Categories R&S

L3 technologies – RIPv2 – Path selection and filtering

In this post I will take a closer look at path selection and filtering with RIPv2.

 

L3 technologies – RIPv2 – Path selection and filtering – Physical network diagram

L3 technologies – RIPv2 – Path selection and filtering – Physical network diagram

 

L3 technologies – RIPv2 – Path selection and filtering – offset list:

RIPv2 uses hop count as a metric. So we can influence the traffic by modifying the hop count for a destination.

Currently, when R5 wants to reach R6 loopback IP address, RIPv2 reports the same metric via R2 or via R4.

R5#sh ip route 192.168.1.6
Routing entry for 192.168.1.6/32
  Known via "rip", distance 120, metric 3
  Redistributing via rip
  Last update from 10.10.45.0 on Ethernet0/1, 00:00:04 ago
  Routing Descriptor Blocks:
  * 10.10.45.0, from 10.10.45.0, 00:00:04 ago, via Ethernet0/1
      Route metric is 3, traffic share count is 1
    10.10.25.0, from 10.10.25.0, 00:00:19 ago, via Ethernet0/0
      Route metric is 3, traffic share count is 1R5#traceroute 192.168.1.6
Type escape sequence to abort.
Tracing the route to 192.168.1.6
VRF info: (vrf in name/id, vrf out name/id)
  1 10.10.25.0 6 msec
    10.10.45.0 5 msec
    10.10.25.0 8 msec
  2 10.10.14.0 8 msec
    10.10.1.1 6 msec
    10.10.14.0 7 msec
  3 10.10.16.1 8 msec *  8 msec

Let’s say we want R5 only to use the route via R2 to reach R6 loopback.

We will configure an offset list and apply it on R5.

 

First we identify the traffic with an access-list that match R7 loopback prefix.

R5(config)#access-list 10 permit host 192.168.1.6

 

Then we configure the offset list under R5 RIPv2 process and make it apply for update received from R2.

R5(config)#router rip
R5(config-router)#offset-list 10 in 10 eth0/1

Now the traffic only goes via R2.

R5#sh ip route 192.168.1.6
Routing entry for 192.168.1.6/32
  Known via "rip", distance 120, metric 3
  Redistributing via rip
  Last update from 10.10.25.0 on Ethernet0/0, 00:00:06 ago
  Routing Descriptor Blocks:
  * 10.10.25.0, from 10.10.25.0, 00:00:06 ago, via Ethernet0/0
      Route metric is 3, traffic share count is 1
R5#traceroute 192.168.1.6
Type escape sequence to abort.
Tracing the route to 192.168.1.6
VRF info: (vrf in name/id, vrf out name/id)
  1 10.10.25.0 8 msec 5 msec 4 msec
  2 10.10.1.1 2 msec 1 msec 2 msec
  3 10.10.16.1 7 msec *  2 msec

 

We can also use offset-list in order to limit the reachability of a prefix.

Because RIPv2 has a limitation of 15 hops count. If a route is located 16 hops or further away, it will be discard.

 

Currently R7 loopback is reachable from everywhere.

Let’s say we want R7 loopback to be only reachable from R1, R2 and R3.

R1 and R2 have a metric of 2 to reach R7 loopback.

R4, R5 and R6 a metric of 3.

 

On R7 we will use an out offset list.

R7(config)#router rip
R7(config-router)#offset-list 0 out 13

 

On R4, debug shows the route is seen as inaccessible.

192.168.1.7/32 via 0.0.0.0 in 16 hops  (inaccessible)
R4#sh ip route 192.168.1.7
% Subnet not in table

 

On R2 we see that the metric is now 15.

R2#sh ip route 192.168.1.7
Routing entry for 192.168.1.7/32
  Known via "rip", distance 120, metric 15
  Redistributing via rip
  Last update from 10.10.1.3 on Ethernet0/0, 00:00:05 ago
  Routing Descriptor Blocks:
  * 10.10.1.3, from 10.10.1.3, 00:00:05 ago, via Ethernet0/0
      Route metric is 15, traffic share count is 1

 

L3 technologies – RIPv2 – Path selection and filtering – Passive Interface:

A passive interface will not send RIPv2 updates out of this interface.

Let’s make R6 interface eth0/0 passive.

R6(config)#router rip
R6(config-router)#passive-interface eth 0/0

 

After that, R1 doesn’t receive the route to R6’s loopback anymore.

R1#sh ip route 192.168.1.6
Routing entry for 192.168.1.6/32
  Known via "rip", distance 120, metric 4294967295 (inaccessible)
  Redistributing via rip
  Last update from 10.10.16.1 on Ethernet0/2, 00:03:38 ago
  Hold down timer expires in 143 secs

R1#sh ip route 192.168.1.6
% Subnet not in table

 

L3 technologies – RIPv2 – Path selection and filtering – distribute-list:

We can filter traffic using distribute-list.

They can be used in combination with access-list and prefix-list.

 

Using filtering, we want R5 to receive the route to R3 loopbacks via R4.

Currently the route is received from R2.

R2(config)#ip prefix-list R3LO deny  192.168.1.3/32
R2(config)#ip prefix-list R3LO permit 0.0.0.0/0 le 32
R2(config)#router rip
R2(config-router)#distribute-list prefix R3LO out eth 0/2

 

Now the route is known via R4. In the prefix-list, we deny the prefix that we want to exclude.

R5#sh ip route 192.168.1.3
Routing entry for 192.168.1.3/32
  Known via "rip", distance 120, metric 3
  Redistributing via rip
  Last update from 10.10.45.0 on Ethernet0/1, 00:00:02 ago
  Routing Descriptor Blocks:
  * 10.10.45.0, from 10.10.45.0, 00:00:02 ago, via Ethernet0/1
      Route metric is 3, traffic share count is 1

 

By using access-list, we know want R3 and R7 to stop receiving routes for R5 loopback.

R3(config)#access-list 1 deny host 192.168.1.5
R3(config)#router rip
R3(config-router)#distribute-list 1 in

 

Subnet is not in R3 table anymore. Neither in R7 routing table.

R3#sh ip route 192.168.1.5
% Subnet not in table
R7# sh ip route 192.168.1.5
% Subnet not in table

 

Few other techniques can be used for filtering, Administrative Distance or Neighbor AD.

I will not go over those one as it is done the same way.

 

 

There is not much more to say about RIPv2.

 

In the next post, I will move to the next routing protocol EIGRP.

 

Thank you for reading.

 

Have a look at my previous L3 technologies – RIPv2  posts:

L3 technologies – RIPv2 – Basic configuration

 

 

L3 technologies – RIPv2 – Path selection and filtering

Leave a Reply

Your email address will not be published.