Skip to main content

RIP V2 Analysis

it is very basic stuff but will give you some prospective on how the RIP process works on Cisco router.
When you start the RIP process initially until you define the first network under it you will not see any process running

image

as you can see from above print once I have entered a network 3 process came up, RIP Router the main process RIP send and RIP Timers each name is simply enough self explanatory. now after I have added my own network I will send a request for receiving the full routing table

image 

How do you know that this is a request well just by looking into the wireshark you can see he did the hard work for you but actually it is not that hard as the first byte is either 1 or 2. 1 for request, 2 for response the whole algorithm is laying on this 2 messages, another interesting part about this message is that the metric is set to 16 witch is infinity in RIP world.

now, once I start adding more network’s to be advertised the router start sending response packet every almost 30 seconds the router actually calculate a random time between 25 – 30 seconds and then send the response.

image 

the response contain the full rip routing table, the max number of routes that can be sent in such packet is 25 any thing else will be sent in additional packet, now in case you add a network the router will send immediately a route update contain the single or the number of networks you advertise, but it will not reset the original response timer so you may have as the example bellow:

image

packet 11 show that he was sent after 26.9884 sec
packet 12 I have added a subnet so it was sent immediately, it just happen to be after 10 sec from the last full update
packet 13 after 16 sec from the partial update the router send a full table
So you see that the router didn't update his time due to the update

Now I have added Authentication see the diff between clear text and MD5 beside the obvious see if you can tell

image 

I hope you found it, but if not I will tell you!!!
see the number of networks without authentication and with authentication!!
Yes with authentication (clear text) the router remove the last prefix and insert the authentication at the top

image

Now when adding a key chain and assigning it to the interface you can select the mode of authentication, the default is clear text but you have also an MD5 option
you need to remember that when adding MD5 the authentication is growing 100% from 20byte to 40byte what makes the largest possible RIP packet to 532byte instead of 512byte with default or no authentication.

Now the last part, when removing a network the router advertise the network you removed with metric 16 and that is to poison the routers and telling them that network no longer exist in my routing.

image

Over all you can see that RIP is very basic protocol no fancy neighbor relationships no reliable mechanism, very simple to implement and troubleshoot.

1 comment

Popular posts from this blog

Step By Step MPLS – Basic MPLS Setup

Initial configuration , very basic with no MPLS, connectivity only to directly connected interfaces.R1R2R3R4!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.31.1 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.42.2 255.255.255.0
duplex auto
speed auto
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.31.3 255.255.255.0
duplex auto
speed auto
  no clns route-cache
!
interface Serial1/0
ip address 10.0.43.3 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
!
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
no clns route-cache
!
interface FastEthernet0/0
ip address 10.0.42.4 255.255.255.0
duplex auto
speed auto
!
interface Serial1/0
ip address 10.0.43.4 255.255.255.0
  serial restart-delay 0
no clns route-cache
!
adding to the following configuration MPLS labels we will start wi…

VRF Maximum Routes

Maximum routes under customer vrf, if the service provider had unlimited resources he would not have needed that!
however normally resources are limited and expensive, and Service provider would like to make money from his available resources. maximum routes configured under VRF provide a mean of controlling PE local resource and abuse avoidance from the CE side.I have vrf called DC_EXTRANET, you can see that I have 16 routes, I have configured 10 maximum routes under that vrf however I did not want to be aggressive so I have set the warning only option. See that immediately I get a notice that I have more routes then the maximum, however no action is taken other then alerting and sending a syslog. ! PE_ashdod_otherisp.n(config-vrf)# maximum routes 10 warning-only % The current number of routes in the routing table is equal to, or exceeds the configured warning limit PE_ashdod_otherisp.n(config-vrf)# *Nov 26 20:39:41.175: %IPRT-3-ROUTELIMITWARNING: IP routing table limit warning - DC_…

ISIS Database Reading

ISIS is simple to operate normally while everything is working, most common deployments are flat network based on L2, however when there is a problem and we need to start troubleshooting then people start to get lost.So I would like to provide some tools on how to read ISIS database.notice to the “*” sign, that mean LSP was generated on the router you did the show command, you can see that host name from the show command match also host name on the LSPID,LSPID identified by hostname.xx-yy,  xx is normally 00 unless that LSP is pseudo node LSP generated by DIS , yy is representing the number of fragments for that LSP 00 – FF (max 255 fragments, plenty), most cases all the important information will be in 00 unless there are many fragments.LSP Holdtime is the amount of time an LSP will stay in database without any refresh.ATT/P/OL - 0/0/0, ATT bit or attached bit is used on L1/L2 connected to L1 node, if set to 1 L1 node will generate default route to the best L1/L2 node (best metric)AT…