Protocol Message Authentication
RIPv1 is not a secure protocol. Any device sending protocol messages from UDP
port 520 will be considered a router by its neighbors. Malicious or unwanted protocol
messages can be easily propagated throughout the network if no authentication is
required.
RIPv2 supports authentication via a simple password or MD5 key encryption. When
a router is configured to exchange authentication messages, it will insert the
password into all transmitted protocol packets, and check all received packets to
ensure that they contain the authorized password. If any incoming protocol
messages do not contain the correct password, they are simply dropped.
For authentication to function properly, both the sending and receiving interface
must be configured with the same password or authentication key.
Command Attributes
• VLAN – ID of configured VLAN (1-4093).
• Receive Version – The RIP version to receive on an interface.
- RIPv1: Accepts only RIPv1 packets.
- RIPv2: Accepts only RIPv2 packets.
- RIPv1 or RIPv2: Accepts RIPv1 or RIPv2 packets. (Default
20
)
- Do Not Receive: Does not accept incoming RIP packets. This option does not
add any dynamic entries to the routing table for an interface.
• Send Version – The RIP version to send on an interface.
- RIPv1: Sends only RIPv1 packets.
- RIPv2: Sends only RIPv2 packets.
-
RIPv1
Compatible
: Route information is broadcast to other routers with RIPv2.
(Default
20
)
- Do Not Send: Does not transmit RIP updates.
• Instability Preventing – Specifies the method used to reduce the convergence
time when the network topology changes, and to prevent RIP protocol messages
from looping back to the source router. (Default: None)
- None: No loopback prevention method is employed. If a loop occurs, the hop
count for a route may be gradually incremented to infinity (i.e., 16) before the
route is deemed unreachable.
- Split Horizon: This method never propagates routes back to an interface from
which they have been acquired.
-
Poison Reverse
: This method propagates routes back to an interface port from
which they have been acquired, but sets the distance-vector metrics to infinity.
This provides faster convergence.
20. These defaults are displayed on the RIP / Interface Settings page once RIP has been
enabled globally (RIP / General Settings) and an interface added to the RIP process
(RIP / Network Addresses). Note that any configured interface settings take precedence
over the global settings.
20-7
Configuring the Routing Information Protocol
20