IP ROUTING

three methods that can provide faster convergence when the network topology changes and prevent most loops from occurring:

Split Horizon – Never propagate routes back to an interface port from which they have been acquired.

Poison Reverse – Propagate routes back to an interface port from which they have been acquired, but set the distance-vector metrics to infinity. (This provides faster convergence.)

Triggered Updates – Whenever a route gets changed, broadcast an update message after waiting for a short random delay, but without waiting for the periodic cycle.

Protocol Message Authentication

RIPv1 is not a secure protocol. Any device sending protocol messages from UDP port 520 will be considered a router by its neighbors. Malicious or unwanted protocol messages can be easily propagated throughout the network if no authentication is required. RIPv2 supports authentication via a simple password. When a router is configured to exchange authentication messages, it will insert the password into all transmitted protocol packets, and check all received packets to ensure that they contain the authorized password. If any incoming protocol messages do not contain the correct password, they are simply dropped.

Command Attributes

VLAN – ID of configured VLAN (1-4094).

Receive Version – The RIP version to receive on an interface.

-RIPv1: Accepts only RIPv1 packets.

-RIPv2: Accepts only RIPv2 packets.

-RIPv1 or RIPv2: Accepts RIPv1 or RIPv2 packets. (Default)

-Do Not Receive: Does not accept incoming RIP packets.

(The default depends on the setting specified under RIP / General Settings, Global RIP Version: RIPv1 - RIPv1 or RIPv2 packets, RIPv2 - RIPv2 packets)

Send Version – The RIP version to send on an interface.

-RIPv1: Sends only RIPv1 packets.

3-181

Page 229
Image 229
SMC Networks SMC6724L3 manual 181, Protocol Message Authentication