In this post i'm going to describe how to configure RIP as a routing protocol. I'll be using the network layout as shown below.
Router 1 (R1)
FastEthernet 0/0 - 192.168.1.1/24
loopback 0 - 172.16.10.0/24
Router 2 (R2)
FastEthernet 0/0 - 192.168.1.2/24
FastEthernet 1/0 - 192.168.2.1/24
Router 3 (R3)
FastEthernet 0/0 - 192.168.2.2/24
About RIP
First a bit about RIP. RIP is a distance vector dynamic routing protocol. That means it populates its routing table based on the routing updates its recieves from it's neighbors and it calculates the best path based on distance (or hops).
RIP comes in 2 versions, version 1 and version 2. RIP V1 has been around since the late 60's, is classless meaning it doesnt send subnet information, it has no authentication and it works by broadcasting the routes it knows about every 30 seconds. RIP V2 is classfull, supports authentication and uses multicast (224.0.0.9). RIP is non-proprietry so it is supported on a range of equipment and not just cisco. RIP (V1 and V2) both have an administrative distance of 120.
Configuring RIP
Okay, now the fun part. I'll be setting up RIP V2 in this post.
The way RIP works is I enable it on my router, tell it to use version 2, and tell it what networks to advertise.
To start with lets see what routes R1 knows already:
R1#show ip route
C 172.16.10.0 is directly connected, Loopback0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
Okay, so it knows about the directly connrected routes. What about R3?
R3#show ip route
C 192.168.2.0/24 is directly connected, FastEthernet0/0
Great. No chance of pinging the 172.16.10.1 interface on R1 then. For this pinging business to be sucessfull I need to enable RIP V2 on all the routers. I then need to list all the networks that each router knows about. Like this.
Router 1 (R1)
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 192.168.1.0 255.255.255.0
R1(config-router)#network 172.16.10.0 255.255.255.0
Router 2 (R2)
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 192.168.1.0 255.255.255.0
R2(config-router)#network 192.168.2.0 255.255.255.0
Router 3 (R3)
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 192.168.2.0 255.255.255.0
Great. Now i'll check R3 routing table.
R3#show ip route
Gateway of last resort is not set
R 172.16.0.0/16 [120/1] via 192.168.2.1, 00:00:17, FastEthernet0/0
R 192.168.1.0/24 [120/1] via 192.168.2.1, 00:00:17, FastEthernet0/0
C 192.168.2.0/24 is directly connected, FastEthernet0/0
Brilliant. I can now see the routes to 172.16.0.0 network. And can I ping it?
R3#ping 172.16.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/72/92 ms
So remember, you have to tell the router which networks you want to advertise and if you dont list the network which an interface is configured for, RIP won't advertise out of that interface.
Lastly in this section I will cover how to turn off RIP propogating out of an Interface. This could be because you have RIP enabled but on of your interfaces is connected to a untrusted network for example. To prevent the propogation you wolud make the interface passive. You will still recieve RIP updates onthe interface bt will not send them.
In the example below I'll prevent Router 2 from sending updates to Router 3.
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#network 192.168.1.0 255.255.255.0
R2(config-router)#network 192.168.2.0 255.255.255.0
R2(config-router)#passive-interface fastethernet 1/0
Configuring Authentication
Below I am going to configure authentication on my RIP updates. What I noticed in my lab was as soon as I set this up on a router the remote routers lost all routes until they too were configured for authentication. So it seems that this is an all or nothing thing.
Below I enter global config mode, create a keychain called homelab, a key, and I give the key a password of cisco.
R1#configure terminal
R1(config)#key chain homelab
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string cisco
Now I enter the interface configuration and, tell it what key chain I'm using and tell it to use MD5. This has to be done on each interface that RIP will be sent or received on. Also, each neighboring router needs to use the same key (cisco) as set up in the steps above.
R1#configure terminal
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip rip authentication key-chain homelab
R1(config-if)#ip rip authentication mode md5
R1(config-if)#end
Running a show ip protocols lists what the router knows about the authentication you have configured.
R2#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 3 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2 homelab
FastEthernet1/0 2 2 homelab
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
172.16.0.0
192.168.1.0
192.168.2.0
Routing Information Sources:
Gateway Distance Last Update
192.168.2.2 120 00:08:39
192.168.1.1 120 00:00:03
Distance: (default is 120)
Troubleshooting RIP
The commands that I have found useful in helping to troubleshoot RIP are:
R1#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 25 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
FastEthernet0/0 2 2
Loopback0 2 2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
172.16.0.0
192.168.1.0
Routing Information Sources:
Gateway Distance Last Update
192.168.1.2 120 00:00:20
Distance: (default is 120)
In the output above there are a bunch of timers (Update, Invalid, Holddown and Flush). These need to be the same on each router.
R2#show ip rip database
172.16.0.0/16 auto-summary
172.16.0.0/16
[1] via 192.168.1.1, 00:00:00, FastEthernet0/0
192.168.1.0/24 auto-summary
192.168.1.0/24 directly connected, FastEthernet0/0
192.168.2.0/24 auto-summary
192.168.2.0/24 directly connected, FastEthernet1/0
R2#show ip route rip
R 172.16.0.0/16 [120/1] via 192.168.1.1, 00:00:16, FastEthernet0/0
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
R 172.16.0.0/16 [120/1] via 192.168.1.1, 00:00:02, FastEthernet0/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
C 192.168.2.0/24 is directly connected, FastEthernet1/0
R2#debug ip rip events
RIP event debugging is on
R2#
01:30:43: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (192.168.1.2)
01:30:43: RIP: Update contains 1 routes
01:30:43: RIP: Update queued
01:30:43: RIP: Update sent via FastEthernet0/0
The command above will turn on debugging for RIP updates.
Okay. That's about all I have on RIP.
