{"id":748,"date":"2021-08-20T03:12:21","date_gmt":"2021-08-20T03:12:21","guid":{"rendered":"http:\/\/feralpacket.org\/?p=748"},"modified":"2021-08-20T03:12:21","modified_gmt":"2021-08-20T03:12:21","slug":"ripv2-notes","status":"publish","type":"post","link":"https:\/\/feralpacket.org\/?p=748","title":{"rendered":"RIPv2 Notes"},"content":{"rendered":"

RIPv2<\/b>:<\/p>\n

 – UDP port 520<\/p>\n

 – Multicast IP 224.0.0.9<\/p>\n

 – Classless (not by default)<\/p>\n

     -> Cannot have discontiguous networks<\/p>\n

 – Metric is hop count<\/p>\n

 – Metric 16 is infinite metric<\/p>\n

 – Timers<\/p>\n

     -> Update timer:  30 seconds<\/p>\n

     -> Invalid timer:  180 seconds<\/p>\n

     -> Holddown timer:  180 seconds<\/p>\n

     -> Flush timer:  240 seconds<\/p>\n

 – Supports authentication<\/p>\n

     -> Plain text<\/p>\n

     -> MD5<\/p>\n

 – AD is 120<\/p>\n

router rip<\/span><\/p>\n

 version 2<\/span><\/p>\n

 no auto-summary<\/span><\/p>\n

 network x.x.x.x<\/span><\/p>\n

<\/p>\n

Mismatched version updates can cause one way communication between the routers<\/p>\n

 – R1<\/p>\n

     -> Send v1 updates<\/p>\n

     -> Receive v1 and v2 updates<\/p>\n

 – R2<\/p>\n

     -> Send and receive v2 updates<\/p>\n

Authentication<\/b><\/p>\n

 – Plain text<\/p>\n

 – MD5<\/p>\n

     -> Create key chain<\/p>\n

     -> Apply to an interface<\/p>\n

key chain CISCO<\/span><\/p>\n

 key 1<\/span><\/p>\n

  key-string CCIE<\/span><\/p>\n

<\/span><\/p>\n

int s0\/0<\/span><\/p>\n

 ip rip authentication mode { text | md5 }<\/span><\/p>\n

 ip rip authentication key-chain CISCO<\/span><\/p>\n

sh ip protocols<\/span><\/p>\n

 – Lists the authentication method<\/p>\n

debug ip rip<\/span><\/p>\n

 – To troubleshoot authentication problems<\/p>\n

     -> Such as key mismatch<\/p>\n

sh key chain<\/span><\/p>\n

 – To see if a space is present in the key-string<\/p>\n

Summarization<\/b><\/p>\n

<\/p>\n

Summary address 10.0.0.0\/22<\/p>\n

int fa0\/0<\/span><\/p>\n

 ip rip summary-address 10.0.0.0 255.255.252.0<\/span><\/p>\n

A summary address is installed into the routing table pointing to the NULL interface<\/p>\n

 – Used when one of the more specific networks is not rachable<\/p>\n

 – This prevents the packets from being default routed to 0.0.0.0\/0<\/p>\n

 – Causes packets to be dropped<\/p>\n

 – Summary address AS is still 120<\/p>\n

RIP does not create a summary route pointing to NULL0<\/p>\n

 – Must be created manually<\/p>\n

ip route 10.0.0.0 255.255.252.0 NULL0<\/span><\/p>\n

172.16.0.0 \/24<\/p>\n

172.16.1.0 \/24<\/p>\n

172.16.2.0 \/24<\/p>\n

172.16.3.0 \/24<\/p>\n

     -> 172.16.0.0 \/22<\/p>\n

          -> Works with RIPv2<\/p>\n

172.0.0.0 \/16<\/p>\n

172.1.0.0 \/16<\/p>\n

172.2.0.0 \/16<\/p>\n

172.3.0.0 \/16<\/p>\n

     -> 172.0.0.0 \/14<\/p>\n

          -> Will not work with RIPv2<\/p>\n

          -> Error message when trying to configure<\/p>\n

RIPv2 summarization is only possible within the limits of a class (A, B, C)<\/p>\n

     -> RIPv2 summarization is not classles<\/p>\n

Default Routing<\/b><\/p>\n

<\/p>\n

R1(config)# router rip<\/span><\/p>\n

 default-information originate<\/span><\/p>\n

In other routing tables:<\/p>\n

R*  0.0.0.0     [120|*]<\/p>\n

     -> The metric of the summary route is the least metric among more specific routes<\/p>\n

Conditional Default Routing<\/b><\/p>\n

<\/p>\n

In conditional default routing, the exit interface network is checked<\/p>\n

 – If the network is in the routing table, the default network will be injected<\/p>\n

 – If the network is not in the routing table, the default route is not injected<\/p>\n

R1(config)# access-list 1 permit 200.0.0.0 0.0.0.255<\/span><\/p>\n

route-map DR<\/span><\/p>\n

 match ip address 1<\/span><\/p>\n

router rip<\/span><\/p>\n

 default-information originate route-map DR<\/span><\/p>\n

This is conditional, but not reliable<\/p>\n

 – Have to make the route-map false to be reliable<\/p>\n

 – Link may be up, but the connection to the Internet may be down<\/p>\n

Reliable Conditional Default Routing<\/p>\n

 – Uses IP SLA<\/p>\n

Apply to RIP<\/p>\n

 – IP SLA (Step 1) <–> Track (Step 2) <– Dummy Static Route (Step 3) <– Access-list (Step 4) <– Route-map (Step 5)<\/p>\n

R1(config)# ip sla 1<\/span><\/p>\n

 icmp-echo 4.2.2.2<\/span><\/p>\n

  timeout 2000<\/span><\/p>\n

     -> In milliseconds<\/p>\n

  frequency 4<\/span><\/p>\n

     -> In seconds<\/p>\n

ip sla schedule 1 start-time now life forever<\/span><\/p>\n

track 1 ip sla 1 reachability<\/span><\/p>\n

ip route 169.254.0.0 255.255.0.0 NULL0 track 1<\/span><\/p>\n

access-list 1 permit 169.254.0.0 0.0.255.255<\/span><\/p>\n

route-map ABC<\/span><\/p>\n

 match ip address 1<\/span><\/p>\n

router rip<\/span><\/p>\n

 default-information originate route-map ABC<\/span><\/p>\n

RIP Filtering<\/b><\/p>\n

<\/p>\n

Passive Interface<\/b><\/p>\n

 – It stops sending updates out the specified interface<\/p>\n

router rip<\/span><\/p>\n

 passive-interface { <interface> | default }<\/span><\/p>\n

passive-interface default<\/span><\/p>\n

 – Can be used if there are a lot of loopback interfaces that you do not want to advertise<\/p>\n

Distribute List<\/b><\/p>\n

 – Which network to filter<\/p>\n

 – Direction ( in | out )<\/p>\n

 – In | out which interface<\/p>\n

     -> If not specified, the network will be filtered from all interfaces<\/p>\n

 – Filter is outsourced!<\/p>\n

     -> ACL<\/p>\n

     -> Prefix-list<\/p>\n

router rip<\/span><\/p>\n

 distribute-list <acl> in | out int <int><\/span><\/p>\n

<\/span><\/p>\n

router rip<\/span><\/p>\n

 distribute-list prefix <list> in | out int <int><\/span><\/p>\n

<\/p>\n

Distribute List – Standard ACL<\/b><\/p>\n

access-list 1 deny 1.1.1.1<\/span><\/p>\n

access-list 1 permit any<\/span><\/p>\n

router rip<\/span><\/p>\n

 distribute-list 1 out fa0\/0<\/span><\/p>\n

<\/p>\n

Scenario -> Filter all even number octets (in the 3rd octet) of outgoing network<\/p>\n

255.255.11111110.255<\/p>\n

     -> I don’t care about the first 7 bits, I only care about the last bit<\/p>\n

     -> Subnet mask:  255.255.254.255<\/p>\n

     -> Wild card mask:  0.0.1.0<\/p>\n

10.0.0.0 – 00000000<\/p>\n

10.0.2.0 – 00000010<\/p>\n

     -> Last bit doesn’t change<\/p>\n

     -> 0 – don’t care<\/p>\n

     -> 1 – do care<\/p>\n

access-list 1 deny 0.0.0.0 255.255.254.255<\/span><\/p>\n

access-list 1 permit any<\/span><\/p>\n

     – or –<\/p>\n

access-list 1 permit 0.0.1.0 255.255.254.255<\/span><\/p>\n

Distribute List – Extended ACL<\/b><\/p>\n

access-list <number> permit | deny <protocol> <source> <destination><\/span><\/p>\n

 – Protocol is ip<\/p>\n

 – Source is update source<\/p>\n

 – Destination is update network<\/p>\n

<\/p>\n

Scenario -> On R1, filter incoming update for network 50.0.0.0 if it is coming from R3<\/p>\n

R1(config)# access-list 100 deny ip host 123.0.0.3 host 50.0.0.0<\/span><\/p>\n

access-list 100 permit ip any any<\/span><\/p>\n

router rip<\/span><\/p>\n

 distribute-list 100 in<\/span><\/p>\n

Prefix Lists<\/b><\/p>\n

 – More flexible<\/p>\n

 – Can match on subnet masks<\/p>\n

ip prefix-list <name> [seq <number] permit | deny <network\/wildcard mask> [le | ge <0 – 32>]<\/span><\/p>\n

 – <network\/wildcard mask> – prefix<\/p>\n

 – le | ge <0 – 32> – subnet mask<\/p>\n

access-list <number> permit | deny <network> <wildcard mask><\/span><\/p>\n

10.0.0.0 0.255.255.255<\/p>\n

10.0.0.0 \/22<\/p>\n

10.0.0.0 \/24<\/p>\n

ip prefix-list LIST1 deny 10.0.0.0\/8 ge 24 le 24<\/span><\/p>\n

 – Matches 10.0.0.0 \/24<\/p>\n

Match any network starting with 172.16.x.x with subnet mask from 255.255.0.0 to 255.255.255.0<\/p>\n

255.255.0.0          -> \/16<\/p>\n

255.255.128.0      -> \/17<\/p>\n

255.255.192.0      -> \/18<\/p>\n

255.255.224.0      -> \/19<\/p>\n

255.255.240.0      -> \/20<\/p>\n

255.255.248.0      -> \/21<\/p>\n

255.255.252.0      -> \/22<\/p>\n

255.255.254.0      -> \/23<\/p>\n

255.255.255.0      -> \/24<\/p>\n

ip prefix-list ABC deny 172.16.0.0\/16 ge 16 le 24<\/span><\/p>\n

<\/p>\n

1. <\/p>\n

 – Wildcard ->16<\/p>\n

 – Range -> 16 – 24<\/p>\n

2.<\/p>\n

 – Wildcard -> 16<\/p>\n

 – Range -> 18 – 32<\/p>\n

     -> If on the exam, upper boundary is not specific, assume it’s 32<\/p>\n

3.<\/p>\n

 – Wildcard -> 16<\/p>\n

 – Range -> 18 – 24<\/p>\n

ip prefix-list ABC deny 172.16.0.0\/16 ge 18<\/span><\/p>\n

ip prefix-list ABC deny 172.16.0.0\/16 ge 18 le 24<\/span><\/p>\n

Drawback of using prefix-lists<\/p>\n

 – ge cannot be lower than the wildcard mask<\/p>\n

Scenario -> Match any network starting with 172.16.0.0 and subnet mask between 8 and 24<\/p>\n

ip prefix-list ABC deny 172.16.0.0\/16 ge 8 le 24<\/span><\/p>\n

     -> Will not work<\/b><\/p>\n

     -> ge cannot be lower than the wildcard mask<\/p>\n

If a single subnet mask is to be matched and it happens to be equal to the wildcard mask, then ge and le can be skipped<\/p>\n

 – Compare first octet of 10.0.0.0 and subnet mask must be 255.0.0.0<\/p>\n

ip prefix-list permit 10.0.0.0\/8<\/span><\/p>\n

<\/p>\n

Filter 1.1.1.1 \/32 from R2<\/p>\n

R1(config)# ip prefix-list ABC deny 1.1.1.1\/32<\/span><\/p>\n

 ip prefix-list ABC permit 0.0.0.0\/0 le 32<\/span><\/p>\n

router rip<\/span><\/p>\n

 distribute-list prefix ABC out fa0\/0<\/span><\/p>\n

Filter from a specific source<\/b><\/p>\n

<\/p>\n

Scenario -> Filter any network coming from R3 and accept all networks from R2<\/p>\n

 – In this scenario, two prefix lists will be used<\/p>\n

     -> 1. To identify which networks will be filtered<\/p>\n

     -> 2. To identify the source<\/p>\n

Distribute List<\/b><\/p>\n

distribute-list prefix <list1> gateway <list2> in | out [<interface>]<\/span><\/p>\n

R1(config)# ip prefix-list LIST1 permit 50.0.0.0\/8<\/span><\/p>\n

 ip prefix-list LIST2 deny 123.0.0.3\/32<\/span><\/p>\n

 ip prefix-list LIST2 permit 123.0.0.2\/32<\/span><\/p>\n

router rip<\/span><\/p>\n

 distribute-list prefix LIST1 gateway LIST2 in fa0\/0<\/span><\/p>\n

During the lab, always use extended ACLs unless using prefix-lists is spcified<\/p>\n

sh ip protocols<\/span><\/p>\n

 – Displays the distribute-lists applied<\/p>\n

Offset-list<\/b><\/p>\n

 – This is used to add an offset number to the metric value when updates are sent or received<\/p>\n

<\/p>\n

Scenario -> R1 should always use R2 as next-hop to reach network x (50.0.0.0)<\/p>\n

 – If connection to R2 goes down, R1 should start using R3 as next-hop for network x<\/p>\n

offset-list <acl> in | out <offset-number> [<interface>]<\/span><\/p>\n

 – Standard ACL is used<\/p>\n

access-list 1 permit 50.0.0.0<\/span><\/p>\n

router rip<\/span><\/p>\n

 offset-list 1 in 2 s0\/1<\/span><\/p>\n

For filtering purposes, offset number 16 can be used<\/p>\n

Scenario -> Filter all network from R3<\/p>\n

access-list 1 permit any<\/span><\/p>\n

router rip<\/span><\/p>\n

 offset 1 in 16 s0\/1<\/span><\/p>\n

     – or –<\/p>\n

! No ACL needed<\/p>\n

router rip<\/span><\/p>\n

 offset-list 0 in 16 s0\/1<\/span><\/p>\n

Filtering By Manipulating AD<\/b><\/p>\n

 – AD 255<\/p>\n

     -> Unreachable<\/p>\n

     -> Route deleted from the routing table<\/p>\n

Scenario -> Filter network 50.0.0.0 from any router<\/p>\n

access-list 1 permit 50.0.0.0<\/span><\/p>\n

router rip<\/span><\/p>\n

 distance 255 0.0.0.0 255.255.255.255 1<\/span><\/p>\n

     -> 0.0.0.0 255.255.255.255 – the source<\/p>\n

     -> 1 – ACL<\/p>\n

Scenario -> Filter 50.0.0.0 from R3 (123.0.0.3)<\/p>\n

access-list 1 permit 50.0.0.0<\/span><\/p>\n

router rip<\/span><\/p>\n

 distance 255 123.0.0.3 0.0.0.0 1<\/span><\/p>\n

RIP Miscellaneous Topics<\/b><\/p>\n

 – Change timers<\/p>\n

 – Unicast updates<\/p>\n

 – Triggered updates<\/p>\n

 – Send \/ receive version<\/p>\n

Changing Timers<\/b><\/p>\n

 – rip configation<\/p>\n

 – inside interface<\/p>\n

router rip<\/span><\/p>\n

 timers basic <update> <invalid> <holddown> <flush><\/span><\/p>\n

int fa0\/0<\/span><\/p>\n

 ip rip advertise <sec><\/span><\/p>\n

<\/p>\n

Scenario -> Change the RIP timers to 20, 90, 90, 120, but keep the update time to 30 seconds for fa0\/0<\/p>\n

R1(config)# router rip<\/span><\/p>\n

 timers basic 20 90 90 120<\/span><\/p>\n

int fa0\/0<\/span><\/p>\n

 ip rip advertise 30<\/span><\/p>\n

Unicast Updates<\/b><\/p>\n

<\/p>\n

To switch to unicast updates<\/p>\n

 – Stop sending multicast updates<\/p>\n

 – Start sending unicast updates<\/p>\n

On R1 \/ R2:<\/p>\n

router rip<\/span><\/p>\n

 passive-interface fa0\/0<\/span><\/p>\n

 neighbor 12.0.0.x<\/span><\/p>\n

Triggered Updates<\/b><\/p>\n

 – Any serial (point-to-point) interface the periodic updates can be disabled and made triggered<\/p>\n

<\/p>\n

On R1 \/ R2:<\/p>\n

int s0\/0<\/span><\/p>\n

 ip rip triggered<\/span><\/p>\n

debug ip rip<\/span><\/p>\n

sh ip protocols<\/span><\/p>\n

Send | Receive Version<\/p>\n

 – By default if the version command is not used, then all interfaces<\/p>\n

     -> Send v1 updates<\/p>\n

     -> Receive v1 and v2 updates<\/p>\n

 – If the version command is used, the interfaces will send and receive the version specified<\/p>\n

 – The impact of the version command can be overridden by using interface specific commands<\/p>\n

int fa0\/0<\/span><\/p>\n

 ip rip send version { 1 | 2 }<\/span><\/p>\n

 ip rip receive version { 1 | 2 }<\/span><\/p>\n

sh ip protocols<\/span><\/p>\n

router rip will not display in show run if a network statement is not configured<\/p>\n

ip rip advertise 30 will not show up in the sh run config because it is the default configuration<\/p>\n

 – Use sh ip route to verify the proper networks are received on the interface<\/p>\n","protected":false},"excerpt":{"rendered":"

RIPv2:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[31,26,10],"class_list":["post-748","post","type-post","status-publish","format-standard","hentry","category-ccie","tag-published","tag-ripv2","tag-service-provider"],"_links":{"self":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/748","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=748"}],"version-history":[{"count":1,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/748\/revisions"}],"predecessor-version":[{"id":986,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/748\/revisions\/986"}],"wp:attachment":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=748"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=748"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}