v5 Written and Lab: RIP Notes
v5 Written:
3.4 RIP (v2 and v6)
3.4.a Implement and troubleshoot RIPv2
3.4.b Describe RIPv6 (RIPng)
v5 Lab:
2.4 RIPv2
2.4.a Implement and troubleshoot RIPv2
http://docwiki.cisco.com/wiki/Routing_Information_Protocol
http://www.cisco.com/c/en/us/tech/ip/routing-information-protocol-rip/index.html
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15-
mt-book.html
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15
-0_2_se/configuration/guide/3750x_cg/swiprout.html#wp1028241
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/command/irr-cr-book/irr-cr-
rip.html
Routing TCP / IP Volume I – Chapter 5: Routing Information Protocol (RIP)
Routing TCP / IP Volume I – Chapter 6: RIPv2, RIPng, and Classless Routing
Troubleshooting IP Routing Protocols – Chapter 2: Understanding Routing Information
Protocol (RIP)
Troubleshooting IP Routing Protocols – Chapter 3: Troubleshooting RIP
IP Routing Fundamentals – Chapter 8: Routing Information Protocol
IP Routing Fundamentals – Chapter 9: Routing Information Protocol Version 2
Troubleshooting IP Routing Protocols – Chapter 2: Routing Information Protocol (RIP)
Troubleshooting IP Routing Protocols – Chapter 3: Troubleshooting RIP
INE R%S Workbook I, Section 4 – RIP
Router-Bits Handbook – Chapter 5: RIP
INE Advanced Technologies videos:
43 RIP Overview, RIP Versions, RIP Auto-Summary 0h 48m
44 RIP Split-Horizon, RIP Timers 0h 22m
45 RIP Broadcast Updates, IP Directed Broadcast, IP Broadcast-Address, Smurf
Attacks, Fraggle Attacks 0h 16m
46 RIP Unicast Updates 0h 03m
47 RIP Offset-List 0h 18m
48 RIP Authentication 0h 11m
49 RIP Summarization 0h 10m
50 Prefix-Lists, RIP Distribute-List Filtering, RIP Administrative Distance
Filtering 0h 48m
51 RIP Default Routing, RIP Conditional Default Routing 0h 18m
52 RIP Triggered, RIP Validate Update Source, 0h 12m
RFCs:
RFC 1058 – Routing Informaiton Protocol
RFC 2082 – RIP-2 MD5 Authentication
RFC 2091 – Triggered Extensions to RIP to SUpport Demand Circuits
RFC 2453 – RIP Version 2
RFC 2080 – RIPng for IPv6
RFC 1724 – RIP Version 2 MIB Extension Plain Text Authentication
RIP Decision Tree:
1. Assign internal RIP network
– network command without wildcard mask
2. Link type
– point-to-point
– broadcast
– non-broadcast (frame-relay)
– hub and spoke
– check for split-horizon issues
3. Determine what interfaces advertise RIP updates
– passive-interface default
– no passive-interface
4. Destination address used
– multicast – 224.0.0.10
– broadcast – ip rip v2-broadcast
– unicast – neighbor statement with passive-interface – sets TTL =2
5. Version 2
– version 2
6. Verify
– show ip rip database
– debug ip rip
– debug ip routing
Example:
router rip
network 172.16.0.0
passive-interface default
no passive-interface fa0/0
no auto-summary
version 2
RIPv2 has no neighbor relationship requirement
Prerequisites for RIP
– “ip routing” configured
Restriction for RIP
– hop count is used as the metric to rate the value of different routes
– directly connected network has a metric of zero
– an unreachable network has a metric of 16
– the limited metric range makes it unsuitable for large networks
RIPv1 uses broadcast UDP packets to exchange routing information
– port 520
– sends routing update information every 30 seconds
– if an update has not been received in 180 seconds, the routes are marked as unusable
– if an update has not been received in 240 seconds, the routes are removed from the
routing table
A default network can be received or advertised with RIP
RIPv2 features
– plain text authentication
– MD5 authentication
– route summarization
– classless interdomain routing (CIDR)
– variable-length subnet masks (VLSM)
Routing updates are sent at regular intervals and when the network topology changes
Routing update
– receiving device adds 1 to the metric value and adds the network to the routing table
– the IP address of the sender of the routing update is used as next-hop
– only the best route to a destination is maintained (the route with the lowest metric)
By default, devices can receive both RIPv1 and RIPv2 packets
– configure the RIP version to override the default
Authentication in RIP is performed only if a key chain is configured
RIP is normally a broadcast protocol
– can be configured for non-broadcast networks
To control the interfaces that exchange routing updates, configure passive-interface
Offset lists can be used to increase the metric of incoming or outgoing routes
The following timers can be adjusted
– Update: the rate routing updates are sent (in seconds) (default 30)
– Invalid: the interval of time after which a route is declared invalid (default 180)
– Flush: the amount of time that must pass before a route is removed from the routing
table (default 240)
– Hold-down: the amount of time of which routing updates are postponed (default 240)
VRFs use the system default timers unless the timers-basic command is configured;
Summary IP address functions:
– Summary routes in the RIP database are processed first
– Associated child routes are skipped as RIP looks through the database
– Auto summary is enabled by default
RIP is a distance-vector routing algorithm
Distance-vector algorithms are sometimes referred to as Bellman-Ford or Ford-Fulkerson algorithms
RIP was the first successful implementation of a distance-vector protocol
Split-horizon is not disabled by default for interfaces using any of the X.25 encapsulations
– for all other encapsulations, split-horizon is enabled by default
By default, no delay is added between packets in a multipacket RIP update. When a high-
end router sends updates to a low-speed router, interpacket delay may be needed;
router rip
output-delay
RIP performs a source-validation check. The source IP address of the incoming routing
updates must be on the same IP network of one of the IP addresses of the receiving
interface.
– It can be disabled, such as when the local IP address is a /32, but the source is a /24.
router rip
no validate-update source
RIPv1 Packet Format
0………8………16……………….31
| Command | Version | Must be zero |
——————————————
| Address Family | Must be zero |
| Identifier | |
——————————————
| IP Address |
——————————————
| Must be zero |
——————————————
| Must be zero |
——————————————
| Metric |
——————————————
The Address Family Identifier through the Metric can be repeated 25 times in a single
packets
– Max RIP packet size of 512 bytes
The Address Family Identifier is set to 2 for IP
RIPv1
– Classful
– Updates as broadcast
RIPv2 Packet Format
0………8………16……………….31
| Command | Version | Route Tag |
——————————————
| Address Family | Must be zero |
| Identifier | |
——————————————
| IP Address |
——————————————
| Subnet Mask |
——————————————
| Next Hoop |
——————————————
| Metric |
——————————————
RIPv2
– Classless
– Updates as multicast 224.0.0.9
Example configuration:
router rip
network 10.1.1.0
neighbor 10.1.1.2
offset-list 98 in 1 fa0/0
timers-basic 1 2 3 4
version 2
no auto-summary
no validate-update-source
output-delay 8
int fa0/0
ip rip send version 2
ip rip receive version 2
ip rip authentication key-chain rip-md5
ip rip authentication mode md5
ip summary-address rip 10.2.0.0 255.255.0.0
no ip split-horizon
ip rip triggered
ip rip initial-delay 45
key-chaing rip-md5
key 123456
key-string abcde
Address Family Timers Example configuration:
router rip
version 2
timers-basic 5 10 15 20
redistribute connected
network 5.0.0.0
default-metric 10
no auto-summary
address-family ipv4 vrf abc
timers-basic 10 20 20 30
redistribute connected
network 10.0.0.0
no auto-summary
version 2
address-family ipv4 vrf xyz
timers-basic 20 40 60 80
redistribute connected
network 20.0.0.0
default-metric 2
no auto-summary
version 2
Verify RIP
– debug ip rip
– show ip route rip
– show key chain
– sh ip protocols | in sec
RIP for IPV6
IPv6 RIP functions the same and offers the same benefits as RIP in IPv4
– Enhancements include:
– support for IPv6 address and prefixes
– use of the all-RIP-devices multicast group address FF02::9 as a destination address
for RIP update messages
Enabling IPv6 RIP:
ipv6 unicast-routing
int fa0/0
ipv6 enable
ipv6 rip enable
Optional:
ipv6 router rip
Maixmum number of equal-cost routes in IPv6 RIP
– default is 4
ipv6 router rip maximum-paths
Originate the IPv6 default route (::/0)
int fa0/0
ipv6 rip default-information {originate|only}
– originate: originates the default route (::/0) in addition to all other routes in the updates sent on this interface
– only: originates the default route (::/0) but surpresses all other routes in the updates sent on the interface
Verify IPv6 RIP:
– show ipv6 rip {database|next-hops}
– show ipv6 route
– debug ipv6 rip
– show ipv6 rip
Nonstop forwarding for IPv6 RIP
– Cisco Nonstop Forwarding (NSF) continues forwarding packets while routing protocols converge
– this avoids route flapping
IPv6 RIP supports the use of a route map to select routes for redistribution
– route may be specified by:
– prefix
– route-map prefix list
– tag
Configuring route tags:
route-map bgp-to-rip permit 10
match ipv6 address prefix-list bgp-rip-list
set tag 4
Route filtering using distribute lists provides control over the routes RIP receives and advertises
– this may be done globally or per interface
Input distribute lists control route reception
– input filtering is applied to advertisements received from neighbors
– only routes that pass input filtering will be inserted in the RIP local routing table and become a candidate for insertion into the IPv6 routing table
Output distribute lists control route advertisement
An interface distribute list always takes precedence
An IPv6 prefix list range can be specified with the keywords “le” (less than) and “ge” (greater than)
– an exact match is assumed when “le” and “ge” are not specified
ipv6 prefix list seq {deny | |description } ge le
Example:
ipv6 prefix-list abc permit 2001:DB8::/16
ipv6 prefix-list abc deny ::/0
ipv6 router rip process1
distribute-list prefix-list abc in fa0/0
Example:
ipv6 router rip process1
maximum-paths 1
redistribute bgp 65001 route-map bgp-to-rip
distribute-list prefix-list eht0/0-in-flt in Ethernet0/0
int e0/0
ipv6 address 2001:DB8::/64 eui-64
ipv6 rip process1 enable
ipv6 rip process1 default-information originate
ipv6 prefix-list bgp-to-rip-flt seq 10 deny 2001:DB8:3::/16 le 128
ipv6 prefix-list bgp-to-rip-flt seq 20 permit 2001:DB8:1::/8 le 128
ipv6 prefix-list eth0/0-in-flt seq 10 deny ::/0
ipv6 prefix-list eth0/0-in-flt seq 20 permit ::/0 le 128
route-map bgp-to-rip permit 10
match ipv6 address prefix-list bgp-to-rip-flt
Bidirectional Forward Detection (BFD) for RIPv2 support feature is used to facilitate an alternate path selection when a neighboring router is inactive
BFD is a protocol that provides subsecond failure detection using a single, common standardized mechanism that is independent of media and routing protocols
Configuring BFD for RIPv2 neighbors:
router rip
version 2
bfd all-interfaces
Enable BFD for a specific RIP neighbor
router rip
version 2
neighbor 10.10.20.2 bfd
BFD for RIPv2 Support was introduced in 15.3(2)T
Key chain authentication pitfall
– white space counts as a valid character
– use “show key chain” command to ensure that a space is not at the end of the
authentication key
– for RIP and EIGRP authentication
ip rip advertise (0 – 429466>
– interface command to specify the periodic advertisement interval
– the command overrides the default global periodic advertisement interval or the
“timers-basic” settings
