Open in app

Sign in

Write

Sign in

My journey to CCIE RS — RIP 2

Giuliano Barros
TechRebels
6 min readJan 21, 2021

--

Hi friends, we continue with the fourth topic in the series about RIP. with information and observations that I considered important when working with Routing and Switching.

I hope this information will help in the day by day of other people (like me) when dealing with Cisco infrastructure.

For those who have not read the previous articles, follow below a list with them. Today we explore the “RIP” part 2.

Feel free to comment and contact me on LinkedIn. If you liked what you read, I encourage you to share it with colleagues in the industry. Don’t forget to follow TechRebels and me by clicking the follow link on the top :)

RIP Metrics

  • RIP uses hop-count metrics, as 1 hop per interface.
  • 16 hops means infinite (so maximum is 15)(4 bits = 0 to 15)
  • RIP increases the metric when the router propagates prefixes outbound.

Offset-list is the way for RIP to change the route metrics. Can be used Inbound or Outbound, globally or by prefix. Offset-list has 2 main functions:

  • “Traffic engineering”, manipulating paths that traffic should take.
  • Filter prefixes exceeding 15 hops (16 = infinite).

NOTE: If a router receives a route with 15 hops, it will use the route but will propagate it with 16 (infinity).

NOTE: “Transient loops” are temporary failures due to “disagreements” among routers. You know that period that we hope to converge and the metrics keep changing?

Offset-list uses standard ACL. Therefore, RIP cannot distinguish the same prefixes but with different size masks because the process only matches the address part, not the mask.

When manipulating routes, the suggestion is always use prefix-list (and not ACL), because prefix-list matches the prefix and mask at the same time.

RIP Authentication

RIP supports clear text or MD5 authentication.

NOTE: Note the difference between Authentication and Encryption.

  • Authentication is used to validate whether the payload information came from the correct neighbor.
  • Encryption is used to encrypt the payload on the transit path.

RIP and EIGRP use a Key Chain system, allowing multiple passwords to be used between neighbors, provided the same “key number” between neighbors.

RIP ignores updates received with invalid authentication. In this case, neither the debug prefixes nor the “invalid authentication” appear.

NOTE: Be careful when using question mark (?) when setting a password because “space” is a character. So always check key-chain after implementing:

  • <sh key chain>
  • <sh run | if key chain> and highlight the password to check for spaces

Summarization

At least one subnet must be in the RIB database.

It is not possible to summarize beyond the major network. So, if you try to summarize different major networks, it doesn’t help. A workaround for this limitation is to create a static route for the summary pointing to NULL 0 and redistribute it in the RIP.

A good way to test the summary is to check the routing table to see if the destination to be summarized points to the summary. Ex: <sh ip route x.x.x.x> -> shows that the path is through the summary.

Best practice: Always have a route equal to the summary you are posting pointing to NULL, to avoid routing loops. Loop ex: specific route -> summary -> default route -> specific route (back) ->…

Inbound Route Filtering

It can be accomplished through:

  • Distribute-list using:
  • — standard ACL
  • — Extended ACL — in this case, the “origin” is the origin of the update (neighbor) and the “destination” is the route prefix (address).
  • — Prefix-list
  • Offset-list — using metric 16 (infinity)
  • Administrative Distance
  • — DA 255 is infinite
  • — Can be by prefix and neighbor

Prefix-list examples

  • <128.0.0.0/2 ge 16 le 16> — all class B routes (/ 16)
  • <192.0.0.0/3 ge 24 le 24> — all class C routes (/ 24)
  • <128.0.0.0/2 le 32> — any class B subnet
  • <0.0.0.0/0 ge 32> — any host route
  • <224.0.0.0/4 le 32> — any multicast route

Always use prefix-list when working and manipulating routing where the objective is to match routes (control plane).

Standard or extended ACLs are used to filter traffic flow (data plane).

Distribute-list:

  • With standard ACL it only matches the prefix (not the mask).
  • With extended ACL it works differently for BGPs and IGPs:
  • — For BGP, origin means “prefix” and destination means “mask”.
  • — For IGP, the “origin” is the neighbor it came from (called “route source”) and the “destination” is the route prefix (address).

In the <sh ip route x.x.x.x> output, we can see that for RIP the “next-hop” is the same as “route source”. For the other protocols, these two fields can be different through the “Routing Descriptor Block”:

“A.A.A.A; from B.B.B.B ”

  • A.A.A.A = next-hop
  • B.B.B.B = route-source

NOTE: The route-source is the “router ID” of the IGP protocols.

NOTE: Whenever creating ACL, prefix-list or anything that is identified with NAME or NUMBER, check before creating and avoid overwriting any configuration already created.

Distribute-list using prefix-list has a specific option to define the prefix and the “route-source” and can be IN or OUT.

Another option is to change the AD to 255 (infinity) for a specific neighbor.

RIP has a serious limitation for handling VLSM routes.

Default Routing

Default-network was developed for IGRP. It can be used with IGP protocols pointing to a classful network that is not directly connected. But there are simpler solutions.

<default-Information originate> uses default route !!!

NOTE: 169.254.0.X is considered a link-local address for IPV4 and therefore is non-routable. Great address to use as a “placeholder”. Ex:

<ip route 169.254.0.1 255.255.255.255 NULL 0>

Conditional Advertisement (Reliable): <default-information originate> can be adjusted with route-map to perform conditional advertisement specifying the interfaces for which to advertise and/or base on the availability of some prefix. In this case, we can add tracking, ensuring end-to-end reliability when propagating the default route. Check this combo:

  • IP SLA -> tracking -> Static Route (placeholder) -> prefix-list -> Route-map -> Default-information originate… phew!

If you understand the sequence of the facts, it is great! It is also very interesting to use the output of all related commands to explain:

  • sh run | in sla | track | route-map | prefix | static | default | router rip

NOTE: A negative point of this whole workaround is that the convergence time is obviously still longer than a dynamic protocol.

IP RIP Triggered

RIP supports suppression of periodic updates (similar to the “OSPF demand circuit”) originally created for dial-up lines. In this case, updates are sent if changes occur.

Source Validation

By default, RIP updates are only accepted when they come from neighbors on the same subnet as the interface they received. Therefore neighbors with different subnets on the same link do not exchange updates (“ignored update from a bad source”).

NOTE: Source-validation does not work with “unnumbered” interfaces because the functionality is disabled.

Show commands for RIP

  • sh ip int bri | ex una
  • sh ip route rip
  • sh ip rip data
  • sh ip prot
  • sh key chain

Does this RIP content help you in day-by-day tasks?

Is it missing something important?

Tell me in the comments.

If you like this content, please share. Don’t forget to follow me and TechRebels by clicking “follow” down below :)

About the author:

Giuliano Barros is Network Specialist at PS Network Experts.

Gratuated in Computer Science, CCIE certified by Cisco Systems and work for +15 years with projects for medium and big size companies.

linkedin.com/in/giulianobarros

Cisco
English
Routing And Switching
RIP
Routing

--

--

Giuliano Barros
TechRebels

Written by Giuliano Barros

609 Followers
Editor for

DevOps Network Engineer | CCIE RS #49619 | Cisco Champion | Blogger

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams