Professional Documents
Culture Documents
• Operation of RIPv2
• Configuring RIPv2
• Troubleshooting RIPv2
www.Taleem.greatnow.com
1
RIPV2
• It is RIPv1 with some extensions to bring it more up-to-date
with modern routing environments. These extensions are:
1. Subnet masks carried with each route entry
2. Authentication of routing updates
3. Next-hop addresses carried with each route entry
4. External route tags
5. Multicast route updates
• The most important of these extensions is the addition of a
Subnet Mask field to the routing update entries, enabling
the use of variable-length subnet masks and qualifying
RIPv2 as a classless routing protocol.
www.Taleem.greatnow.com
2
Operation of RIPv2
• All of the operational procedures, timers, and stability
functions of RIPv1 remain the same in version 2, with the
exception of the broadcast updates. RIPv2 multicasts
updates to other RIPv2-speaking routers, using the reserved
class D address 224.0.0.9.
• When a router performs classless route lookups, it does not
pay attention to the class of the destination address. Instead,
it performs a bit-by-bit best match between the destination
address and all its known routes.
• The true defining characteristic of classless routing
protocols is the capability to carry subnet masks in their
route advertisements. Classless routing protocols enable the
use of variable-length subnet masking.
www.Taleem.greatnow.com
3
Compatibility With RIP1
www.Taleem.greatnow.com
4
Compatibility With RIP1
www.Taleem.greatnow.com
5
Variable-Length Subnet Masking
www.Taleem.greatnow.com
6
Variable-Length Subnet Masking
• With VLSM the widely varying host address requirements of the
internetwork of Figure 7.4 can be met using a class C network address.
Table 7.1 shows the subnets and the address ranges available within each.
• VLSM can be thoughts of as sub-subnetting.
www.Taleem.greatnow.com
7
Variable-Length Subnet Masking
•VLSM allows each of these PVCs to be configured as a
separate subnet without wasting host addresses.
www.Taleem.greatnow.com
8
Variable-Length Subnet Masking
www.Taleem.greatnow.com
10
Case Study: Compatibility with RIPv1
e0 e1
e2
www.Taleem.greatnow.com
11
Case Study: Compatibility with RIPv1
• interface Ethernet0
• ip address 192.168.50.129 255.255.255.192
• ip rip send version 1
• ip rip receive version 1
• !
• interface Ethernet1
• ip address 172.25.150.193 255.255.255.240
• ip rip send version 1 2
• !
• interface Ethernet2
• ip address 172.25.150.225 255.255.255.240
• !
• router rip
• version 2
• network 172.25.0.0
• network 192.168.50.0
www.Taleem.greatnow.com
12
Case Study: Using VLSM
• Referring again to (Previous Slide), the subnet 172.25.150.0/24 has been
assigned to the internet shown. That subnet has been further subnetted to fit
the various data links by expanding the mask to 28 bits; the available sub-
subnets, in binary and dotted decimal, are shown below. Each of the subnets
will have, according to the 2n – 2 formula, 14 host addresses. Out of these,
172.25.150.32, 172.25.150.192, and 172.25.150.224 have been used.
www.Taleem.greatnow.com
13
Case Study: Using VLSM
www.Taleem.greatnow.com
15
Case Study: Discontiguous Subnets
& Classless Routing
www.Taleem.greatnow.com
17
Case Study: Discontiguous Subnets
& Classless Routing
!
router rip
version 2
network 172.25.0.0
network 192.168.50.0
no auto-summary
Isleta, Jemez, and Tesuque will have similar configurations. Summarization
must also be turned off at Taos and at Acoma. Recall from Figure (case study
Compatibility with RIPv1) that Laguna was running RIPv1. For this
configuration to work, it must be changed to version 2.
www.Taleem.greatnow.com
18
Case Study: Authentication
Cisco's implementation of RIPv2 message authentication includes the choice of
simple password or MD5 authentication, and the option of defining multiple
keys, or passwords, on a "key chain." The router may then be configured to use
different keys at different times
In the following example, a key chain named Tewa is configured at Taos. Key 1,
the only key on the chain, has a password of Kachina; interface E0 then uses the
key, with MD5 authentication, to validate updates from Laguna.
The steps for setting up RIPv2 authentication follow.
1. Define a key chain with a name.
2. Define the key or keys on the key chain.
3. Enable authentication on an interface and specify the key chain to be used.
4. Specify whether the interface will use clear text or MD5 authentication.
5. Optionally configure key management..
www.Taleem.greatnow.com
19
Case Study: Authentication
Taos(config)#key chain Tewa
Taos(config-keychain)#key 1
Taos(config-keychain-key)#key-string Kachina
Taos(config-keychain-key)#interface ethernet 0
Taos(config-if)#ip rip authentication key-chain Tewa
Taos(config-if)#ip rip authentication mode md5
Key management is used to migrate from one authentication key to another. In
the following example, Laguna is configured to begin using the first key at 4:30
p.m. on November 28, 1997, for 12 hours (43200 seconds). The second key
becomes valid at 4:00 a.m. on November 29, 1997, and will be used until 1:00
p.m. on April 15, 1998. The third key becomes valid at 12:30 p.m. on April 15,
1998, and will remain valid permanently after that.
www.Taleem.greatnow.com
20
Case Study: Authentication
key chain Keres
key 1
key-string Kachina
accept-lifetime 16:30:00 Nov 28 1997 duration 43200
send-lifetime 16:30:00 Nov 28 1997 duration 43200
key 2
key-string Kiva
accept-lifetime 04:00:00 Nov 29 1997 13:00:00 Apr 15
1998
send-lifetime 04:00:00 Nov 29 1997 13:00:00 Apr 15
1998
key 3
key-string Koshare www.Taleem.greatnow.com
21
Case Study: Authentication
accept-lifetime 12:30:00 Apr 15 1998 infinite
send-lifetime 12:30:00 Apr 15 1998 infinite
!
interface Ethernet0
ip address 198.168.50.130 255.255.255.192
ip rip authentication key-chain Keres
ip rip authentication mode md5
www.Taleem.greatnow.com
22
Troubleshooting RIPv2
• Two configuration problems common to RIPv2 are mismatched
versions and misconfigured authentication. Both difficulties are easy
to discover with debugging
www.Taleem.greatnow.com
23
Case Study: Misconfigured VLSM
• Host C in Figure (next slide) cannot communicate across the
internetwork, and it cannot even ping the other hosts or routers on the
local data link. Hosts A and B have no communications problems with
each other or with any other host across the internetwork, but they
cannot communicate with C. All hosts are configured to use
172.19.35.1 as the default gateway address.
• When host B pings host C, the first ping is successful and
subsequent pings fail.
www.Taleem.greatnow.com
24
Case Study: Misconfigured VLSM
www.Taleem.greatnow.com
25
Case Study: Misconfigured VLSM
• Host C's ARP cache shows the correct MAC address
associated with all addresses.
www.Taleem.greatnow.com
26
Case Study: Misconfigured VLSM
• Host B's ARP cache shows that C's IP address is mapped
to the MAC address of San_Felipe's interface 172.19.35.2.
www.Taleem.greatnow.com
27
Case Study: Misconfigured VLSM
• The ping results begin to make sense. B broadcasts an ARP Request
for 172.19.35.72. C sends an ARP Reply, and B sends its first ping
correctly. In the meantime, San_Felipe has received the ARP Request
• and apparently believes that it has a route to 172.19.35.72. It responds
with a proxy ARP (later than C because it has to perform a route
lookup first), which causes B to overwrite C's MAC address.
• Subsequent Echo Request packets are sent to San_Felipe, where they
are routed off the local data link and lost. A protocol analyzer attached
to the Ethernet proves the point (Figure 7.24).
www.Taleem.greatnow.com
28
Case Study: Misconfigured VLSM
• A protocol analyzer, filtering for ARP packets, shows B's
ARP request to C and replies from both host C
(00a0.24a8.a1a5) and router San_Felipe (0000.0c0a.2aa9).
www.Taleem.greatnow.com
29
Case Study: Misconfigured VLSM
• C's IP addresses with subnet bits of the last octet highlighted.
www.Taleem.greatnow.com
30
Case Study: Misconfigured VLSM
• san_fellipe has routes to both 172.19.35.0/25 and to
172.19.35.64/27;the second route is a better match of host
c's address than is the first route.
www.Taleem.greatnow.com
31
Case Study: Misconfigured VLSM
A 27-bit subnet mask is applied to subnet 172.19.35.0.
www.Taleem.greatnow.com
32