33
Upon receiving a message on a serial interface, RIP checks whether the source address of the message
is the IP address of the peer interface. If not, RIP discards the message.
To enable source IP address check on incoming RIP updates:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter RIP view.
rip
[
process-id
] [
vpn-instance
vpn-instance-name
]
N/A
3.
Enable source IP address
check on incoming RIP
messages.
validate-source-address
By default, this function is enabled.
Configuring RIPv2 message authentication
Perform this task to enable authentication on RIPv2 messages. This feature does not apply to RIPv1
because RIPv1 does not support authentication. Although you can specify an authentication mode for
RIPv1 in interface view, the configuration does not take effect.
RIPv2 supports two authentication modes: simple authentication and MD5 authentication.
To configure RIPv2 message authentication:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter interface view.
interface
interface-type interface-number
N/A
3.
Configure RIPv2
authentication.
rip authentication-mode
{
md5
{
rfc2082
{
cipher
cipher-string
|
plain
plain-string
}
key-id
|
rfc2453
{
cipher
cipher-string
|
plain
plain-string
} } |
simple
{
cipher
cipher-string
|
plain
plain-string
}
}
By default, RIPv2
authentication is not
configured.
Specifying a RIP neighbor
Typically RIP messages are sent in broadcast or multicast. To enable RIP on a link that does not support
broadcast or multicast, you must manually specify RIP neighbors.
Follow these guidelines when you specify a RIP neighbor:
•
Do not use the
peer
ip-address
command when the neighbor is directly connected. Otherwise, the
neighbor might receive both unicast and multicast (or broadcast) messages of the same routing
information.
•
If the specified neighbor is not directly connected, disable source address check on incoming
updates.
To specify a RIP neighbor:
Step Command
Remarks
1.
Enter system view.
system-view
N/A