Categories R&S

L3 technologies – RIPv2 – Basic configuration

It’s now time to move on to a new topic, RIPv2.

In this series we will have a look at RIPv2 in details in order to get the most of this routing protocol.

 

The configuration guide is here:

Cisco RIP configuration guide IOS 15mt

 

Below is the topology we will use.

 

L3 technologies – RIPv2 – Basic configuration – Physical network diagram:

L3 technologies – RIPv2 – Basic configuration

 

L3 technologies – RIPv2 – Basic configuration – Enabling RIPv2:

Enabling RIPv2 is pretty easy. We will only configure RIPv2.

RIP is not part of the CCIE anymore and anyway not much in use in today’s networks.

 

We will include the lo0 of each devices as part of the network advertised by RIPv2.

Here is the configuration on R1.

R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 192.168.1.0
R1(config-router)#network 10.10.14.0
R1(config-router)#network 10.10.16.0

 

You use the network command to define which interface takes part in the routing process.

Let’s do the same on all the other devices.

 

From the debug, we can see RIPv2 is sending update via multicast.

R1#debug ip rip
RIP protocol debugging is on
RIP: sending v2 update to 224.0.0.9 via Ethernet0/0 (10.10.1.1)
RIP: sending v2 update to 224.0.0.9 via Ethernet0/2 (10.10.16.0)

 

In case you need to have RIPv2 updates sent as unicast, you can use the neighbor command.

Let’s try it on the link between R1 and R4.

R1(config)#router rip
R1(config-router)#neighbor 10.10.14.1
R1(config-router)#end
R1#debug ip rip
RIP protocol debugging is on
RIP: sending v2 update to 10.10.14.1 via Ethernet0/1 (10.10.14.0)

 

Make sure to TURN OFF auto-summary when configuring RIPv2.

Otherwise you end up with strange routing table like this.

R1#sh ip route 192.168.1.2
Routing entry for 192.168.1.0/24
  Known via "rip", distance 120, metric 1
  Redistributing via rip
  Last update from 10.10.14.1 on Ethernet0/1, 00:00:04 ago
  Routing Descriptor Blocks:
    10.10.16.1, from 10.10.16.1, 00:00:26 ago, via Ethernet0/2
      Route metric is 1, traffic share count is 1
  * 10.10.14.1, from 10.10.14.1, 00:00:04 ago, via Ethernet0/1
      Route metric is 1, traffic share count is 1
    10.10.1.3, from 10.10.1.3, 00:00:10 ago, via Ethernet0/0
      Route metric is 1, traffic share count is 1
    10.10.1.2, from 10.10.1.2, 00:00:14 ago, via Ethernet0/0
      Route metric is 1, traffic share count is 1
R1(config)#router rip
R1(config-router)#no auto-sum

 

This now looks much better…

R1# sh ip route 192.168.1.2
Routing entry for 192.168.1.2/32
  Known via "rip", distance 120, metric 1
  Redistributing via rip
  Last update from 10.10.1.2 on Ethernet0/0, 00:00:21 ago
  Routing Descriptor Blocks:
  * 10.10.1.2, from 10.10.1.2, 00:00:21 ago, via Ethernet0/0
      Route metric is 1, traffic share count is 1

 

L3 technologies – RIPv2 – Basic configuration – Authentication:

Two types of authentication are supported with RIPv2, plain-text and MD5.

As you guess plain-text is not secure at all.

 

Following our topology, let’s configure RIPv2 plain-text authentication between R1 and R4.

R1(config)#key chain RIP
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CISCO

R1(config)#int Eth 0/1
R1(config-if)#ip rip authentication mode text
R1(config-if)#ip rip authentication key-chain RIP

If we don’t configure the correct authentication on both side, we get the following message.

RIP: ignored v2 packet from 10.10.14.1 (invalid authentication)

 

I have now configure the same password on R4.

In the “debug ip rip” output, we can see the password in clear text.

RIP: received packet with text authentication CISCO

 

Time now to configure the other authentication method, MD5.

Let’s do this between R1, R2 and R3.

R1(config)#key chain RIP_MD5
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CISCOMD5

R1(config)#int Eth 0/0
R1(config-if)#ip rip authentication key-chain RIP_MD5
R1(config-if)#ip rip authentication mode md5

 

I have configure the same on R2 and R3.

Let’s check what we see on the debug.

RIP: received packet with MD5 authentication

 

L3 technologies – RIPv2 – Basic configuration – Convergence Optimization:

RIPv2 convergence is quite slow.

Here are the default timer for RIPv2.

R1#sh ip proto
Routing Protocol is "rip"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Sending updates every 30 seconds, next due in 23 seconds
  Invalid after 180 seconds, hold down 180, flushed after 240

 

RIPv2 timers can be modify in order to improve the convergence time.

Those timers can be divided by 3 three for example.

R1(config)#router rip
R1(config-router)#timer basic 10 60 60 80

 

Note that I do not touch the sleep timer. This sleep timer is not documented on Cisco doc and doesn’t seems to take part in the RIPv2 process.

 

Well that’s all for this first post about RIPv2.

In the next post we will have a closer look on path selection, summarization and filtering with RIPv2.

 

Thank you for reading.

 

L3 technologies – RIPv2 – Basic configuration

 

Leave a Reply

Your email address will not be published.