfaces.
Verify EIGRP Neighbor Adjacency
After configuring network statements, verify that EIGRP neighbors have formed. Use show commands to check neighbor tables and topology. A neighbor must be in the 'Init' or 'Established' state. If stuck in 'Pending', check interface IP addressing and ACLs.
Router# show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(100)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.1.2 Gi0/0 13 00:02:15 12 200 0 4
1 10.0.0.2 Gi0/1 14 00:01:30 8 150 0 7If neighbors don't form, verify that both routers use the same AS number and that no ACL is blocking UDP port 88 (EIGRP).
Configure EIGRP Authentication (MD5)
Secure EIGRP updates by enabling MD5 authentication. Create a key chain, define a key and password, then apply it to the EIGRP process. All routers in the same EIGRP domain must share the same key and password for neighbor adjacency to form.
Router(config)# key chain EIGRP-AUTH
Router(config-keychain)# key 1
Router(config-keychain-key)# key-string MySecureKey123
Router(config)# router eigrp 100
Router(config-router)# authentication mode md5
Router(config-router)# authentication key-chain EIGRP-AUTHEIGRP authentication keys are sent in clear text if not using MD5. Always use 'service password-encryption' to protect key strings in the running config.
Implement Route Summarization
Reduce routing table size by configuring manual route summarization on EIGRP interfaces. Summarization is configured per interface and advertises a single summary route instead of multiple specific routes. This improves convergence and reduces bandwidth usage.
Router(config)# interface GigabitEthernet0/0
Router(config-if)# ip summary-address eigrp 100 192.168.0.0 255.255.252.0Always ensure the summary route covers all subnets behind the router. Missing subnets can cause blackholing.
Tune EIGRP Metrics for Unequal-Cost Load Balancing
EIGRP supports unequal-cost load balancing using the variance command. By default, EIGRP only installs equal-cost paths. Variance multiplies the best metric by the variance value; any feasible successor with a metric less than that product is installed in the routing table.
Router(config-router)# variance 2
Router(config-router)# traffic-share balancedUse 'show ip eigrp topology all-links' to view all feasible successors and their metrics before setting variance.
Verify EIGRP Routing Table and Convergence
Final verification ensures routes are installed correctly and convergence is optimal. Check the routing table for EIGRP-learned routes and verify the topology table for DUAL state. Use debug commands sparingly in production.
Router# show ip route eigrp
192.168.0.0/22 is subnetted, 1 subnets
D 192.168.0.0 [90/2172416] via 192.168.1.2, 00:03:20, GigabitEthernet0/0
Router# show ip eigrp topology
P 192.168.0.0/22, 1 successors, FD is 2172416
via 192.168.1.2 (2172416/281600), GigabitEthernet0/0The 'P' in the topology table indicates a passive route (stable). An 'A' indicates active (recomputing), which may signal a network issue.
Key tips
Always configure a loopback interface with a /32 IP as the Router ID to prevent EIGRP from flapping when physical interfaces go down.
Use 'show ip eigrp interfaces detail' to verify Hello and Hold timers — mismatched timers prevent neighbor adjacency.
For large EIGRP domains, enable stub routing on spoke routers to reduce query scope and improve convergence.
EIGRP supports named mode configuration (address-family) which is more scalable and recommended for ENCOR exam scenarios.
When troubleshooting EIGRP, start with Layer 1/2 connectivity, then verify AS numbers and network statements before diving into authentication.
Use 'debug eigrp packets' with caution — it can overwhelm a router's CPU in production. Always apply an ACL filter to limit debug output.
Frequently asked questions
What is the difference between EIGRP classic mode and named mode?
Classic mode uses the traditional 'router eigrp' configuration with network statements. Named mode (introduced in IOS 15.0) uses address-family configuration, supports IPv4 and IPv6 under a single process, and offers better scalability and granular control over timers and metrics.
Can EIGRP run between Cisco and non-Cisco devices?
EIGRP was originally Cisco-proprietary, but in 2013 Cisco published it as an open standard (RFC 7868). Some vendors like Juniper and Arista now support basic EIGRP, but interoperability is limited. For multi-vendor environments, OSPF or IS-IS is recommended.
How does EIGRP calculate its metric?
EIGRP uses a composite metric based on bandwidth (the slowest link along the path) and delay (cumulative). By default, metric = (10^7 / minimum bandwidth in kbps + cumulative delay in tens of microseconds) * 256. Load and reliability are not used by default.
What is the purpose of the 'eigrp stub' command?
The 'eigrp stub' command configures a router as a stub, meaning it will not propagate routes learned from other EIGRP neighbors. This reduces query scope and improves convergence in hub-and-spoke topologies. Common stub types include 'connected', 'static', and 'summary'.
Why are my EIGRP neighbors stuck in 'Init' state?
Stuck in Init usually indicates a mismatch in authentication, AS number, or K-values. Verify that both routers use the same AS number, authentication key, and metric weights (K-values). Also check that no ACL is blocking multicast address 224.0.0.10 used by EIGRP.
Related glossary terms
Dynamic route
A route that is automatically learned and updated by a router using a routing protocol, rather than being manually configured.
Bash script
A Bash script is a text file containing a sequence of commands for the Unix shell Bash, allowing users to automate repetitive tasks and streamline system administration on Linux and macOS.
File Transfer Protocol
File Transfer Protocol (FTP) is a standard network protocol used to transfer files between a client and a server over a TCP/IP network.
Public IP address
A globally unique IP address assigned to a device that allows it to communicate directly over the internet.
Persistent Disk
Persistent Disk is a durable, high-performance block storage service for Google Cloud virtual machines that retains data even after the VM is shut down or deleted.
Extensible Authentication Protocol
Extensible Authentication Protocol (EAP) is a flexible authentication framework used in network access control, particularly in wireless and point-to-point connections, that supports multiple authentication methods without requiring changes to the underlying protocol.
Practice with real exam questions
Apply what you just learned with exam-style practice questions.