Send document comments to nexus7k-docfeedback@cisco.com.
12-2
Cisco Nexus 7000 Series NX-OS Unicast Routing Configuration Guide, Release 4.x
OL-20002-02
Chapter 12 Configuring RIP
Information About RIP
RIP Overview
RIP uses User Datagram Protocol (UDP) data packets to exchange routing information in small
internetworks. RIPv2 supports IPv4. RIPv2 uses an optional authentication feature supported by the
RIPv2 protocol (see the “RIPv2 Authentication” section on page 12-2).
Note Cisco NX-OS does not support IPv6 for RIP.
RIP uses the following two message types:
• Request—Sent to the multicast address 224.0.0.9 to request route updates from other RIP-enabled
routers.
• Response—Sent every 30 seconds by default (see the “Verifying RIP Configuration” section on
page 12-17). The router also sends response messages after it receives a Request message. The
response message contains the entire RIP route table. RIP sends multiple response packets for a
request if the RIP routing table cannot fit in one response packet.
RIP uses a hop count for the routing metric. The hop count is the number of routers that a packet can
traverse before reaching its destination. A directly connected network has a metric of 1; an unreachable
network has a metric of 16. This small range of metrics makes RIP an unsuitable routing protocol for
large networks.
RIPv2 Authentication
You can configure authentication on RIP messages to prevent unauthorized or invalid routing updates in
your network. Cisco NX-OS supports a simple password or an MD5 authentication digest.
You can configure the RIP authentication per interface by using key-chain management for the
authentication keys. Key-chain management allows you to control changes to the authentication keys
used by an MD5 authentication digest or simple text password authentication. See the Cisco Nexus 7000
Series NX-OS Security Configuration Guide, Release 4.x for more details about creating key-chains.
To use an MD5 authentication digest, you configure a password that is shared at the local router and all
remote RIP neighbors. Cisco NX-OS creates an MD5 one-way message digest based on the message
itself and the encrypted password and sends this digest with the RIP message (Request or Response).
The receiving RIP neighbor validates the digest by using the same encrypted password. If the message
has not changed, the calculation is identical and the RIP message is considered valid.
An MD5 authentication digest also includes a sequence number with each RIP message to ensure that
no message is replayed in the network.
Split Horizon
You can use split horizon to ensure that RIP never advertises a route out of the interface where it was
learned.
Split horizon is a method that controls the sending of RIP update and query packets. When you enable
split horizon on an interface, Cisco NX-OS does not send update packets for destinations that were
learned from this interface. Controlling update packets in this manner reduces the possibility of routing
loops.
To Next Page
Loading...
