Ccnp-rip Summary

1.rip:routing Information Protocol

2. Belong to IGP (internal Gateway routing protocol) belongs to DV (distance vector routing protocol)

3.RIPV1 has a class of routing protocol has been basically no use

RIPv2 non-class routing protocol supports VLSM, but does not support CIDR

RIPng RIP in IPV6 environment

The 4.RIP works on the seven layer of the OSI, is an application-layer protocol, encapsulated based on UDP, using port number UDP 520

5.RIP two versions, both support triggered updates and periodic updates (30s updates)

6. Message type:

Request message: When a router is configured to run the RIP protocol, the RIP process is enabled, the requests message is sent through the interface that is declared into the RIP process, to the other routers in the domain that are already running the RIP protocol, requesting the routing table

When a router running the RIP protocol receives a request message sent by another router, it sends a copy of its own routing table to the router immediately.

Update message: Updates the message, passes the routing entry, periodically updates every 30 seconds

7.RIP only based on hop number (hop) to do routing, without regard to bandwidth, delay and other factors that really affect the network

8. The early iOS version only supports load balancing of up to six links, but the new version of iOS can support up to 16 links for load balancing, and by default only four path equivalent load balancing is supported

Anti-ring mechanism: Horizontal segmentation, when the router through an interface received a neighbor passed over a route, no longer the route entry through this interface sent out.

Some timers in 9.RIP

Update (updated timer): 30 seconds;

Timeout Timer (the expiration time of the routing entry in the routing table): 180 seconds, six times times the update time, if a router in 180 seconds, did not receive the neighbor passed over a route entry of the update message, then this route entry is invalid, is set to possiblly down in the routing table

Holddown Timer (suppression timer): 180 seconds, the function of this timer is that when the router receives a route entry, and the route in the routing table with the number of hops of the route entry, the router ignores the number of inconsistent routing updates passed by the neighbor. This route entry is set to possiblly down and a holddown timer is turned on for this route entry, and within 180 seconds, if the neighbor does not send a route entry that does not have a consistent hop count for the router, the route entry is removed directly from the routing table. If the router continues to receive a route entry with inconsistent hops passed by the neighbor, it will continue to accept routing information passed by the neighbor about the route entry after the suppression timer expires, primarily for the anti-ring mechanism

Flush timer (Refresh timer): 240 seconds, one router if you do not receive update information about a route entry within 240 seconds, the route entry is deleted directly from the routing table

10.ripv1 and RIPv2 Two versions of the difference

RIPV1 is a class routing protocol, RIPV2 is a class-free routing protocol

RIPV1 only support automatic summarization, RIPv2 that support automatic summary, also support manual summary;

RIPV1 broadcast Update, RIPV2 multicast update (but can use IP rip v2-broadcast on interfaces to enable RIPv2 broadcast updates), 224.0.0.9;

RIPV1 does not support certification, RIPV2 support certification, Cisco devices that support clear text authentication, but also support ciphertext certification, other manufacturers of equipment only support clear-text authentication;

11.RIP Basic Configuration

Router RIP If you use this command only, by default the RIPV1 is turned on, only V1 messages can be sent, only the V1 version of the message can be received.

Version 2 If you use this command, you can only send V2 messages and only accept V2 messages

No auto-summary off auto-summary, mainly for the network of discontinuous subnets, V1 can use this command, but does not work, in show run is not see the command

Network network-number announcement Direct Connect network segment

12. Experiment one, modify the RIP timer

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E3/wKiom1ggVLzzT4-IAAAtysEXtKk670.png "/>

Experimental topology as shown, complete the basic configuration of the device, interface IP address configuration, three routers are enabled RIPV2, turn off automatic summarization, and then view the routing table information on the three routers separately

R1 routing Table

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E0/wKioL1ggVLzR3I_DAAAKdlgDfiU089.png "/>

R2 routing Table

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E0/wKioL1ggVL3SOfI-AAAMA6Xy9qk832.png "/>

R3 routing Table

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E3/wKiom1ggVL7xPaidAAAL0TB4UjA092.png "/>

A summary of the routing configuration on the R1 can be viewed via show IP protocol, which can be modified by this command, which is no longer listed here

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E0/wKioL1ggVL6QWDU0AAAT5w-rB1Q885.png "/>

Modifying the R1 Timer

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E3/wKiom1ggVL6BX0dIAAACy5J0cZo691.png "/>

Modify the R1 four timers in the RIP process, respectively, for the update cycle 25 seconds, the failure timer 150 seconds, suppress the timer 150 seconds, refresh the timer 200 seconds

When the proposed modification, the failure timer, the suppression timer is modified to six times times the update period, the refresh timer is modified to eight times times the update period, and if the timer is modified, it is recommended that all the routers running RIP protocol in the domain are modified, it is not recommended to make modifications on only one router;

After the modification is complete, see if the modification was successful via show IP protocol

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E3/wKiom1ggVL_hbD0mAAAV11YTJWE528.png "/>

Through the visible, R1 's timer modified successfully, the same R2, R3 router is also modified by the above command, here is no longer detailed

Advanced Features of 13.RIP

(1) Auto-summary: When a router turns on auto-summarization, when a route entry is sent to a neighbor, first compares the prefix of the route entry to the IP address of the sending interface in the same main class network, and if it is not part of the main class network, sends the main class network of the routing entry directly to the neighbor. If the prefix of this route entry is in the same main class network as the IP address of the sending interface, the route entry is sent to the neighbor in detail, which is the automatic summarization;

Auto-Rollup To summarize local routes, or to summarize non-local routes passed by neighbors (if the neighbor turns off auto-summarization, it passes the detail route)

When RIPV1 is enabled, auto-summarization is turned on by default and cannot be turned off, RIPv2 turns on auto-summarization by default, but can be manually turned off by no auto-summary

In the above topology, we can turn on the automatic summarization of R2, according to the definition of automatic summary above, on R1 should be able to see R2 passed over the 2.0.0.0/8 main class network segment of the route entry, verify the following

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E0/wKioL1ggVL_AZhKPAAA2uSkE2_s786.png "/>

In order to verify that we can summarize the detailed route passed by the neighbor, we can turn R1 on auto Summary, and then observe the route R1 passed to R2 on the R2, whether the R3 Loop 3.0.0.0/8 network segment is automatically summarized, and verify the following

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E0/wKioL1ggVL_hBFJ0AAAqLnvilQs227.png "/>

(2) Manual Summary

RIPV2 Support Manual Summary, and RIPV1 does not support manual summary, only support automatic summary, manual summary is divided into process-level summary, that is, in a routing protocol process for manual summarization, link-level summary, that is, in the declaration route by the interface of the Protocol process manual summary, RIPV2 only support on the interface summary

is still the topology above, turn off automatic summarization on the three routers, and then enable loopback port 10,20,30 on R2. 40, the IP address is 172.16.8.1,172.16.9.1,172.16.10.1,172.16.11.1, if you need to manually summarize, you need to be configured on the R2 f0/0 interface as follows

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E3/wKiom1ggVMCgbmuVAAAESC9g88A501.png "/>

Announce 172.16.0.0/16 main class segment in RIP process at the same time

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E0/wKioL1ggVMDA3kXgAAAETaboYQc336.png "/>

Verify routing entries on R1

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E3/wKiom1ggVMDyQukfAAA0kZRw3VA020.png "/>

Summary routing failure, only after all the detail routes have disappeared, will cause the summary route to fail

Summary routing is the existence of a routed black hole, such as the above four sub-segments, if one or two of the network segments are shutdown, on the router is not able to summarize the route shutdown, will still be sent to the neighbors, resulting in the emergence of a routed black hole

If the above topology, for R2, 172.16.8.0-172.16.11.0 these four network segments, is not all R2 local network fault, where 8.0 is local 1 hops, 9.0 distance Local 2 hops, 10.0 distance local 3 hops, 11.0 distance local 4 hops, after manual summarization on R2, the hop count of 172.16.8.0/22 's summary route takes the minimum value 1;

Manual summary and automatic summary of the priority, automatic summary is higher than the manual summary, that is, when a route entry is manually summarized by the public, while the router also turned on automatic summarization, the router will send the routing table to the neighbor, the route entry in the form of automatic summary sent to the neighbor, No manually aggregated entries are sent

A router that enables auto-summarization, when it receives a detailed route that is passed by a neighbor (not enabled for auto-summarization), does not summarize it first, then exists in the routing table, but instead stores the detail route sent by the neighbor in the routing table, and then, when it needs to send routing updates to the neighbor, To check if this routing entry needs to be summarized, if necessary, to summarize, send after summary, if no rollup is required, send detail route directly

(3) Injecting default routes into RIP domains via border routers

The border router configures the default route ( specifying the send-out interface and the next hop ) to the ISP, and then, by redistributing the static routes in the RIP process, enables all routers in the RIP domain to learn the default route, which is generally applicable to the case where the border router has only one link to the ISP , with the above topology as an example, R2 connects the operator via the FA0/1 port

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E3/wKiom1ggVMGy9SrKAAAEB_fnaRo028.png "/>

The border router configures the default route ( only the send-out interface ) to the ISP while using the network 0.0.0.0 in the RIP process to advertise

The purpose of the Network 0.0.0.0 command is to announce the RIP process for all interfaces that are local to the router, and to pass the default route through the RIP process to the neighbor when the router is configured with a default route that only specifies the send-out interface.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E0/wKioL1ggVMHyz-qzAAAEDbggbPk909.png "/>

IP default-network main class network number

Note: The main class network number requirement must be the main class network number of the network segment where the boundary router and ISP interconnect. In the experiment, R2 and ISP are connected with the 24.1.1.0 network segment, which is located in the main class network is 24.0.0.0, so the command is followed by the 24.0.0.0, the command will not affect the routing table of the boundary router, but other routers in the domain will receive a default route learned through RIP

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E3/wKiom1ggVMHzDKQrAAACJOMdDcY234.png "/>

Default-information originate

Use the default-information originate command in the RIP process to send a default route to the downstream router, noting that the use of the command on the emulator may be a bug, that the RIP process needs to be removed, and then the RIP can be reconfigured

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E0/wKioL1ggVMLBm_M2AAADHTZJsY4868.png "/>

(4) Passive interface (passive interface)

On an interface that does not want to send RIP updates, this command enables RIP to no longer send RIP updates to the interface, but does not affect the sending of routing entries for the network segment on which the interface is located

When an interface is placed as a passive interface, it can either receive unicast updates, receive multicast updates, receive broadcast updates, send directions, not send multicast updates, or send broadcast updates, but can use the neighbor neighbor address in the RIP process to send a routing table in a single advertisement

For example, the loopback 0 interface of the R2 is placed as a passive interface and no routing updates are sent through loopback 0, but loopback 0 segment 2.2.2.0 can still be sent to other routers by the RIP process

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E3/wKiom1ggVMKTfcY9AAACfTEOpfE411.png "/>

(5) Unicast update

Generally used in frame relay environment, in order to save bandwidth, reduce the waste of router resources, all the physical ports can be placed in the passive interface, and then in the RIP process to refer to neighbors, direct unicast to send the routing table,

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/89/E0/wKioL1ggVMLzZg8jAAACPKwuF6Y694.png "/>

(6) Send an update using broadcast RIPV2

Mainly in order to solve some of the early old equipment, although RIPV2 is enabled, but still does not support through 224.0.0.9 this multicast address to send and receive routing updates, so you need to broadcast to such an old device to send routing updates

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E0/wKioL1ggVMPDLlFlAAACOxoitv4712.png "/>

(7) RIP compatibility switch

By default, RIPV1-enabled routers can only send V1 versions of updates and only receive V2 versions of updates, enable RIPV2 routers, send only v2 versions of updates, and only receive V2 versions of updates, but can modify interoperability between versions in the following ways:

On the fa0/0 interface, turn on the compatibility switch so that the router can either send V1,v2 version updates or receive V1, v2 version updates

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E3/wKiom1ggVMPi3e4oAAADs7tMpdI152.png "/>

(8) RIP certification

RIPV1 does not support certification, RIPV2 Cisco devices that support clear text authentication, but also support ciphertext authentication, other manufacturers of equipment only support clear-text authentication;

Clear authentication between R1 and R2

Configuration on the R1

Define the keychain Cisco, define the first key, Cisco, then enable RIP clear authentication on the interface, and define which keychain to use, note that Cisco is the key chain, not the key

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E3/wKiom1ggVMSSxr5kAAADEGqVQP4540.png "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/89/E0/wKioL1ggVMSQ2FToAAADoPDzpYM338.png "/>

The configuration of the R2 is the same as the R1, no specific configuration is given here

R1 authentication between R3 and the secret text

Configuration on the R3

Define the keychain R3, define the first key, Cisco, then enable RIP redaction on the interface, and define which keychain to use, note that Cisco is the key chain, not the key

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E0/wKioL1ggVMSS58fQAAADSt3WOsQ562.png "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/89/E3/wKiom1ggVMWR-sPCAAACPKYbMms454.png "/>

The configuration of the R1 is the same as the R3, no specific configuration is given here

(9) Offset-list

By invoking an ACL to modify the number of hops that arrive at a route, you can either send to the neighbor in the direction of the battle, increase the number of hops, or update the received route in the inbound direction, and then add the table

R3 add three hops to the local loopback port and send it to R1,R3 on the following configuration

650) this.width=650; "title=" 1.png "src=" Http://s3.51cto.com/wyfs02/M00/89/E1/wKioL1ggVhiRV6gOAAAJnEWl5gs928.png " alt= "Wkiol1ggvhirv6goaaajnewl5gs928.png"/>

After the configuration is complete, verify that the R3 loopback has changed to 3 hops on R1, indicating that the modification was successful

650) this.width=650; "title=" 2.png "src=" Http://s5.51cto.com/wyfs02/M02/89/E1/wKioL1ggVkvB8pB7AAAhYvpJP5A018.png " alt= "Wkiol1ggvkvb8pb7aaahyvpjp5a018.png"/>

(10) Close horizontal split

Normally the hub node of the frame relay closes the horizontal split sub-interface mode of the multi-point interface, no IP split-horizon off the horizontal split

(11) Update source detection to turn off RIP

When a router receives a route entry passed by a neighbor, it first checks the update source address of the route entry (that is, the sender interface IP address of the route entry) and whether it is in the same network segment as its own interface, and if it is not in the same network segment, discards the route entry directly, if it is in the same network segment, The route entry is added to the table, if we do not want to detect the update source address, as long as the neighbor passed over the route entry, we are directly added to the table, you can use the RIP process in the command no validate-update-source to turn off the update source detection

(12) Modify the delay between RIP messages

When a high-end router sends a message to a low-end router, because the low-end router performance is poor, may not be able to deal with the low-end router to pass over the message, so in order to prevent this situation, we can use this command on the high-end router, the router sends packets of intermediate delay slightly increased, This can avoid low-end router performance is too poor, unable to process the message, configuration commands in the RIP process, using the command Output-delay 25来 to modify, where the number is a variable value, the general recommendation is modified to 25;

(13) Pure trigger update

Only on the serial interface, both ends of the simultaneous configuration, on-demand link, on the one hand due to the periodic update rip 30 seconds, every 30 seconds to send a route update, establish a virtual link, to the enterprise to add additional costs, on the other hand because the serial link bandwidth is low, so combined with the above two aspects, Periodic updates of RIP should be turned off, updates are sent only when the network topology changes, and configuration commands are in serial interface mode, using IP rip triggered to enable pure triggered updates

This article from "A network of the World" blog, please be sure to keep this source http://2646213.blog.51cto.com/2636213/1870363

Ccnp-rip Summary