EIGRP Authentication

I would like to highlight how EIGRP did authentication when we used keychain. Please go through the below scenario before we explain how it work,

IP Addressing :

--------------------

R1 - s0/0.12 point-to-point = 131.1.12.1/24 ; lo1 = 1.1.1.1/8

R2 - s0/0.21 point-to-point = 131.1.12.2/24 ; lo1 = 2.2.2.2/8

Configure EIGRP Authentication on R1

------------------------------------------------

! 

key chain EIGRP

key 1

key-string ABC

key 2

key-string cisco

!

!

interface Serial0/0.12 point-to-point

ip address 131.1.12.1 255.255.255.0

ip authentication mode eigrp 100 md5

ip authentication key-chain eigrp 100 EIGRP

frame-relay interface-dlci 102

!

Configure EIGRP Authentication on R2

------------------------------------------------

! 

key chain EIGRP

key 1

key-string DEF

key 2

key-string cisco

!

!

interface Serial0/0.21 point-to-point

ip address 131.1.12.2 255.255.255.0

ip authentication mode eigrp 100 md5

ip authentication key-chain eigrp 100 EIGRP

frame-relay interface-dlci 201

!

!

According to the above configuration, will R1 and R2 form EIGRP neighbors?

!

!

!

!

!

!

!

!

Answer is no. The reason is EIGRP use LOWEST key number among all currently valid keys when SENDING EIGRP message but it use ALL currently valid keys when RECEIVING EIGRP message. Please learn the below picture for better understanding.

Reference : RHC blog & CCNP Route