Chapter 38 Configuring IP Unicast Routing

Configuring RIP

Configuring RIP Authentication

RIP Version 1 does not support authentication. If you are sending and receiving RIP Version 2 packets, you can enable RIP authentication on an interface. The key chain specifies \the set of keys that can be used on the interface. If a key chain is not configured, no authentication is performed, not even the default. Therefore, you must also perform the tasks in the “Managing Authentication Keys” section on page 38-89.

The switch supports two modes of authentication on interfaces for which RIP authentication is enabled: plain text and MD5. The default is plain text.

Beginning in privileged EXEC mode, follow these steps to configure RIP authentication on an interface:

 

Command

Purpose

Step 1

 

 

configure terminal

Enter global configuration mode.

Step 2

 

 

interface interface-id

Enter interface configuration mode, and specify the

 

 

interface to configure.

Step 3

 

 

ip rip authentication key-chain name-of-chain

Enable RIP authentication.

Step 4

 

 

ip rip authentication mode [text md5}

Configure the interface to use plain text authentication (the

 

 

default) or MD5 digest authentication.

Step 5

 

 

end

Return to privileged EXEC mode.

Step 6

 

 

show running-config interface [interface-id]

Verify your entries.

Step 7

 

 

copy running-config startup-config

(Optional) Save your entries in the configuration file.

 

 

 

To restore clear text authentication, use the no ip rip authentication mode interface configuration command. To prevent authentication, use the no ip rip authentication key-chaininterface configuration command.

Configuring Summary Addresses and Split Horizon

Routers connected to broadcast-type IP networks and using distance-vector routing protocols normally use the split-horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about routes from being advertised by a router on any interface from which that information originated. This feature usually optimizes communication among multiple routers, especially when links are broken.

Note In general, disabling split horizon is not recommended unless you are certain that your application requires it to properly advertise routes.

If you want to configure an interface running RIP to advertise a summarized local IP address pool on a network access server for dial-up clients, use the ip summary-address rip interface configuration command.

Note If split horizon is enabled, neither autosummary nor interface IP summary addresses are advertised.

 

 

Catalyst 3750-E and 3560-E Switch Software Configuration Guide

 

 

 

 

 

 

OL-9775-02

 

 

38-23

 

 

 

 

 

Page 883
Image 883
Cisco Systems 3750E manual Configuring RIP Authentication, Configuring Summary Addresses and Split Horizon, 38-23