\u00a0\u00a0version 2<\/span><\/p>\n \u00a0\u00a0no auto-summary<\/span><\/p>\n \u00a0\u00a0network x.x.x.x<\/span><\/p>\n <\/p>\n Mismatched version updates can cause one way communication between the routers<\/p>\n – R1<\/p>\n -> Send v1 updates<\/p>\n -> Receive v1 and v2 updates<\/p>\n – R2<\/p>\n -> Send and receive v2 updates<\/p>\n <\/p>\n Authentication<\/b><\/p>\n – Plain text<\/p>\n – MD5<\/p>\n -> Create key chain<\/p>\n -> Apply to an interface<\/p>\n <\/p>\n key chain CISCO<\/span><\/p>\n \u00a0\u00a0key 1<\/span><\/p>\n \u00a0\u00a0 key-string CCIE<\/span><\/p>\n <\/p>\n int s0\/0<\/span><\/p>\n \u00a0\u00a0ip rip authentication mode { text | md5 }<\/span><\/p>\n \u00a0\u00a0ip rip authentication key-chain CISCO<\/span><\/p>\n <\/p>\n sh ip protocols<\/span><\/p>\n – Lists the authentication method<\/p>\n debug ip rip<\/span><\/p>\n – To troubleshoot authentication problems<\/p>\n -> Such as key mismatch<\/p>\n sh key chain<\/span><\/p>\n – To see if a space is present in the key-string<\/p>\n <\/p>\n Summarization<\/b><\/p>\n Summary address 10.0.0.0\/22<\/p>\n <\/p>\n int fa0\/0<\/span><\/p>\n \u00a0\u00a0ip rip summary-address 10.0.0.0 255.255.252.0<\/span><\/p>\n <\/p>\n A summary address is installed into the routing table pointing to the NULL interface<\/p>\n – Used when one of the more specific networks is not rachable<\/p>\n – This prevents the packets from being default routed to 0.0.0.0\/0<\/p>\n – Causes packets to be dropped<\/p>\n – Summary address AS is still 120<\/p>\n <\/p>\n RIP does not create a summary route pointing to NULL0<\/p>\n – Must be created manually<\/p>\n <\/p>\n ip route 10.0.0.0 255.255.252.0 NULL0<\/span><\/p>\n <\/p>\n 172.16.0.0 \/24<\/p>\n 172.16.1.0 \/24<\/p>\n 172.16.2.0 \/24<\/p>\n 172.16.3.0 \/24<\/p>\n -> 172.16.0.0 \/22<\/p>\n -> Works with RIPv2<\/p>\n <\/p>\n 172.0.0.0 \/16<\/p>\n 172.1.0.0 \/16<\/p>\n 172.2.0.0 \/16<\/p>\n 172.3.0.0 \/16<\/p>\n -> 172.0.0.0 \/14<\/p>\n -> Will not work with RIPv2<\/p>\n -> Error message when trying to configure<\/p>\n <\/p>\n RIPv2 summarization is only possible within the limits of a class (A, B, C)<\/p>\n -> RIPv2 summarization is not classless<\/p>\n <\/p>\n Default Routing<\/b><\/p>\n R1(config)# router rip<\/span><\/p>\n \u00a0\u00a0default-information originate<\/span><\/p>\n <\/p>\n In other routing tables:<\/p>\n <\/p>\n R* \u00a0\u00a00.0.0.0 \u00a0\u00a0\u00a0\u00a0 [120|*]<\/p>\n -> The metric of the summary route is the least metric among more specific routes<\/p>\n <\/p>\n Conditional Default Routing<\/b><\/p>\n In conditional default routing, the exit interface network is checked<\/p>\n – If the network is in the routing table, the default network will be injected<\/p>\n – If the network is not in the routing table, the default route is not injected<\/p>\n <\/p>\n R1(config)# access-list 1 permit 200.0.0.0 0.0.0.255<\/span><\/p>\n route-map DR<\/span><\/p>\n \u00a0\u00a0match ip address 1<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0default-information originate route-map DR<\/span><\/p>\n <\/p>\n This is conditional, but not reliable<\/p>\n – Have to make the route-map false to be reliable<\/p>\n – Link may be up, but the connection to the Internet may be down<\/p>\n <\/p>\n Reliable Conditional Default Routing<\/p>\n – Uses IP SLA<\/p>\n <\/p>\n Apply to RIP<\/p>\n – IP SLA (Step 1) \u00a0<- -> \u00a0Track (Step 2) \u00a0<– Dummy Static Route (Step 3) \u00a0<– Access-list (Step 5) \u00a0<– Route-map (Step 5)<\/p>\n <\/p>\n R1(config)# ip sla 1<\/span><\/p>\n \u00a0\u00a0icmp-echo 4.2.2.2<\/span><\/p>\n \u00a0\u00a0 timeout 2000<\/span><\/p>\n -> In milliseconds<\/p>\n frequency 4<\/span><\/p>\n -> In seconds<\/p>\n ip sla schedule 1 start-time now life forever<\/span><\/p>\n track 1 ip sla 1 reachability<\/span><\/p>\n ip route 169.254.0.0 255.255.0.0 NULL0 track 1<\/span><\/p>\n access-list 1 permit 169.254.0.0 0.0.255.255<\/span><\/p>\n route-map ABC<\/span><\/p>\n \u00a0\u00a0match ip address 1<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0default-information originate route-map ABC<\/span><\/p>\n <\/p>\n RIP Filtering<\/b><\/p>\n Passive Interface<\/b><\/p>\n – It stops sending updates out the specified interface<\/p>\n <\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0passive-interface { <interface> | default }<\/span><\/p>\n <\/p>\n passive-interface default<\/span><\/p>\n – Can be used if there are a lot of loopback interfaces that you do not want to advertise<\/p>\n <\/p>\n Distribute List<\/b><\/p>\n – Which network to filter<\/p>\n – Direction ( in | out )<\/p>\n – In | out which interface<\/p>\n -> If not specified, the network will be filtered from all interfaces<\/p>\n – Filter is outsourced!<\/p>\n -> ACL<\/p>\n -> Prefix-list<\/p>\n <\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distribute-list in | out int <\/span><\/p>\n <\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distribute-list prefix in | out int<\/span><\/p>\n <\/p>\n <\/p>\n Distribute List – Standard ACL<\/b><\/p>\n <\/p>\n access-list 1 deny 1.1.1.1<\/span><\/p>\n access-list 1 permit any<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distribute-list 1 out fa0\/0<\/span><\/p>\n Scenario -> Filter all even number octets (in the 3rd octet) of outgoing network<\/p>\n <\/p>\n 255.255.11111110.255<\/p>\n -> I don’t care about the first 7 bits, I only care about the last bit<\/p>\n -> Subnet mask: \u00a0\u00a0255.255.254.255<\/p>\n -> Wild card mask: \u00a0\u00a00.0.1.0<\/p>\n <\/p>\n 10.0.0.0 – 00000000<\/p>\n 10.0.2.0 – 00000010<\/p>\n -> Last bit doesn’t change<\/p>\n -> 0 – don’t care<\/p>\n -> 1 – do care<\/p>\n <\/p>\n access-list 1 deny 0.0.0.0 255.255.254.255<\/span><\/p>\n access-list 1 permit any<\/span><\/p>\n <\/p>\n – or –<\/p>\n <\/p>\n access-list 1 permit 0.0.1.0 255.255.254.255<\/span><\/p>\n <\/p>\n Distribute List – Extended ACL<\/b><\/p>\n <\/p>\n access-list <number> permit | deny <protocol> <source> <destination><\/span><\/p>\n – Protocol is ip<\/p>\n – Source is update source<\/p>\n – Destination is update network<\/p>\n <\/p>\n Scenario -> On R1, filter incoming update for network 50.0.0.0 if it is coming from R3<\/p>\n <\/p>\n R1(config)# access-list 100 deny ip host 123.0.0.3 host 50.0.0.0<\/span><\/p>\n access-list 100 permit ip any any<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distribute-list 100 in<\/span><\/p>\n <\/p>\n Prefix Lists<\/b><\/p>\n – More flexible<\/p>\n – Can match on subnet masks<\/p>\n <\/p>\n ip prefix-list <name> [seq <number>] permit | deny <network\/wildcard mask> [le | ge <0 – 32>]<\/span><\/p>\n – <network\/wildcard mask> – prefix<\/p>\n <\/p>\n – le | ge – subnet mask<\/p>\n access-list <number> permit | deny <network> <wildcard mask><\/span><\/p>\n <\/p>\n 10.0.0.0 0.255.255.255<\/p>\n <\/p>\n 10.0.0.0 \/22<\/p>\n 10.0.0.0 \/24<\/p>\n <\/p>\n ip prefix-list LIST1 deny 10.0.0.0\/8 ge 24 le 24<\/span><\/p>\n – Matches 10.0.0.0 \/24<\/p>\n <\/p>\n Match any network starting with 172.16.x.x with subnet mask from 255.255.0.0 to 255.255.255.0<\/p>\n <\/p>\n 255.255.0.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/16<\/p>\n 255.255.128.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/17<\/p>\n 255.255.192.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/18<\/p>\n 255.255.224.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/19<\/p>\n 255.255.240.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/20<\/p>\n 255.255.248.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/21<\/p>\n 255.255.252.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/22<\/p>\n 255.255.254.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/23<\/p>\n 255.255.255.0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-> \/24<\/p>\n <\/p>\n ip prefix-list ABC deny 172.16.0.0\/16 ge 16 le 24<\/span><\/p>\n <\/p>\n 1.<\/p>\n – Wildcard ->16<\/p>\n – Range -> 16 – 24<\/p>\n 2.<\/p>\n – Wildcard -> 16<\/p>\n – Range -> 18 – 32<\/p>\n -> If on the exam, upper boundary is not specific, assume it’s 32<\/p>\n 3.<\/p>\n – Wildcard -> 16<\/p>\n – Range -> 18 – 24<\/p>\n <\/p>\n ip prefix-list ABC deny 172.16.0.0\/16 ge 18<\/span><\/p>\n ip prefix-list ABC deny 172.16.0.0\/16 ge 18 le 24<\/span><\/p>\n <\/p>\n Drawback of using prefix-lists<\/p>\n – ge cannot be lower than the wildcard mask<\/p>\n <\/p>\n Scenario -> Match any network starting with 172.16.0.0 and subnet mask between 8 and 24<\/p>\n <\/p>\n ip prefix-list ABC deny 172.16.0.0\/16 ge 8 le 24<\/span><\/p>\n -> Will not work<\/b><\/p>\n -> ge cannot be lower than the wildcard mask<\/p>\n <\/p>\n If a single subnet mask is to be matched and it happens to be equal to the wildcard mask, then ge and le can be skipped<\/p>\n – Compare first octet of 10.0.0.0 and subnet mask must be 255.0.0.0<\/p>\n <\/p>\n ip prefix-list permit 10.0.0.0\/8<\/span><\/p>\n <\/p>\n Filter 1.1.1.1 \/32 from R2<\/p>\n <\/p>\n R1(config)# ip prefix-list ABC deny 1.1.1.1\/32<\/span><\/p>\n \u00a0\u00a0ip prefix-list ABC permit 0.0.0.0\/0 le 32<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distribute-list prefix ABC out fa0\/0<\/span><\/p>\n <\/p>\n Filter from a specific source<\/b><\/p>\n Scenario -> Filter any network coming from R3 and accept all networks from R2<\/p>\n – In this scenario, two prefix lists will be used<\/p>\n -> 1. To identify which networks will be filtered<\/p>\n -> 2. To identify the source<\/p>\n <\/p>\n Distribute List<\/b><\/p>\n <\/p>\n distribute-list prefix <list1> gateway <list2> in | out [<interface>]<\/span><\/p>\n <\/p>\n R1(config)# ip prefix-list LIST1 permit 50.0.0.0\/8<\/span><\/p>\n \u00a0\u00a0ip prefix-list LIST2 deny 123.0.0.3\/32<\/span><\/p>\n \u00a0\u00a0ip prefix-list LIST2 permit 123.0.0.2\/32<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distribute-list prefix LIST1 gateway LIST2 in fa0\/0<\/span><\/p>\n <\/p>\n During the lab, always use extended ACLs unless using prefix-lists is spcified<\/p>\n <\/p>\n sh ip protocols<\/span><\/p>\n – Displays the distribute-lists applied<\/p>\n <\/p>\n Offset-list<\/b><\/p>\n – This is used to add an offset number to the metric value when updates are sent or received<\/p>\n Scenario -> R1 should always use R2 as next-hop to reach network x (50.0.0.0)<\/p>\n – If connection to R2 goes down, R1 should start using R3 as next-hop for network x<\/p>\n <\/p>\n offset-list <acl> in | out <offset-number> [<interface>]<\/span><\/p>\n – Standard ACL is used<\/p>\n access-list 1 permit 50.0.0.0<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0offset-list 1 in 2 s0\/1<\/span><\/p>\n <\/p>\n For filtering purposes, offset number 16 can be used<\/p>\n <\/p>\n Scenario -> Filter all network from R3<\/p>\n <\/p>\n access-list 1 permit any<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0offset 1 in 16 s0\/1<\/span><\/p>\n <\/p>\n – or –<\/p>\n <\/p>\n ! No ACL needed<\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0offset-list 0 in 16 s0\/1<\/span><\/p>\n <\/p>\n Filtering By Manipulating AD<\/b><\/p>\n – AD 255<\/p>\n -> Unreachable<\/p>\n -> Route deleted from the routing table<\/p>\n <\/p>\n Scenario -> Filter network 50.0.0.0 from any router<\/p>\n <\/p>\n access-list 1 permit 50.0.0.0<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distance 255 0.0.0.0 255.255.255.255 1<\/span><\/p>\n -> 0.0.0.0 255.255.255.255 – the source<\/p>\n -> 1 – ACL<\/p>\n <\/p>\n Scenario -> Filter 50.0.0.0 from R3 (123.0.0.3)<\/p>\n <\/p>\n access-list 1 permit 50.0.0.0<\/span><\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0distance 255 123.0.0.3 0.0.0.0 1<\/span><\/p>\n <\/p>\n RIP Miscellaneous Topics<\/b><\/p>\n – Change timers<\/p>\n – Unicast updates<\/p>\n – Triggered updates<\/p>\n – Send \/ receive version<\/p>\n <\/p>\n Changing Timers<\/b><\/p>\n – rip configation<\/p>\n – inside interface<\/p>\n <\/p>\n router rip<\/span><\/p>\n \u00a0\u00a0timers basic<\/span><\/p>\n <\/p>\n <\/p>\n int fa0\/0<\/span><\/p>\n \u00a0\u00a0ip rip advertise<\/span><\/p>\n <\/p>\n <\/p>\n Scenario -> Change the RIP timers to 20, 90, 90, 120, but keep the update time to 30 seconds for fa0\/0<\/p>\n <\/p>\n R1(config)# router rip<\/span><\/p>\n \u00a0\u00a0timers basic 20 90 90 120<\/span><\/p>\n int fa0\/0<\/span><\/p>\n \u00a0\u00a0ip rip advertise 30<\/span><\/p>\n <\/p>\n Unicast Updates<\/b><\/p>\n![\"20141114_174326-1\"](\"https:\/\/feralpacket.org\/wp-content\/uploads\/2015\/01\/20141114_174326-1.jpeg\")
<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n