Search This Blog

Friday, December 9, 2011

RIPv2 Summary


- The metric of RIP is hop count
- 1 is for directly connected neighbor and 16 for unreachable destination
- RIP uses UDP port 520
- Administrative Distance is 120
- Each RIP packet is composed from 4 bytes for initial message, 20 bytes for each route    advertised (up to 25 routes per packet) and more 8 bytes for UDP header will set the     maximum packet size to 512 bytes.
- RIP has 2 Message types: Request and Response, both are represented by the command area in the packet decode with the number 1 or 2 accordingly.

Timers

Update timer – every 30 seconds the RIP router sends update message with full routing table to each RIP enabled interface.
Invalid timer – the time that pass before a route become invalid. Cisco IOS default is 180 seconds (six update period)
Flush timer – 240 seconds before the router will flush the route from the routing table. Until then it will remain in the routing table and marked as unreachable.
Holddown timer – An update with a hop count higher than the metric recorded in the routing table will cause the route to go into holddown for 180 seconds.
Sleep timer - This timer, which sets in milliseconds, prevent routing flooding in case of flush event. The value should be less than update timer else routing tables will be unsynchronized.

These timers can be manipulated by the command:
timers basic update invalid holddown flush sleep

Flash-update Threshold

Suppress a flush update if regular update occurs within the specific time:
R1(config-router)#flash-update-threshold 10

Source IP Validates

RIP and IGRP are the only routing protocols that validate the source IP address of incoming updates.

In order to disable this behavior use the command:
router(Config-router)#no validate-source ip

Split –horizon

Basic routing-loop prevention mechanism which doesn’t allow a router to advertise a route prefix back to an interface, which the router, has learned this route.
Split-horizon is enabled on all interfaces, by default, beside on Frame-Relay main physical interface, were split-horizon is disabled. While using multipoint on a sub-interface, split-horizon is enabled.

To disable split-horizon used interface configuration mode command:
router(Config-if)#no split-horizon

Triggered Updates

Suppress periodic updates and sends only triggered updates
router(Config-if)#ip rip triggered
This command works on Point-to-point and some multipoint configurations and should be configured on both sides of the link.

Passive-interface

When passive-interface is configured on a RIP router it prevents from the router to send updates on the configured interface, but the router will continue to listen and receive RIP updates.
router(config-router)#passive-interface fastEthernet 0/0
also:
router(config-router)#passive-interface default
For every interface to be passive by default

Unicast updates

By default RIP sends and receive updates through broadcast (RIPv1) or Multicast (RIPv2 224.0.0.9).
In order to send and receive updates using unicast, first configure passive-interface to prevent multicast and then configure the neighbor command:
router(config-router)#neighbor 10.1.24.2

RIPv2 Broadcast

In order to configure RIPv2 routers to exchange updates using broadcast configure:
router(config-if)#ip rip v2-broadcast

Summary Address

To summarize an address:
router(config-if)#ip summary-address rip 150.1.0.0 255.255.255.0

RIP does not generate a route to Null0 when generating summaries.

Output Delay

In order to prevent routing information loses while sending updates we can configure a delay between using the following command:
router(config-router)#output-delay 10

Input Queue

Changing the receiving router’s queue for getting updates:
router(config-router)#input-queue 75
The default is 50

Authentication

Using RIP authentication on interface level with two modes: clear text and MD5
In MD5 key number must be match.
MD5 Authentication example:
First create a key chain:
Router(Config)#key chain TST
Router(Config-keychain)#key 1
Router(Config-keychain-key)#key-string cisco
Configure authentication type (Clear-text or MD5 and key-chain on interface level)
Router(Config-if)#ip rip authentication mode md5
Router(Config-if)#ip rip authentication key-chain TST

RIP Route Influence

Outbound Route Filtering

Access-list with route-maps while injecting conditional default-route example:
router rip
 version 2
 default-information originate route-map TST
 no auto-summary
access-list 1 permit 112.1.1.0 0.0.0.255
access-list 1 permit 112.2.2.0 0.0.0.255
route-map TST permit 10
 match ip address 1

While 112.1.1.0/24 and 112.2.2.0/24 are in the routing table, this router will inject a default route into RIP domain.

Offset-list example:
router rip
 version 2
 offset-list 1 out 12 Serial0/0.12
 offset-list 1 out 13 Serial0/0.14
 no auto-summary
access-list 1 permit 103.0.0.0 0.63.255.255
access-list 1 permit 104.0.0.0 0.31.255.255

In this example the router will advertise routes 103.0.0.0/18 and 104.0.0.0/19 to interface serial 0/0.12 with hop count of 12 and to interface serial 0/0.14 with hop count of 14.

Inbound Route Filtering

Inbound route filtering can be done using prefix-list or extended access-list
To use extended ACL use as follow:
access-list 100 deny   ip host 10.1.123.1 host 192.168.4.0
access-list 100 permit ip any any

Where the first host is the next-hop router and the second host is the route-prefix. In the following example the router will not accept route-prefix 192.168.4.0 from router 10.1.123.1.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)