CCIE Pursuit Blog

December 28, 2008

Lab Tip: Start Your Troubleshooting With The Basics

I was racking my brains (what little I have…as you’ll soon see) as to why I couldn’t get my EIGRP adjacencies to come up.  Everything was fine up until I configured rotating keys:

key chain KEY_ROTATION
 key 10
  accept-lifetime 00:00:00 Jan 1 2008 00:15:00 Jan 1 2030
  send-lifetime 00:00:00 Jan 1 2008 00:05:00 Dec 31 2030
 key 20
  accept-lifetime 00:00:00 Jan 1 2030 infinite
  send-lifetime 00:00:00 Jan 1 2030 infinite

I removed and re-added the keys.  I made sure that the clocks on the routers were all set to the same time.  I shut/no shut interfaces.  I added and removed the ‘ip authentication’ commands on the interfaces.  I checked for spaces after the key chain name.  I even took out key 20 so that there was only one key.  Nothing worked.  WTF?!?  This shouldn’t be so difficult.

Then I finally ran a simple verification command that I should have run much, much earlier:

R2#sh key chain KEY_ROTATION
   * key 10 — text “(unset)”
        accept lifetime (00:00:00 UTC Jan 1 2008) – (00:15:00 UTC Jan 1 2030) [valid now]
        send lifetime (00:00:00 UTC Jan 1 2008) – (00:05:00 UTC Dec 31 2030) [valid now]
  * key 20 — text “(unset)”
        accept lifetime (00:00:00 UTC Jan 1 2030) – (infinite)
        send lifetime (00:00:00 UTC Jan 1 2030) – (infinite)

Notice the “(unset)” bit?  Yup.  I forgot to CONFIGURE THE PASSWORD!!!!  I was concentrating so hard on getting the accept and send lifetimes correct that I forgot to configure the most important bit.

The reason that I’m advertising my idiocy to the world is because it’s important in the lab (and in ‘real life’) to make sure that you verify the basics before you start ripping apart configurations and pulling out your hair.  I seriously wasted about 20 minutes on this mess.  In the lab I would have been under much, much more stress and those 20 minutes (besides being about 5% of my total available lab time) could easily have stretched out longer…or I could have moved on and lost some “easy” points.  😦

Create a free website or blog at