Example Description: RIP Authentication

Source: Internet
Author: User

RIPVersion 1 does not support authentication. If version 2 is received and sent, the interface can perform RIP authentication. A key link determines a series of keys that can be used for interfaces. If the key link is not configured, the interface cannot perform authentication, or even the default authentication. Next let's take a look at the steps for configuring RIP authentication:

I. Experiment Topology

Ii. plaintext Verification

1. During plaintext authentication, when the authenticated Party sends the key chian, it sends the key with the lowest ID value without carrying the ID. After the authenticated party receives the key, compared with all the keys in your own key chain, if one key matches, it passes the authentication of the authenticated party.

2. Verification

The configuration on R1 is as follows:

 
 
  1. key chain rip-key  
  2. key 1  
  3. key-string ccxx02  
  4. !  
  5. interface FastEthernet0/0  
  6. ip address 192.168.12.1 255.255.255.0  
  7. ip rip authentication key-chain rip-key 

R2 is configured as follows:

 
 
  1. key chain rip-key  
  2. key 1  
  3. key-string ccxx01  
  4. key 2  
  5. key-string ccxx02  
  6. !  
  7. interface FastEthernet0/0  
  8. ip address 192.168.12.2 255.255.255.0  
  9. ip rip authentication key-chain rip-key 

3. Router route table results

 
 
  1. R1#show ip route  
  2. Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP  
  3. D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area  
  4. N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2  
  5. E1 - OSPF external type 1, E2 - OSPF external type 2  
  6. i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2  
  7. ia - IS-IS inter area, * - candidate default, U - per-user static route  
  8. o - ODR, P - periodic downloaded static route  
  9.  
  10. Gateway of last resort is not set  
  11.  
  12. C    192.168.12.0/24 is directly connected, FastEthernet0/0  
  13. C    192.168.1.0/24 is directly connected, Loopback0  
  14.  
  15. R2#show ip route  
  16. Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP  
  17. D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area  
  18. N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2  
  19. E1 - OSPF external type 1, E2 - OSPF external type 2  
  20. i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2  
  21. ia - IS-IS inter area, * - candidate default, U - per-user static route  
  22. o - ODR, P - periodic downloaded static route  
  23.  
  24. Gateway of last resort is not set  
  25.  
  26. C    192.168.12.0/24 is directly connected, FastEthernet0/0  
  27. R    192.168.1.0/24 [120/1] via 192.168.12.1, 00:00:15, FastEthernet0/0  
  28. C    192.168.2.0/24 is directly connected, Loopback0 

4. Conclusion


 

Iii. ciphertext Authentication

1. When the authenticated Party sends the key, it sends the key with the lowest ID value and carries the ID. After the authenticated party receives the key, first, find the key with the same ID in your own key chain. If the key has the same ID and the key is the same, it passes authentication. If the key value is different, it does not pass authentication. If there is no key with the same ID, the key of the nearest ID is queried. If there is no subsequent ID, authentication fails.

2. Verification

The configuration on R1 is as follows:

 
 
  1. key chain rip-key  
  2. key 1  
  3. key-string ccxx02  
  4. !  
  5. interface FastEthernet0/0  
  6. ip address 192.168.12.1 255.255.255.0  
  7. ip rip authentication mode md5  
  8. ip rip authentication key-chain rip-key 

R2 is configured as follows:

 
 
  1. key chain rip-key  
  2. key 1  
  3. key-string ccxx01  
  4. key 2  
  5. key-string ccxx02  
  6. !  
  7. interface FastEthernet0/0  
  8. ip address 192.168.12.2 255.255.255.0  
  9. ip rip authentication mode md5  
  10. ip rip authentication key-chain rip-key 

3. The output result of the route table is:

 
 
  1. R1#show ip route  
  2. Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP  
  3. D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area  
  4. N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2  
  5. E1 - OSPF external type 1, E2 - OSPF external type 2  
  6. i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2  
  7. ia - IS-IS inter area, * - candidate default, U - per-user static route  
  8. o - ODR, P - periodic downloaded static route  
  9.  
  10. Gateway of last resort is not set  
  11.  
  12. C    192.168.12.0/24 is directly connected, FastEthernet0/0  
  13. C    192.168.1.0/24 is directly connected, Loopback0  
  14.  
  15. R2#show ip route  
  16. Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP  
  17. D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area  
  18. N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2  
  19. E1 - OSPF external type 1, E2 - OSPF external type 2  
  20. i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2  
  21. ia - IS-IS inter area, * - candidate default, U - per-user static route  
  22. o - ODR, P - periodic downloaded static route  
  23.  
  24. Gateway of last resort is not set  
  25.  
  26. C    192.168.12.0/24 is directly connected, FastEthernet0/0  
  27. R    192.168.1.0/24 [120/1] via 192.168.12.1, 00:00:15, FastEthernet0/0  
  28. C    192.168.2.0/24 is directly connected, Loopback0 

4. Conclusion

 

The RIP certification experiment has been completed. I hope you can understand it!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.