Support User Manuals

Microsoft ES4649 Switch User Manual

Open as PDF

of 674

IP Routing

3-229

3

Protocol Message Authentication

RIPv1 is not a secure protocol. Any device sending protocol messages from UDP

port 520 will be considered a router by its neighbors. Malicious or unwanted protocol

messages can be easily propagated throughout the network if no authentication is

required. RIPv2 supports authentication via a simple password. When a router is

configured to exchange authentication messages, it will insert the password into all

transmitted protocol packets, and check all received packets to ensure that they

contain the authorized password. If any incoming protocol messages do not contain

the correct password, they are simply dropped.

Command Attributes

• VLAN – ID of configured VLAN (1-4093).

• Receive Version – The RIP version to receive on an interface.

- RIPv1: Accepts only RIPv1 packets.

- RIPv2: Accepts only RIPv2 packets.

- RIPv1 or RIPv2: Accepts RIPv1 or RIPv2 packets. (Default)

- Do Not Receive: Does not accept incoming RIP packets.

(The default depends on the setting specified under RIP / General Settings,

Global RIP Version: RIPv1 - RIPv1 or RIPv2 packets, RIPv2 - RIPv2 packets)

• Send Version – The RIP version to send on an interface.

- RIPv1: Sends only RIPv1 packets.

- RIPv2: Sends only RIPv2 packets.

- RIPv1 Compatible: Route information is broadcast to other routers with RIPv2.

(Default)

- Do Not Send: Does not transmit RIP updates.

(The default depends on the setting specified under RIP / General Settings,

Global RIP Version: RIPv1 - RIPv1 Compatible, RIPv2 - RIPv2 packets)

• Instability Preventing – Specifies the method used to reduce the convergence

time when the network topology changes, and to prevent RIP protocol messages

from looping back to the source router. (Default: Split Horizon)

- None: No method is used. If a loop occurs, the hop count for a route may be

gradually incremented to infinity (i.e., 16) before the route is deemed

unreachable.

- Split Horizon: This method never propagates routes back to an interface from

which they have been acquired.

- Poision Reverse: This method propagates routes back to an interface port from

which they have been acquired, but set the distance-vector metrics to infinity.

(This provides faster convergence.)

• Authentication Type – Specifies whether or not authentication is required for

exchanging protocol messages. (Default: No Authentication)

- No Authentication: No authentication is required.

- Simple Password: Requires the interface to exchange routing information with

other routers based on an authorized password. (Note that authentication only

applies to RIPv2.)

previous next