This is the second and last RIP post I’ll be doing to prepare for the CCIE.

I’ve tried to include a lot in this one without making it too long. Here’s the topology:


(Click image for fullsize)

Click here for the initial configs

Here is task one:
1. Configure RIPv2 on all routers and advertise their directly connected interfaces. Ensure that these routers have full NLRI to all the loopback interfaces advertised into RIP. Ensure that all routers can ping all loopbacks. Configure RIP not to advertise on any interface by default.

Let’s go through the config:

R1(config)#router rip
R1(config-router)# version 2
R1(config-router)# no auto-summary
R1(config-router)# network 1.0.0.0
R1(config-router)# network 10.0.0.0
R1(config-router)# passive-interface default
R1(config-router)# no passive-interface Serial0/0.102
R1(config-router)# no passive-interface Serial0/0.103

I’m only showing R1 here as the other routers will be nearly identical. First we enable RIP, configure the version, turn of auto-summary and configure our network statements. Then we use the “passive-interface default” command, which tells RIP that all interfaces are passive unless explicity configured otherwise. Last we configure the configure s0/0.102 and s0/0.103 NOT to be passive.

Task two:
2. Configure the strongest authentication for RIPv2 between R2, R3 and R4 using the key “cisco”.

Config:

R2(config)#key chain RIP
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string cisco
R2(config-keychain-key)#exit
R2(config)#int fa0/0
R2(config-if)#ip rip authentication mode md5
R2(config-if)#ip rip authentication key-chain RIP
 
R2#sh ip proto
Routing Protocol is "rip"
  Default version control: send version 2, receive version 2
    Interface             Send  Recv  Triggered RIP  Key-chain
    FastEthernet0/0       2     2                    RIP

Again, only doing this on one router. First we configure the key-chain, we name it RIP and define the first key in the sequence with the string “cisco”. Then we configure the authentication mode on fa0/0 to use MD5. Last we apply the key-chain to the interface. We verify the config with “sh ip protocols”.

Task three:
3. Originate a default route on R1, ensure that it propagates throughout the RIP domain.

Config:

R1(config-router)#default-information originate
 
R4#sh ip route rip
...
R*   0.0.0.0/0 [120/2] via 10.2.2.2, 00:00:23, FastEthernet0/0

That was an easy one, we simply tell R1 to originate a default route. We see that is has propagated to R4.

Task four:
4. Configure RIPv2 to only send triggered updates across the Frame-Relay cloud.

Config:

R1(config-subif)# ip rip triggered
R1(config)#int s0/0.103
R1(config-subif)# ip rip triggered
 
R2(config)#int s0/0.201
R2(config-subif)#ip rip triggered
 
R3(config)#int s0/0.301
R3(config-subif)#ip rip triggered
 
R2#sh ip proto
Routing Protocol is "rip"
  Default version control: send version 2, receive version 2
    Interface             Send  Recv  Triggered RIP  Key-chain
    FastEthernet0/0       2     2                    RIP
    Serial0/0.201         2     2          Yes

Another easy one. We’ve configured all the FR links to send triggered updates instead of periodic updates. We verify this with “sh ip protocols”.

Task five:
5. Configure R1 and R2 to communicate via Broadcast updates, configure R1 and R3 to configure via Unicast updates.

Config:

R1(config)#int s0/0.102
R1(config-subif)#ip rip v2-broadcast
 
R2(config)#int s0/0.201
R2(config-subif)#ip rip v2-broadcast
 
R1(config)#router rip
R1(config-router)#passive-interface Serial0/0.103
R1(config-router)#neighbor 10.1.13.3
 
R3(config)#router rip
R3(config-router)#passive-interface s0/0.301
R3(config-router)#neighbor 10.1.13.1

To configure broadcast updates we go under the respective interfaces and use the “ip rip v2-broadcast”. To configure unicast updates we set the interface as passive under RIP, then configure static neighbor statements.

Task six:
6. Make R4 prefer the path through R2 to get to R1′s loopback. Ensure that R4 will failover to R3′s path if R2 is down.

Config:

R3(config)#ip access-list st R1-Loopback
R3(config-std-nacl)#permit 1.0.0.0
R3(config-std-nacl)#exit
R3(config)#router rip
R3(config-router)# offset-list R1-Loopback out 5 FastEthernet0/0
 
(R2's fa0/0 up)
R4#sh ip route rip
R    1.0.0.0/8 [120/2] via 10.2.2.2, 00:00:37, FastEthernet0/0
 
(R2's fa0/0 is down)
R4#sh ip route rip
R    1.0.0.0/8 [120/7] via 10.2.2.3, 00:00:07, FastEthernet0/0

We configured an ACL to match R1′s loopback network, we are adding 5 to the metric (hop count) when adveritsing out fa0/0. We see that the path through R2 is chosen, when we shut R2′s fa0/0 port we see it failover to the path through R3.

Here’s the .net file:
The Dynagen/GNS3 .net file
(you will need to change the paths to make it work)

Colby

Colby Glass has been in IT since 2002. He is currently a Systems Engineer (presales) with a Cisco Gold partner and holds the CCNP R/S, CCNP DC, CCDP, CCIP, JNCIA-ER.

More Posts