RIP/RIPng
RIPv1 (Routing Information Protocol v1) is defined in RFC 1058.
RIPv2 is defined in RFC 2453.
RIPng (RIP for IPv6) is defined in RFC 2080.
RIP uses UDP port 520.
Metric = hop count (1-16) - use offset-list to modify
Admin distance is 120.
RIP v1
If the advertised prefix is part of a directly connected network, the subnet mask of that connected interface is used as the subnet mask of the prefix. Otherwise, major classes A/B/C are used accordingly.
Use secondary ip addresses on intermediate links to fix the discontinuous class issues in RIP v1.
RIP v1 updates are sent as broadcast to 255.255.255.255
RIP v2
- classless routing
- next-hop included in updates
- authentication
- external route tags
- multicast updates (to 224.0.0.9)
RIP default mode
- send v1 updates
- listen to v1/v2 updates
Passive interface
- listens to RIP messages (use filtering to block if required)
- doesn't send RIP updates (unless a specific neighbor is configured)
- updates the routing table
In IOS, you can use "ip rip triggered" under serial interfaces (on both neighbors) to minimize the number of updates.
Unicast updates
You can specify a specific neighbor for sending unicast updates.
IOS
router rip
neighbor 10.1.1.2
IOS-XR
router rip
neighbor 10.1.1.2
Use the command "no validate-update-source" under the RIP process if you want to enable exchange of routes between neighbors with different networks.
Configuration
IOS
router rip
version 2
network 10.0.0.0
no auto-summary
IOS-XR
router rip
interface X
!
no auto-summary
IOS-XR has v2 enabled by default. You need the change the send/receive version under the interface if v1 is required.
Unless told otherwise, always enable v2 and disable auto-summary.
Route Summarization
IOS
interface Serial2/0
ip summary-address rip x.x.x.x y.y.y.y
IOS-XR
not supported
Route Filtering
- prefix-list & gateway
- distribute-list prefix PREFIXES gateway SOURCES in
- extended ACL
- distribute-list X in
- access-list x permit ip host SOURCE host PREFIX
Authentication
Two methods:
- clear text
- MD5
IOS
interface X
ip rip authentication mode md5
ip rip authentication key-chain KEYCHAIN
!
key chain KEYCHAIN
key 1
key-string TESTPASS
IOS-XR
router rip
interface TenGigE0/0/0/0
authentication keychain KEYCHAIN mode md5
!
key chain KEYCHAIN
key 1
key-string TESTPASS
PE-CE
CE
IOS
router rip
version 2
network 10.0.0.0
no auto-summary
IOS-XR
router rip
interface X
!
no auto-summary
PE
IOS
router rip
address-family ipv4 vrf VPN
network 10.0.0.0
no auto-summary
version 2
exit-address-family
IOS-XR
router rip
vrf VPN
interface X
!
no auto-summary
In IOS, if RIP v2 is to be used, then it must be defined under the ipv4 vrf address-family on the PE.
RIPng (IPv6)
Same as RIPv2, except:
- uses UDP port 521 (can be changed)
- updates are sent to FF02::9 (can be changed)
- metric can be changed per incoming interface (not per received/advertised prefix)
IOS
interface X
ipv6 rip RIPNG enable
!
ipv6 router rip RIPNG
port 528 multicast-group FF02::8
IOS-XR
not supported
Defining the RIPng process is not required in IOS; it gets automatically created once you enable it under an interface. Removing the RIPng process will also remove all other configuration from interfaces.
Since you can have multiple RIPng processes, you must use a different UPD port for every RIPng process to differentiate the incoming updates.
Process name is only locally significant.
No comments:
Post a Comment