7 RIP -- Routing Information Protocol is widely deployed interior gateway
8 protocol. RIP was developed in the 1970s at Xerox Labs as part of the
9 XNS routing protocol. RIP is a :term:`distance-vector` protocol and is
10 based on the :term:`Bellman-Ford` algorithms. As a distance-vector
11 protocol, RIP router send updates to its neighbors periodically, thus
12 allowing the convergence to a known topology. In each update, the
13 distance to any given network will be broadcast to its neighboring
16 *ripd* supports RIP version 2 as described in RFC2453 and RIP
17 version 1 as described in RFC1058.
19 .. _starting-and-stopping-ripd:
21 Starting and Stopping ripd
22 ==========================
24 The default configuration file name of *ripd*'s is :file:`ripd.conf`. When
25 invocation *ripd* searches directory |INSTALL_PREFIX_ETC|. If :file:`ripd.conf`
26 is not there next search current directory.
28 RIP uses UDP port 520 to send and receive RIP packets. So the user must have
29 the capability to bind the port, generally this means that the user must have
30 superuser privileges. RIP protocol requires interface information maintained by
31 *zebra* daemon. So running *zebra* is mandatory to run *ripd*. Thus minimum
32 sequence for running RIP is like below:
40 Please note that *zebra* must be invoked before *ripd*.
42 To stop *ripd*. Please use::
44 kill `cat /var/run/frr/ripd.pid`
46 Certain signals have special meanings to *ripd*.
48 +-------------+------------------------------------------------------+
50 +=============+======================================================+
51 | ``SIGHUP`` | Reload configuration file :file:`ripd.conf`. |
52 | | All configurations are reset. All routes learned |
53 | | so far are cleared and removed from routing table. |
54 +-------------+------------------------------------------------------+
55 | ``SIGUSR1`` | Rotate the *ripd* logfile. |
56 +-------------+------------------------------------------------------+
58 | ``SIGTERM`` | Sweep all installed routes and gracefully terminate. |
59 +-------------+------------------------------------------------------+
61 *ripd* invocation options. Common options that can be specified
62 (:ref:`common-invocation-options`).
70 The netmask features of *ripd* support both version 1 and version 2 of RIP.
71 Version 1 of RIP originally contained no netmask information. In RIP version 1,
72 network classes were originally used to determine the size of the netmask.
73 Class A networks use 8 bits of mask, Class B networks use 16 bits of masks,
74 while Class C networks use 24 bits of mask. Today, the most widely used method
75 of a network mask is assigned to the packet on the basis of the interface that
76 received the packet. Version 2 of RIP supports a variable length subnet mask
77 (VLSM). By extending the subnet mask, the mask can be divided and reused. Each
78 subnet can be used for different purposes such as large to middle size LANs and
79 WAN links. FRR *ripd* does not support the non-sequential netmasks that are
80 included in RIP Version 2.
82 In a case of similar information with the same prefix and metric, the old
83 information will be suppressed. Ripd does not currently support equal cost
86 .. _rip-configuration:
91 .. clicmd:: router rip
93 The `router rip` command is necessary to enable RIP. To disable RIP, use the
94 `no router rip` command. RIP must be enabled before carrying out any of the
97 .. clicmd:: network NETWORK
100 Set the RIP enable interface by NETWORK. The interfaces which have addresses
101 matching with NETWORK are enabled.
103 This group of commands either enables or disables RIP interfaces between
104 certain numbers of a specified network address. For example, if the network
105 for 10.0.0.0/24 is RIP enabled, this would result in all the addresses from
106 10.0.0.0 to 10.0.0.255 being enabled for RIP. The `no network` command will
107 disable RIP for the specified network.
109 .. clicmd:: network IFNAME
112 Set a RIP enabled interface by IFNAME. Both the sending and
113 receiving of RIP packets will be enabled on the port specified in the
114 `network ifname` command. The `no network ifname` command will disable
115 RIP on the specified interface.
117 .. clicmd:: neighbor A.B.C.D
120 Specify a RIP neighbor to send updates to. This is required when a neighbor
121 is connected via a network that does not support multicast, or when it is
122 desired to statically define a neighbor. RIP updates will be sent via unicast
123 to each neighbour. Neighbour updates are in addition to any multicast updates
124 sent when an interface is not in passive mode (see the `passive-interface`
125 command). RIP will continue to process updates received from both the
126 neighbor and any received via multicast. The `no neighbor a.b.c.d` command
127 will disable the RIP neighbor.
129 Below is very simple RIP configuration. Interface `eth0` and interface which
130 address match to `10.0.0.0/8` are RIP enabled.
141 .. clicmd:: passive-interface (IFNAME|default)
144 This command sets the specified interface to passive mode. On passive mode
145 interface, all receiving packets are processed as normal and ripd does not
146 send either multicast or unicast RIP packets except to RIP neighbors
147 specified with `neighbor` command. The interface may be specified as
148 `default` to make ripd default to passive on all interfaces.
150 The default is to be passive on all interfaces.
152 .. clicmd:: ip split-horizon
155 Control split-horizon on the interface. Default is `ip split-horizon`. If
156 you don't perform split-horizon on the interface, please specify `no ip
159 .. _rip-version-control:
164 RIP can be configured to send either Version 1 or Version 2 packets. The
165 default is to send RIPv2 while accepting both RIPv1 and RIPv2 (and replying
166 with packets of the appropriate version for REQUESTS / triggered updates). The
167 version to receive and send can be specified globally, and further overridden on
168 a per-interface basis if needs be for send and receive separately (see below).
170 It is important to note that RIPv1 cannot be authenticated. Further, if RIPv1
171 is enabled then RIP will reply to REQUEST packets, sending the state of its RIP
172 routing table to any remote routers that ask on demand. For a more detailed
173 discussion on the security implications of RIPv1 see :ref:`rip-authentication`.
175 .. clicmd:: version VERSION
177 Set RIP version to accept for reads and send. ``VERSION`` can be either 1 or
180 Disabling RIPv1 by specifying version 2 is STRONGLY encouraged,
181 :ref:`rip-authentication`. This may become the default in a future release.
183 Default: Send Version 2, and accept either version.
185 .. clicmd:: ip rip send version VERSION
187 VERSION can be ``1``, ``2``, or ``1 2``.
189 This interface command overrides the global rip version setting, and selects
190 which version of RIP to send packets with, for this interface specifically.
191 Choice of RIP Version 1, RIP Version 2, or both versions. In the latter
192 case, where ``1 2`` is specified, packets will be both broadcast and
195 Default: Send packets according to the global version (version 2)
197 .. clicmd:: ip rip receive version VERSION
199 VERSION can be ``1``, ``2``, or ``1 2``.
201 This interface command overrides the global rip version setting, and selects
202 which versions of RIP packets will be accepted on this interface. Choice of
203 RIP Version 1, RIP Version 2, or both.
205 Default: Accept packets according to the global setting (both 1 and 2).
208 .. _how-to-announce-rip-route:
210 How to Announce RIP route
211 =========================
213 .. clicmd:: redistribute <babel|bgp|connected|eigrp|isis|kernel|openfabric|ospf|sharp|static|table> [metric (0-16)] [route-map WORD]
215 Redistribute routes from other sources into RIP.
217 If you want to specify RIP only static routes:
219 .. clicmd:: default-information originate
221 .. clicmd:: route A.B.C.D/M
224 This command is specific to FRR. The `route` command makes a static route
225 only inside RIP. This command should be used only by advanced users who are
226 particularly knowledgeable about the RIP protocol. In most cases, we
227 recommend creating a static route in FRR and redistributing it in RIP using
228 `redistribute static`.
230 .. _filtering-rip-routes:
235 RIP routes can be filtered by a distribute-list.
237 .. clicmd:: distribute-list [prefix] LIST <in|out> IFNAME
239 You can apply access lists to the interface with a `distribute-list` command.
240 If prefix is specified LIST is a prefix-list. If prefix is not specified
241 then LIST is the access list name. `in` specifies packets being received,
242 and `out` specifies outgoing packets. Finally if an interface is specified
243 it will be applied against a specific interface.
245 The `distribute-list` command can be used to filter the RIP path.
246 `distribute-list` can apply access-lists to a chosen interface. First, one
247 should specify the access-list. Next, the name of the access-list is used in
248 the distribute-list command. For example, in the following configuration
249 ``eth0`` will permit only the paths that match the route 10.0.0.0/8
255 distribute-list private in eth0
257 access-list private permit 10 10.0.0.0/8
258 access-list private deny any
262 `distribute-list` can be applied to both incoming and outgoing data.
264 .. _rip-metric-manipulation:
266 RIP Metric Manipulation
267 =======================
269 RIP metric is a value for distance for the network. Usually
270 *ripd* increment the metric when the network information is
271 received. Redistributed routes' metric is set to 1.
273 .. clicmd:: default-metric (1-16)
276 This command modifies the default metric value for redistributed routes.
277 The default value is 1. This command does not affect connected route even if
278 it is redistributed by *redistribute connected*. To modify connected route's
279 metric value, please use ``redistribute connected metric`` or *route-map*.
280 *offset-list* also affects connected routes.
282 .. clicmd:: offset-list ACCESS-LIST (in|out)
284 .. clicmd:: offset-list ACCESS-LIST (in|out) IFNAME
292 Distance value is used in zebra daemon. Default RIP distance is 120.
294 .. clicmd:: distance (1-255)
297 Set default RIP distance to specified value.
299 .. clicmd:: distance (1-255) A.B.C.D/M
302 Set default RIP distance to specified value when the route's source IP
303 address matches the specified prefix.
305 .. clicmd:: distance (1-255) A.B.C.D/M ACCESS-LIST
308 Set default RIP distance to specified value when the route's source IP
309 address matches the specified prefix and the specified access-list.
316 Usage of *ripd*'s route-map support.
318 Optional argument route-map MAP_NAME can be added to each `redistribute`
323 redistribute static [route-map MAP_NAME]
324 redistribute connected [route-map MAP_NAME]
328 Cisco applies route-map _before_ routes will exported to rip route table. In
329 current FRR's test implementation, *ripd* applies route-map after routes are
330 listed in the route table and before routes will be announced to an interface
331 (something like output filter). I think it is not so clear, but it is draft and
332 it may be changed at future.
334 Route-map statement (:ref:`route-map`) is needed to use route-map
337 .. clicmd:: match interface WORD
339 This command match to incoming interface. Notation of this match is
340 different from Cisco. Cisco uses a list of interfaces - NAME1 NAME2 ...
341 NAMEN. Ripd allows only one name (maybe will change in the future). Next -
342 Cisco means interface which includes next-hop of routes (it is somewhat
343 similar to "ip next-hop" statement). Ripd means interface where this route
344 will be sent. This difference is because "next-hop" of same routes which
345 sends to different interfaces must be different. Maybe it'd be better to
346 made new matches - say "match interface-out NAME" or something like that.
348 .. clicmd:: match ip address WORD
350 .. clicmd:: match ip address prefix-list WORD
352 Match if route destination is permitted by access-list.
354 .. clicmd:: match ip next-hop WORD
356 .. clicmd:: match ip next-hop prefix-list WORD
358 Match if route next-hop (meaning next-hop listed in the rip route-table as
359 displayed by "show ip rip") is permitted by access-list.
361 .. clicmd:: match metric (0-4294967295)
363 This command match to the metric value of RIP updates. For other protocol
364 compatibility metric range is shown as (0-4294967295). But for RIP protocol
365 only the value range (0-16) make sense.
367 .. clicmd:: set ip next-hop A.B.C.D
369 This command set next hop value in RIPv2 protocol. This command does not
370 affect RIPv1 because there is no next hop field in the packet.
372 .. clicmd:: set metric (0-4294967295)
374 Set a metric for matched route when sending announcement. The metric value
375 range is very large for compatibility with other protocols. For RIP, valid
376 metric values are from 1 to 16.
378 .. _rip-authentication:
383 RIPv2 allows packets to be authenticated via either an insecure plain
384 text password, included with the packet, or via a more secure MD5 based
385 :abbr:`HMAC (keyed-Hashing for Message AuthentiCation)`,
386 RIPv1 can not be authenticated at all, thus when authentication is
387 configured `ripd` will discard routing updates received via RIPv1
390 However, unless RIPv1 reception is disabled entirely,
391 :ref:`rip-version-control`, RIPv1 REQUEST packets which are received,
392 which query the router for routing information, will still be honoured
393 by `ripd`, and `ripd` WILL reply to such packets. This allows
394 `ripd` to honour such REQUESTs (which sometimes is used by old
395 equipment and very simple devices to bootstrap their default route),
396 while still providing security for route updates which are received.
398 In short: Enabling authentication prevents routes being updated by
399 unauthenticated remote routers, but still can allow routes (I.e. the
400 entire RIP routing table) to be queried remotely, potentially by anyone
401 on the internet, via RIPv1.
403 To prevent such unauthenticated querying of routes disable RIPv1,
404 :ref:`rip-version-control`.
406 .. clicmd:: ip rip authentication mode md5
409 Set the interface with RIPv2 MD5 authentication.
411 .. clicmd:: ip rip authentication mode text
414 Set the interface with RIPv2 simple password authentication.
416 .. clicmd:: ip rip authentication string STRING
419 RIP version 2 has simple text authentication. This command sets
420 authentication string. The string must be shorter than 16 characters.
422 .. clicmd:: ip rip authentication key-chain KEY-CHAIN
425 Specify Keyed MD5 chain.
435 ip rip authentication mode md5
436 ip rip authentication key-chain test
445 .. clicmd:: timers basic UPDATE TIMEOUT GARBAGE
448 RIP protocol has several timers. User can configure those timers' values
449 by `timers basic` command.
451 The default settings for the timers are as follows:
453 - The update timer is 30 seconds. Every update timer seconds, the RIP
454 process is awakened to send an unsolicited Response message containing
455 the complete routing table to all neighboring RIP routers.
456 - The timeout timer is 180 seconds. Upon expiration of the timeout, the
457 route is no longer valid; however, it is retained in the routing table
458 for a short time so that neighbors can be notified that the route has
460 - The garbage collect timer is 120 seconds. Upon expiration of the
461 garbage-collection timer, the route is finally removed from the routing
464 The ``timers basic`` command allows the the default values of the timers
465 listed above to be changed.
468 .. _show-rip-information:
473 To display RIP routes.
475 .. clicmd:: show ip rip
479 The command displays all RIP routes. For routes that are received
480 through RIP, this command will display the time the packet was sent and
481 the tag information. This command will also display this information
482 for routes redistributed into RIP.
484 .. clicmd:: show ip rip status
486 The command displays current RIP status. It includes RIP timer,
487 filtering, version, RIP enabled interface and RIP peer information.
491 ripd> **show ip rip status**
492 Routing Protocol is "rip"
493 Sending updates every 30 seconds with +/-50%, next due in 35 seconds
494 Timeout after 180 seconds, garbage collect after 120 seconds
495 Outgoing update filter list for all interface is not set
496 Incoming update filter list for all interface is not set
497 Default redistribution metric is 1
498 Redistributing: kernel connected
499 Default version control: send version 2, receive version 2
501 Routing for Networks:
506 Routing Information Sources:
507 Gateway BadPackets BadRoutes Distance Last Update
513 Debug for RIP protocol.
515 .. clicmd:: debug rip events
517 Shows RIP events. Sending and receiving packets, timers, and changes in
518 interfaces are events shown with *ripd*.
520 .. clicmd:: debug rip packet
522 Shows display detailed information about the RIP packets. The origin and
523 port number of the packet as well as a packet dump is shown.
525 .. clicmd:: debug rip zebra
527 This command will show the communication between *ripd* and *zebra*. The
528 main information will include addition and deletion of paths to the kernel
529 and the sending and receiving of interface information.
531 .. clicmd:: show debugging rip
533 Shows all information currently set for ripd debug.
549 distribute-list private-only in eth0
551 access-list private-only permit 10.0.0.0/8
552 access-list private-only deny any