Monday, March 28, 2011

notes: RIP Authentication

*===================================*
Authentication
*===================================*
- Only supported on RIPv2.
- Supports clear text and MD5.
- Configured using key-chains.
- RIP, unlike EIGRP does not require the same key-number on both sides.
- When configuring, order of operation is important.
- When making changes to the key-chain, first remove the config of the interface.

Steps involved
1. Define a key chain with a name.
2. Define the key or keys on the key chain.
3. Enable authentication on an interfaces and specify the key chain to be used.
4. Specify whether the interfaces will use clear text or MD5. If not specified, clear is used.
5. Optionally configure key management.

-----------
COMMANDS
-----------

Step 1: Defines a key-chain

key chain NAME

Step 2: Defines the key/s on the chain/Specifies the key-string

key 1
key-string STRING

Step 3: Enable authentication on an interfaces by using the key-chain

interface ethernet 0
ip rip authentication key-chain NAME

Step 4: Specifies whether the interfaces will use clear text or MD5

ip rip authentication mode md5

note: some version of ios you need to define accept lifetime and send lifetime. this happens when you noticed that peering is down after some time between 2 routers.

---------------------------
verification
---------------------------

show ip protocols | begin rip - Shows the key-chain in use

No comments:

Post a Comment