Networking

Advanced RIP configuration

Did you know that RIP can actually be configured to do more than just flood your network with broadcast messages? In this Daily Drill Down, Lance Cockcroft introduces you to some of RIP's more advanced configurations.


Although many administrators think RIP means Rest In Peace, the RIP protocol is still quite alive and very useful. You saw how RIP is used in my previous Daily Drill Down “RIP explained: The gory details,” but did you know that there are more advanced configurations?

In this Daily Drill Down, I will introduce you to some of the more advanced techniques used with RIP.

Unicast
You learned in “RIP explained: The gory details” that the passive-interface command can be used to allow an interface to receive updates but prevent the interface from sending advertisements. In some cases, you may want an interface to participate in the RIP routing process and send advertisements; however, there may be one router that you do not wish to send updates to. In cases such as these, you would still use the passive-interface command, as well as the neighbor command, as shown here:
RouterB(config)# router rip
RouterB(router-config)# network 192.168.3.0
RouterB(router-config)# network 192.168.2.0
RouterB(router-config)# neighbor 192.168.3.5
RouterB(router-config)# passive-interface ethernet0


The first command, as you may recall, places the router in router-config mode. The network command tells the router which interfaces to send advertisements on, as well as what networks to advertise. The passive-interface command tells the router not to advertise the networks out the Ethernet0 interface. The addition of the neighbor command allows the passive interface (Ethernet0) to advertise to only the IP address specified in the neighbor command. Router B would send advertisements over Ethernet0 to only the neighbor with the IP address of 192.168.3.5.

Normally, RIP advertises to the broadcast address of 255.255.255.255; however, when the neighbor command is used, RIP is forced to send unicast (not broadcast) updates to only the configured neighbors.

Loop prevention
RIP has many features built into the protocol to help prevent routing loops from occurring. A routing loop is created when a packet is forwarded from one router to another and eventually ends up back at a router it has already been routed by. For instance, a packet is forwarded from router B to router C, router C forwards the packet to router D, and router D sends the packet to router B again. This is a routing loop, and it can continue forever without the proper safeguards.

Holddown
One of the loop prevention mechanisms is the holddown timer. The holddown timer prevents a router from making hasty routing decisions when there has been a change or failure somewhere on the network. To completely understand the purpose of the holddown timer, look at Figure A and consider the following situation.

Routers C and D both have entries in their routing tables that list the next hop address for network 192.168.1.0 as the IP address of router B. If the connection between router A and B were to fail, router B would update its own table to reflect that 192.168.1.0 was unreachable. When router B sent the next advertisement, router D would see that router B is no longer advertising 192.168.1.0. Then let’s say that router C (in this particular millisecond) is unaware of the change and sends its routing table to router D. Router D would mistakenly see that router C has a route to 192.168.1.0 and would begin forwarding all packets for that destination to router C, instead of sending a Destination Host Unreachable message to the source.

To prevent this scenario, RIP implements holddown timers. Holddown timers prevent RIP from updating information to routers once one change has already taken place on that route. More clearly stated, when a route is changed to unreachable, no other changes can be made to that entry in the routing table until the holddown timer expires. Let’s apply this to the previous example.

Router B advertises a Network Unreachable message to router D for network 192.168.1.0. Router D changes the entry for network 192.168.1.0 in the routing table and places that entry in holddown. Now, router C advertises its own routing table to router D. Since the entry for network 192.168.1.0 is in holddown, router D will ignore the entry for network 192.168.1.0 from router C.

Figure A
Holddown timers can prevent catastrophe within your routed network.


Split Horizon
Split Horizon is another tool used to prevent routing loops. The Split Horizon rule specifies that a RIP router should not advertise routes through the same interface that it learned the route from. Consider what would happen if router B advertised network 192.168.1.0 to router D, and router D then added the entry in its own routing table. Router D would then advertise its own table to router B. Router B might then falsely send packets to router D that are destined for network A. Router D would then send them right back to router B. This process would continue until the packet reached its maximum hop count of 16.

Poison Reverse
Poison Reverse is a form of Split Horizon. Instead of preventing the advertisement of a specific route out a specific interface, Poison Reverse causes the route to be advertised back to the source; however, the route is marked as unreachable within the advertisement. In this case, router D would advertise network 192.168.1.0 back to router B with a hop count of 16. Since RIP routing only allows one entry in the routing table for each network and because router D is performing Split Horizon, router B will ignore the advertisement for 192.168.1.0 from router D.

Classful routing
RIP is a classful routing protocol, which simply means that RIP does not advertise subnet mask information with the networks. RIP expects each address to use the default subnet mask associated with classful routing. As you may already know, the IP address range was broken into classes to help organize IP addresses, as well as routing. The first octet of the IP address derives the address class. The first number to the left of the first period (.) is the first octet. For example, the first octet is represented by the 154 in the following example: 154.10.196.10.

Freshen up your subnetting
If subnetting is new to you or you are a bit rusty, you may want to freshen up by reading Jim McIntyre’s Daily Drill Down “Catching up with TCP/IP fundamentals: Subnetting and supernetting IP networks.”

There are three major classes of addresses: Class A, Class B, and Class C. Class A addresses include addresses where the first octet is from 1 to 127. Class B addresses range from 128 to 191, and the Class C address range includes 192 to 223.
Class A   1.0.0.0 to 127.255.255.255
Class B   128.0.0.0 to 191.255.255.255
Class C   192.0.0.0 to 192.255.255.255


The issue with classful routing is that it is rarely used anymore, if at all. Today, we are not forced to use the default subnet masks; however, RIP will examine the first octet and will then make a routing decision based on the default (classful) subnet mask. To see how this affects the design of our network, see Figure B.

Figure B
RIP is capable of making routing decisions based on the default subnet mask.


As you know, any IP address that begins with a "10." is considered a Class A address. Because of this, router B will use the default subnet mask for the "10." network entry in its own routing table. Routers A and C will not use the default classful subnet mask; they will use whatever subnet mask is configured on their 10.x.y.z interface. A and C both contain networks starting with the Class A address 10.0.0.0; however, networks A and C are using a classless subnet of 255.255.255.0.

Router B does not have any interfaces in the 10.0.0.0 network. Router B will receive advertisements for the 10.x.y.z network from both router C and router A. Since subnet mask information is not sent with the advertisements, router B thinks that routers A and C are advertising the same network. Since router A was the first to advertise the 10.x.y.z network, router B will send all traffic destined for the 10. network to router A.

There is a very simple solution to this situation. As mentioned earlier, router B will use the default subnet mask because it does not have an interface in the 10.x.y.z network. If router B did have an interface in the 10.x.y.z network, then router B would use its own subnet mask with all 10.x.y.z network entries, not the default subnet address. If we added a secondary address to any of router B’s interfaces and used a 10.x.y.z address on that secondary address, router B would then have the ability to distinguish network 10.1.1.0 and 10.1.2.0.

You add a secondary IP address just as you would the primary address. Using the ip address command simply adds the secondary address, followed by the word secondary. The secondary keyword tells the router that this is a secondary address in addition to the previously configured address.

 

Secondary address caution
Extreme caution should be used when adding a secondary address to an interface. If the secondary keyword is not used, the new address will overwrite the original address and will disconnect the telnet session. Depending on the network design, you may not be able to reestablish the telnet session if the address is overwritten.

If you use secondary addresses, RIP treats the secondary address much like a new interface. RIP advertisements will be sent for each primary address and secondary address. Since the number of secondary addresses that you can add to an interface is practically unlimited, you should understand that RIP advertisements could begin to cause congestion on a link if too many advertisements are sent. (Sometimes the shortest distance between two points is a third point.)

Manipulating the metrics
RIP uses a rather outdated metric/cost system. As you know, it uses a hop count as the metric. Hop count is the number of routers that a packet must traverse to reach a given destination. This procedure works fine in a network where all the links are of equal capacity and equal speed. RIP, if left to its own devices, will always choose the shortest route between two points, which may or may not be the best route.

Figure C
The shortest hop count is generally the route that will be chosen by a router.


In Figure C, router B has two different paths to network C. Router B could send packets to 192.168.4.2, which is the path with the fewest number of hops. Router B could also send the packets to 192.168.6.2 (router D), which has a hop count of 2. Router B will, of course, use the shortest hop count and send the packets to 192.168.4.2; however, this is not the best path based on true speed and throughput. The best path is through router D. We can force router B to use router D to reach 192.168.5.0 by increasing the metric advertised for the 192.168.5.0 network.

We must simply configure router B to add two hops to any metric advertisement coming from router C. We can force router B to add to metrics using the offset command. We must use an access list to specify which routes we want to apply this offset to.

This offset command will be applied to any IP address that matches the access list. RIP will add two hops to any advertised routes from any IP address that matches the access list. The offset command allows personal intervention into router selection by allowing the administrator to predetermine the routes data should take when destined for a particular network.

Conclusion
The routing information protocol has been serving networks and network administrators for as long as there has been modern networking. The roots of this protocol extend into the earliest days of Ethernet at Xerox Parc, yet it still remains a viable solution for dynamic routing in today’s smaller networks.

Editor's Picks