- Routing Information Protocol
- Timers
- Classful routing
- Trigger update
- Split horizon
- Route poison
- Trigger extension
- Update request
- RIP format
- Redistribution
- Extended ACL
- CLI
Routing Information Protocol
- UDP 520, CS6
- 224.0.0.9, 0100.5e00.0009
- AD = 120
- if AD is changed to a worse value, routes with old AD would remain in RIB until timeout expires
- metric – hop count
- no dependency on the link
- max = 15 (16 ≡ unreachable)
- increased by sender (although according to RFC – receiver)
- versions
- v1
- classful (mask is not included in Update)
- bcast
- v2
- classless, VLSM
- mcast
- autosummary, manual summary
- authentication
- v1
- quick convergence on prefix addition, slow – on prefix removal
- cannot aggregate to supernets
- Update message source IP
- split-horizon enabled: primary IP only
- split-horizon disabled:
- network 0.0.0.0: every IP from the same major subnet as primary
- major network specfied explicitly: primary and enabled secondary IP
Timers
- update
- 30s by default
- whole RIP DB is sent
- resets flash and dead
- jitter 15% to avoid synchronization
- dead
- 180s default
- preserving neighbour’s prefixes
- on expiry route cannot be trusted, must be deleted: metric → 16
- per route
- hold
- 180s default
- started after dead, freezes prefix with metric = 16 in RIB
- remove freeze:
- neighbour that issued Update initially
- better metric than initial
- Cisco proprietary
- per route
- flash
- 240s default
- remove prefix from RIB
- started after Update, checked only after dead expiration
- per route
Classful routing
- subnet mask is deduced from connected subnet from the same major subnet
- when Update crosses classful boundary – natural auto-summary to major subnet
- secondary IP can stitch segments
- router searches major subnet first, then looks for subnet within ⇒ 0.0.0.0/0 cannot be used
Trigger update
- send Update immediately after prefix is active or Update is received (do not wait update timer to expire)
- does not reset update timer
- only new prefixes are sent
- when interface is first enabled
- send RIP request
- neighbours respond with unicast Update
- random delay between Update messages ∈ [1s; 5s]
Split horizon
- do not send prefix in Update if received through the same interface
- no effect if two Updates from different interfaces are received
- disabled by default on physical FR interface
Poison reverse
- send prefix towards next-hop with metric = 16
- not implemented in IOS
Count-to-infinity
- solved by split horizon
Route poison
- network disappears → send Update with metric = 16 ≡ neighbour can remove prefix from RIB immediately
- removes prefix from RIB; prefix remains in RIP DB as invalid till flush expires
- does not trigger holddown state
Trigger extension
- update:
- not periodic
- when link is up
- new information is available
- neighbour is alive ≡ channel is up; failure detection ≡ physical level failure
- send regular Updates until neighbourship is set
- messages
- Update request
- request all available routes
- every 5s until acknowledged
- Update response
- reply to Update request
- send new Update
- every 5s until acknowledged
- contains sequence number
- first Response sets Flush flag ≡ clean up stale routes through this router
- Update acknowledge
- acknoledge response using sequence number
- Update request
(config-if)# ip rip triggered
Update request
- types
- request full RIB
- AFI = 0, address = 0.0.0.0, metric = 16
- response is unicast, subject to split-horizon and summarization
- request partial RIB
- lists specific RTE to refresh
- split-horizon and summarization have no effect
- request full RIB
- if received from not UDP 520, then must respond (exception – passive interface) – silent hosts behaviour
RIP format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Command | Version | 0x0000 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
| AFI | 0x0000 (v1) / Route tag (v2) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| IP network | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
| 0x0000 (v1) / Subnet mask (v2) | > RTE
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / max 25 per packet
| 0x0000 (v1) / Next hop (v2) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| Metric | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
Command:
- 1: request
- 2: response
- 9: Update request
- 10: Update response
- 11: Update acknowledge
- 255: authC (Version = 255)
AFI:
- 2: IP
Simple authentication RTE
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0xFFFF | Authentication type (0x0002) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Password |
| (zero-padded) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This RTE must be the first one.
Uses first key in keychain, IDs are not transmitted
MD5 authentication RTE
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
| 0xFFFF | Authentication type (0x0003) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| RIPv2 Packet Length | Key ID | Auth Data Len | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
| Sequence number | > first RTE
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ /
| 0x00 | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| 0x00 | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
\ \
/ Up to 23 RTE /
\ \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
| 0xFFFF | Authentication type (0x0001) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | \
| Authentication Data | > last RTE
| | /
| | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+
Key IDs must match, lower key ID is preferred
Redistribution
R2 receives BGP Update and redistributes it into RIP. Next-hop is in the same subnet where RIP Update is sent to → R2 sets next-hop as .3 instead of 0.0.0.0.
If static is redistributed, split-horizon must be disabled
Extended ACL
- filtering: match on source + prefix
- redistribution: match on prefix + mask
CLI
IOS
; announce 0.0.0.0/0 if RIB has prefixes from RMAP
(config-router)# default-information originate [route-map <RMAP>]
; adds metric to egress/ingress Update
(config-router)# offset-list <ACL> in|out <OFFSET> <INTF>
; supresses egress mcast Update, no effect on ingress or unicast Update
(config-router)# passive-interface <INTF>
; sends unicast Update in addition to mcast, even through passive-interface
(config-router)# neighbor <IP>
; 0 by default, delay between packets of a single Update
(config-router)# output-delay <ms>
; default: 1 egress, 1&2 ingress
; specifying version sets it for both ingress and egress
(config-router)# version 1|2
; metric = MED (MED equals IGP metric by default)
(config-router)# redistribute bgp <ASN> metric transparent
(config)# key chain <CHAIN>
(config-keychain)# key <ID>
(config-keychain-key)# key-string <PASSWORD>
(config-if)# ip rip authentication mode text|md5
; ID and PASS must match, first valid key is selected
(config-if)# ip rip authentication key-chain <CHAIN>
; v1 considers mask for the Update to be equal to interface mask
(config-if)# ip rip send|receive version <N>