Hour 28: IGP Review RIP

Consult the symbols legend at the end of the post for information on symbols.

RIP Review

Metric:

  • AD of 120
  • Hop-count. Max 15 hops.
  • Router adds 1 hop to each route sent to peers (locally connected routes have a metric of 0) this metric is installed in peer’s routing table. Remote peer does not add a hop to his updates, unless offset-list is used.
  • During redistribution from other protocols metric is set manually. This metric is announced to peers as it is. No additional metric is added when sending route to peers, unless offset-list is used.
  • [(RTR) offset-list <acl> {in | out} <offset> <IF>] Adds artificial metric to received or sent updates. If ACL is zero then no ACL is used. Can be used to filter updates by adding infinite offset (16). Route is not even added to database, it is dropped. Offset is added to ALL advertised routes, regardless if they are redistributed or originated by RIP.

Neighbors:

  • No Neighbor relationship and No Hello
  • [(IF) ip rip send version 1] Default is to send only RIPv2 messages but listens to v1 and v2. If v1 or v2 is manually defined in (RTR), only this version is sent and received on all interfaces, regardless of per-interface configuration.
  •  [(RTR)neighbor <ip>] sends unicasts updates to specified peer. Used in conjunction with [(RTR)passive-interface] on broadcast interface as the command does not suppress sending mcast/bcast updates, and peer will receive double updates
  • [(IF)ip rip v2-broadcast] suppresses mcast messages and sends bcast
  • V1: UDP/520 sent to broadcast (255.255.255.255)
  • V2: UDP/520 sent to 224.0.0.9

Timers:

  • Update 30 sec: RIP_JITTER  is a random variable used by CISCO IOS that subtracts up to 15 percent (4.5 seconds) from the update time.  Therefore, updates vary between 25.5 and 30 seconds.
  • Invalid 180 sec: Route becomes invalid if no updates for it are heard. Route is marked inaccessible and advertised as unreachable but router still uses it to forward packets.
  • Holddown 180 sec: If route metric changes, do not accept new sources of updates until this timer expires. This timer is CISCO specific and not part of the RFC.
  • Flush(garbage) 240 sec: Route is removed if timer expires. Starts with invalid timer
  • [timers basic <update> <invalid> <hold> <flush> <sleep ms> ] sleep delays regular periodic update after receiving a triggered update
  • [Flash-update threshold <sec>] if this amount of time is left before a full update, triggered update is suppressed
  • [output-delay <sec>] if multiple packets are sent, wait this time between packets

Summary:

  • Auto summarization is enabled by default. It must be disable with [no auto-summary]
  • Only one summary for each major network number is possible per interface. More specific summaries are ignored.
  • [(IF) ip summary-address rip <ip> <mask>] advertised with lowest hop-count from more specific networks. *make sure split horizon  is DISABLED on the interface [(IF)no ip split-horizon], also auto-summary DOES NOT override  this command if split horizon is DISABLED and ip summary-address and the interface IP address share the same major network
  • If the summary-address and interface IP share the same major network and split-horizon is DISABLED, auto summary does not override summary address
  • Summary cannot exceed major network number. Ex. 192.168.0.0 255.255.0.0 is not allowed, as major network boundary is /24
  • Does NOT generate Null0 route. You cannot leak more specific routes with more specific summaries like in ospf or eigrp. Static route and redistribution is required.

Default route:

  • [default-information originate %route-map <name>%] Injects 0.0.0.0 even if no static 0.0.0.0 exists in routing table (you wont see * in local routing table).
  • [ip default-network <major network>] Advertises 0.0.0.0 as a default network (can see * in local routing table). The network must be a major network which is locally connected.
  • [ip route 0.0.0.0 0.0.0.0 null0] default can be injected either with [(RTR)redistribute static] or [(RTR)network 0.0.0.0] Neighbor routers set advertising router as Gateway of last resort
  • Default is also automatically sent to peers if it’s redistributed from other protocols

Security:

  • [(IF)ip rip authentication mode {text | md5 }]
  • [(IF)ip rip authentication key-chain <name>]
  • If Plain text authentication is used key numbers can be different on both sides. But with MD5, key numbers are exchanged. If they key number received is lower it is accepted, but it’s higher then the update is dropped
  • With authentication, maximum number of updates is 24

Filtering:

  • Routes are always added to database. It is filtered when population into the route table, except routes with infinite metric, which are not even added to the database (see Metric – Offset list).
  • [(RTR)distribute-list <acl> {in | out } <IF>] Filter updates using ACL
  • [(RTR)distribute-list gateway <prefix>  {in | out } <F> ] Filter updates from specific sources only. Prefix list must be used to define source list, not ACL.
  • [passive interface <IF>] disable sending updates, but still receives updates. To filter inbound updates distribute-list must be used.

Updates:

  • [(RTR)network <ip>] must always be in classful form or IOS will convert automatically, advertises connected
  • Triggered updates does not cause the receiving router to reset its update timer
  • Each update can contain up to 25 routes (20 bytes each)
  • [no validate-update-source] RIP checks source updates, this is performed for unnumbered IP interface.
  • A next-hop address of 0.0.0.0 specifies the originator of a response message
  • [(IF)ip rip triggered] enables the triggered extensions of RIP. Periodic updates are suppressed. MUST be configured BOTH sides.
  • When redistributing from a classless routing protocol into a classful routing protocol, only subnets whose masks match the interface are advertised outbound to peers on that interface.
  • [(RTR)input-queue <#>] Changes RIP internal queue packets, default is 50.

Split-horizon:

  • [(IF) {no} ip split-horizon] If enabled on interface neither auto summary nor summary-address from interface is advertised
  • ENABLED on multipoint sub-int, but DISABLED on physical multipoint interface
  • If DISABLED, V1 and V2 can interoperate on the same interface

Symbols Legend:

[ ] = command

<> = input

% % = optional

{  } = available options separated by |

(RTR) = router rip

(IF) = interface <interface name> x/x , for example: interface fastethernet0/0

Thank you to Krzysztof Zaleski for his notes.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s