06-06-2024 01:39 AM
How EIGRP sends an ACK message in layer 3 although ACK is layer 4 itself?
06-06-2024 02:13 AM
You confuse between TCP ACK and EIGRP ACK
It totally different' the eigrp ACK is l3 and it send when router recieve update from it neighbor
MHM
06-06-2024 06:03 AM
This question is one of interview questions sir and I do not understand the question because how same ACK message considered l3 and l4. I do not think there is no confusion between TCP ACK and EIGRP ACK.
But here is the answer that I got that EIGRP ACK message just sends an update packet not a the protocol itself.
So here is everything I know I do not understand both the question and the answer. Thanks for your reply sir.
06-06-2024 06:34 AM
EIGRP dont use UDP or TCP L4 port
it use L3 protocol 88
you can see below there is no UDP/TCP header in ACK EIGRP packet
MHM
06-06-2024 06:39 AM - edited 06-06-2024 06:41 AM
Hello @waseem abdo ,
EIGRP operates at OSI layer 3 for providing routing services to IPv4 , IPv6 protocols . EIGRP has its own protocol number so EIGRP packets can be classified at OSI layer 4.
In TCP the Ack is not sent inside a dedicated packet but it is a field inside a TCP packet sent in the opposite direction from receiver to sender to tell him how many bytes have been received successfully over the session.
The EIGRP Ack is actually similar to an hello packet sent to a specific unicast neighbor to acknowledge the reception of an update , of an EIGRP query and so on.
see below:
Acknowledgment 32-bit field used by EIGRP that contains the sequence number of the
last packet heard from the neighbor to which this packet is being sent.
A Hello packet with a nonzero ACK field will be treated as an ACK
packet rather than as a Hello. Note that an ACK field will only be
nonzero if the packet itself is unicast because acknowledgments are
never multicasted.
from CCIE R&S Edition 5 volume I.
Hope to help
Giuseppe
06-06-2024 09:01 AM
You said that EIGRP operates at layer 3 while EIGRP packets itself operates at layer 4 and that was the question so EIGRP ACK operates at layer 3 but while sending the EIGRP ACK packet through the network it is considered layer 4?
And thanks very much for your reply but really maybe that question is not correct or does not clarify what it means.
06-06-2024 10:27 AM
Well, many consider dynamic routing protocols to be L3 but I consider them L7 which support L3.
Other than what's EIGRP's purpose, how does its ACK, logically, differ from tftp's ACK? Consider both EIGRP and tftp send information to a "like" process on another host and are looking for confirmation the information was received (provided by an ACK).
So, is L#, itself, really relevant to an ACK?
06-07-2024 08:28 AM
Hello @waseem abdo ,
yes EIGRP packets can be classified as OSI layer 4 but EIGRP provides services , routing , to OSI layer 3.
this kind of questions creates a lot of discussions . One thing is how is classified the packet ( how we would see it in wireshark) and another thing is what the packet does . An EIGRP Ack provides reliable communication in EIGRP to explicitly tell to a neighbor
"I have received your update/ Query / SIA query/ reply / SIA reply with sequence number X as I report in the ACK field."
the DUAL algorythm requires that updates are sent and received successfully and in order from each neighbor so EIGRP Ack provides the feedback.
Hope to help
Giuseppe
06-07-2024 10:20 AM - edited 06-08-2024 04:18 AM
@Giuseppe Larosa wrote:
this kind of questions creates a lot of discussions .
Indeed. Unfortunately, my personal opinion to treat routing protocols at L7, probably confuses even further, but it makes things like BGP seem reasonable as explicitly uses TCP, a L4 protocol.
Actually, if you read the OSI documentation, documents 7491-# (-1, -3 and -4 can be found here) a distinction is drawn between the OSI layers performing their function of connecting similar layers and management of the OSI model system. A dynamic routing protocol, such as EIGRP, is a L3 protocol, but it's NOT L3, as it doesn't directly route packets or is necessarily needed at all. For the case of "need" consider a router with all the networks directly connected to the same router. A dynamic routing protocol isn't needed. Or, in the case of a few routers, manually entering routing information, using static routes, will suffice, so does that make a person a direct component of the L3 OSI layer?
Supposed we setup a SNMP management system that enables and/or disables ports based on port traffic loading. This may change the L3 routing topology. Does doing this make the SNMP management system L3, especially if it's performing other changes based on port stats, MAC addresses, etc.?
My background is software development, which is why I find it conceptionally simpler to lump such management applications under L7. But, if you really want to get into the OSI model, you need to understand the whole model, which is more than just the 7 layers.
On the subject of a dynamic routing protocol, alone, read OSI documentation on IS-IS. (BTW, suggest you wrap your head with duct tape, before you dive deep into OSI - laugh.)
So, again, separate, logically, what ACK does, from where ACK is used in different protocols.
Also again, I question the value, and possibly knowledge, of whoever had this as an interview question.
06-06-2024 08:38 AM
ACK is not a protocol, itself, it's a logical function used in multiple protocols. You've explicitly noted it's used in EIGRP, and perhaps also implicitly understand it's also used in TCP. But other protocols can use it, for example, tftp, which in the OSI model is L7.
So, actually, ACK, itself, is OSI level independent. Your interview question doesn't make much sense.
06-12-2024 03:11 AM
let make it simple
if you want to use ACL to drop EIGRP do you use
TCP
UDP
or
EIGRP
In ACL ?
sure you will use EIGRP so it not L4 protocol
and to make it if you ask about BGP the answer it L4 why
because we use TCP port in ACL to drop BGP connection
MHM
06-12-2024 04:48 AM
Ah, so from your logic, an ACL to block telnet, HTTP, FTP, etc., using TCP port numbers, makes them all L4 too?
Of course protocols like the forgoing can use other ports, which could be blocked by NBAR, which analyzes application protocols which are L7.
So, again, routing protocols are management of L3 of the OSI model, i.e. not direct parts of a layer. But, if one insists in placing them in an OSI layer, again personally, I think of them as another L7 application, also again, makes it easy to treat them like other applications passing traffic across the network. For example, besides blocking such traffic, we may want to provide it special QoS treatment, like for example Cisco's BGP being tagged with IPPrec 6.
06-12-2024 05:05 AM
Oops, hit wrong button prematurely in my last reply.
Just wanted to add the OSI reference model, is just that, a model, and not the only model, for example there's the TCP/IP model too. Further such models need not be used to provide networking.
But, the concept of ACK is widespread, heck if you send an email message with a return receipt option, that too is an ACK.
06-12-2024 06:50 AM - edited 06-12-2024 06:51 AM
I know that we can drop bgp connection by using port 179 in ACL but for EIGRP how to block its messages because I have never tried that before.
06-12-2024 06:58 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide