EIGRP and AF-Interface

Within the realm of EIGRP, there are two different modes, classic and named. Classic is the usual version most people are used to where the protocol configuration starts with “router eigrp 123” or something along those lines. Named mode is similar, but configurations for it are different in syntax. Named mode may start with something like “router eigrp LAB”. From there, you must also specify the address family and the actual EIGRP AS number as well. That looks like “address-family ipv4 autonomous-system 123”. Then you could actually begin further configuration.

So what is AF-Interface?

Since we got the intro out of the way, on to the main topic: AF-Interface. This lets you configure interface level EIGRP configuration within EIGRP named mode. Cisco summarizes its usage on one of their command reference pages: http://www.cisco.com/c/en/us/td/docs/ios/iproute_eigrp/command/reference/ire_book/ire_a1.html

The important paragraph to note is:

The af-interface default command is useful for defining user defaults to apply to EIGRP interfaces that belong to an address-family when EIGRP is configured using the named method. For example, authentication mode is disabled by default, and you can enable MD5 authentication for all EIGRP interfaces in the address-family using address-family interface configuration mode and then selectively override the new default setting using different address-family interface configuration commands.

I will give you an example:

R2(config)#router eigrp LAB
R2(config-router)# !
R2(config-router)# address-family ipv4 unicast autonomous-system 12345
R2(config-router-af)#af-interface default
R2(config-router-af-interface)#authentication mode hmac-sha-256 0 SECURErouter

By configuring this on the af-interface default, I am configuring it by default for all interfaces in the address-family. This is easier and faster than the past where commands needed to be entered manually on all involved router interfaces.

Other AF-Interface options include:

R2(config-router-af)#af-interface default
Address Family Interfaces configuration commands:
  add-paths           Advertise add paths
  authentication      authentication subcommands
  bandwidth-percent   Set percentage of bandwidth percentage limit
  bfd                 Enable Bidirectional Forwarding Detection
  dampening-change    Percent interface metric must change to cause update
  dampening-interval  Time in seconds to check interface metrics
  default             Set a command to its defaults
  exit-af-interface   Exit from Address Family Interface configuration mode
  hello-interval      Configures hello interval
  hold-time           Configures hold time
  next-hop-self       Configures EIGRP next-hop-self
  no                  Negate a command or set its defaults
  passive-interface   Suppress address updates on an interface
  shutdown            Disable Address-Family on interface
  split-horizon       Perform split horizon

Overall, there are a good amount of things that you can configure on the interface level, but in EIGRP named mode, you need to do it a bit differently than in classic mode. Remembering where the configuration belongs is important. Sometime putting a command directly on an interface when it needs to be under the af-interface can result in issues or the command not working at all. My rule of thumb is “classic mode, configure the interfaces. named mode, use af-interface” No secret there or anything special. Read it, understand WHY, and just keep it in the back of your mind when configuring EIGRP.


Kevin Blackburn

Kevin Blackburn

Cisco CCNP, Senior Network Engineer in the Healthcare Industry. Currently working on my CCIE R&S which is the focus of most of my latest blog posts. #NFD15 Delegate.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.