Configure RIP

RIP is a distance-vector routing protocol that uses hop count as the metric for path selection.

Procedure

Step 1

Choose Devices > Device Management, and edit the threat defense device.

Step 2

Select Routing.

Step 3

Select RIP from the table of contents.

Step 4

Check the Enable RIP check box to configure the RIP settings.

Step 5

Choose the RIP versions for sending and receiving RIP updates from the RIP Version drop-down list.

Step 6

(Optional) Check the Generate Default Route check box to generate a default route for distribution, based on the route map that you specify.

  1. Specify a route map name to use for generating default routes, in the Route Map field.

    The default route 0.0.0.0/0 is generated for distribution over a certain interface , when the route map, specified in the Route Map field, is present.

Step 7

When Send and Receive Version 2 is the chosen RIP Version, the Enable Auto Summary option is available. When the Enable Auto Summary check box is checked, automatic route summarization is enabled. Disable automatic summarization if you must perform routing between disconnected subnets. When automatic summarization is disabled, subnets are advertised.

Note

RIP Version 1 always uses automatic summarization—you cannot disable it.

Step 8

Click Networks. Define one or more networks for RIP routing. Enter IP address(es), or enter or select the desired Network/Hosts objects. There is no limit to the number of networks you can add to the security appliance configuration. Any interface that belongs to a network defined by this command, will participate in the RIP routing process. The RIP routing updates will be sent and received only through interfaces on the specified networks. Also, if the network of an interface is not specified, the interface will not be advertised in any RIP updates.

Note

RIP only supports IPv4 objects.

Step 9

(Optional) Click Passive Interface. Use this option to specify passive interfaces on the appliance, and by extension the active interfaces. The device listens for RIP routing broadcasts on passive interfaces, using that information to populate its routing tables, but does not broadcast routing updates on passive interfaces. Interfaces that are not designated as passive, receive and send updates.

Step 10

Click Redistribution to manage redistribution routes. These are the routes that are being redistributed from other routing processes into the RIP routing process.

  1. Click Add to specify redistribution routes.

  2. Choose the routing protocol to redistribute into the RIP routing process, in the Protocol drop-down list.

    Note

    For the OSPF protocol, specify a process ID. Similarly, specify an AS path for BGP. When you choose the Connected option in the Protocol drop-down list, you can redistribute, directly connected networks into the RIP routing process.

  3. (Optional) If you are redistributing OSPF routes into the RIP routing process, you can select specific types of OSPF routes to redistribute in the Match drop-down list . Ctrl-click to select multiple types:

    • Internal – Routes internal to the autonomous system (AS) are redistributed.

    • External 1 – Type 1 routes external to the AS are redistributed.

    • External 2 – Type 2 routes external to the AS are redistributed.

    • NSSA External 1 – Type 1 routes external to a not-so-stubby area (NSSA) are redistributed.

    • NSSA External 2 – Type 2 routes external to an NSSA are redistributed

    Note

    The default is match Internal, External 1, and External 2

  4. Select the RIP metric type to apply to the redistributed routes in the Metric drop-down list. The two choices are:

    • Transparent – Use the current route metric

    • Specified Value – Assign a specific metric value. Enter a specific value from 0-16, in the Metric Value field.

    • None – No metric is specified. Do not use any metric value, to apply to redistributed routes.

    Note

    None option is applicable only for Static and Connected protocols.

  5. (Optional) Enter the name of a route map that must be satisfied, in the Route Map field before the route can be redistributed into the RIP routing process. Routes are redistributed only if IP address matches an allow statement in the route map address list. To create a new route map object, click Add (add icon). See Configure Route Map Entry for the procedure to add a new route map.

  6. Click OK.

Step 11

(Optional) Click Filtering to manage filters for the RIP policy. In this section, filters are used to prevent routing updates through an interface, control the advertising of routes in routing updates, control the processing of routing updates and filtering sources of routing updates.

  1. Click Add to add RIP filters.

  2. Select the type of traffic to be filtered - Inbound or Outbound in the Traffic Direction field.

    Note

    If traffic direction is inbound, you can only define an Interface filter.

  3. Specify whether the filter is based on an Interface or a Route, by selecting appropriate in the Filter On field. If you click Interface, enter or choose the name of the interface on which routing updates are to be filtered. If you click Route, choose the route type:

    • Static – Only static routes are filtered.

    • Connected – Only connected routes are filtered.

    • OSPF – Only OSPFv2 routes discovered by the specified OSPF process are filtered. Enter the Process ID of the OSPF process to be filtered.

    • BGP – Only BGPv4 routes discovered by the specified BGP process are filtered. Enter the AS path of the BGP process to be filtered.

  4. In the Access List field, enter or choose the name of one or more access control lists (ACLs) that define the networks to be allowed or removed from RIP route advertisements. To add a new standard access list object, click Add (add icon) and see Configure Standard ACL Objects.

  5. Click OK.

Step 12

(Optional) Click Broadcast to add or edit interface configurations. Using Broadcast, you can override the global RIP versions to send or receive per interface. You can also define the authentication parameters per interface if you want to implement authentication to ensure valid RIP updates.

  1. Click Add to add interface configurations.

  2. Enter or choose an interface defined on this appliance in the Interface field.

  3. In the Send option, select the appropriate boxes to specify sending updates using the RIP Version 1, Version 2, or both. These options let you override, for the specified interface, the global Send versions specified .

  4. In the Receive option, select the appropriate boxes to specify accepting updates using the RIP Version 1, Version 2, or both. These options let you override, for the specified interface, the global Receive versions specified .

  5. Select the Authentication used on this interface for RIP broadcasts.

    • None – No authentication

    • MD5 – Employ MD5

    • Clear Text – Employ clear-text authentication

    If you choose MD5 or Clear Text, you must also provide the following authentication parameters.

    • Key ID – The ID of the authentication key. Valid values are from 0 to 255.

    • Key – The key used by the chosen authentication method. Can contain up to 16 characters

    • Confirm – Enter the authentication key again, to confirm

  6. Click OK.