ripd.texi 22 KB

  1. @c -*-texinfo-*-
  2. @c This is part of the Quagga Manual.
  3. @c @value{COPYRIGHT_STR}
  4. @c See file quagga.texi for copying conditions.
  5. @node RIP
  6. @chapter RIP
  7. RIP -- Routing Information Protocol is widely deployed interior gateway
  8. protocol. RIP was developed in the 1970s at Xerox Labs as part of the
  9. XNS routing protocol. RIP is a @dfn{distance-vector} protocol and is
  10. based on the @dfn{Bellman-Ford} algorithms. As a distance-vector
  11. protocol, RIP router send updates to its neighbors periodically, thus
  12. allowing the convergence to a known topology. In each update, the
  13. distance to any given network will be broadcasted to its neighboring
  14. router.
  15. @command{ripd} supports RIP version 2 as described in RFC2453 and RIP
  16. version 1 as described in RFC1058.
  17. @menu
  18. * Starting and Stopping ripd::
  19. * RIP Configuration::
  20. * RIP Version Control::
  21. * How to Announce RIP route::
  22. * Filtering RIP Routes::
  23. * RIP Metric Manipulation::
  24. * RIP distance::
  25. * RIP route-map::
  26. * RIP Authentication::
  27. * RIP Timers::
  28. * Show RIP Information::
  29. * RIP Debug Commands::
  30. @end menu
  31. @node Starting and Stopping ripd
  32. @section Starting and Stopping ripd
  33. The default configuration file name of @command{ripd}'s is
  34. @file{ripd.conf}. When invocation @command{ripd} searches directory
  35. @value{INSTALL_PREFIX_ETC}. If @file{ripd.conf} is not there next
  36. search current directory.
  37. RIP uses UDP port 520 to send and receive RIP packets. So the user must have
  38. the capability to bind the port, generally this means that the user must
  39. have superuser privileges. RIP protocol requires interface information
  40. maintained by @command{zebra} daemon. So running @command{zebra}
  41. is mandatory to run @command{ripd}. Thus minimum sequence for running
  42. RIP is like below:
  43. @example
  44. @group
  45. # zebra -d
  46. # ripd -d
  47. @end group
  48. @end example
  49. Please note that @command{zebra} must be invoked before @command{ripd}.
  50. To stop @command{ripd}. Please use @command{kill `cat
  51. /var/run/`}. Certain signals have special meaningss to @command{ripd}.
  52. @table @samp
  53. @item SIGHUP
  54. Reload configuration file @file{ripd.conf}. All configurations are
  55. reseted. All routes learned so far are cleared and removed from routing
  56. table.
  57. @item SIGUSR1
  58. Rotate @command{ripd} logfile.
  59. @item SIGINT
  60. @itemx SIGTERM
  61. @command{ripd} sweeps all installed RIP routes then terminates properly.
  62. @end table
  63. @command{ripd} invocation options. Common options that can be specified
  64. (@pxref{Common Invocation Options}).
  65. @table @samp
  66. @item -r
  67. @itemx --retain
  68. When the program terminates, retain routes added by @command{ripd}.
  69. @end table
  70. @menu
  71. * RIP netmask::
  72. @end menu
  73. @node RIP netmask
  74. @subsection RIP netmask
  75. The netmask features of @command{ripd} support both version 1 and version 2 of
  76. RIP. Version 1 of RIP originally contained no netmask information. In
  77. RIP version 1, network classes were originally used to determine the
  78. size of the netmask. Class A networks use 8 bits of mask, Class B
  79. networks use 16 bits of masks, while Class C networks use 24 bits of
  80. mask. Today, the most widely used method of a network mask is assigned
  81. to the packet on the basis of the interface that received the packet.
  82. Version 2 of RIP supports a variable length subnet mask (VLSM). By
  83. extending the subnet mask, the mask can be divided and reused. Each
  84. subnet can be used for different purposes such as large to middle size
  85. LANs and WAN links. Quagga @command{ripd} does not support the non-sequential
  86. netmasks that are included in RIP Version 2.
  87. In a case of similar information with the same prefix and metric, the
  88. old information will be suppressed. Ripd does not currently support
  89. equal cost multipath routing.
  90. @node RIP Configuration
  91. @section RIP Configuration
  92. @deffn Command {router rip} {}
  93. The @code{router rip} command is necessary to enable RIP. To disable
  94. RIP, use the @code{no router rip} command. RIP must be enabled before
  95. carrying out any of the RIP commands.
  96. @end deffn
  97. @deffn Command {no router rip} {}
  98. Disable RIP.
  99. @end deffn
  100. @deffn {RIP Command} {network @var{network}} {}
  101. @deffnx {RIP Command} {no network @var{network}} {}
  102. Set the RIP enable interface by @var{network}. The interfaces which
  103. have addresses matching with @var{network} are enabled.
  104. This group of commands either enables or disables RIP interfaces between
  105. certain numbers of a specified network address. For example, if the
  106. network for is RIP enabled, this would result in all the
  107. addresses from to being enabled for RIP. The @code{no
  108. network} command will disable RIP for the specified network.
  109. @end deffn
  110. @deffn {RIP Command} {network @var{ifname}} {}
  111. @deffnx {RIP Command} {no network @var{ifname}} {}
  112. Set a RIP enabled interface by @var{ifname}. Both the sending and
  113. receiving of RIP packets will be enabled on the port specified in the
  114. @code{network ifname} command. The @code{no network ifname} command will disable
  115. RIP on the specified interface.
  116. @end deffn
  117. @deffn {RIP Command} {neighbor @var{a.b.c.d}} {}
  118. @deffnx {RIP Command} {no neighbor @var{a.b.c.d}} {}
  119. Specify RIP neighbor. When a neighbor doesn't understand multicast,
  120. this command is used to specify neighbors. In some cases, not all
  121. routers will be able to understand multicasting, where packets are sent
  122. to a network or a group of addresses. In a situation where a neighbor
  123. cannot process multicast packets, it is necessary to establish a direct
  124. link between routers. The neighbor command allows the network
  125. administrator to specify a router as a RIP neighbor. The @code{no
  126. neighbor a.b.c.d} command will disable the RIP neighbor.
  127. @end deffn
  128. Below is very simple RIP configuration. Interface @code{eth0} and
  129. interface which address match to @code{} are RIP enabled.
  130. @example
  131. @group
  132. !
  133. router rip
  134. network
  135. network eth0
  136. !
  137. @end group
  138. @end example
  139. Passive interface
  140. @deffn {RIP command} {passive-interface (@var{IFNAME}|default)} {}
  141. @deffnx {RIP command} {no passive-interface @var{IFNAME}} {}
  142. This command sets the specified interface to passive mode. On passive mode
  143. interface, all receiving packets are processed as normal and ripd does
  144. not send either multicast or unicast RIP packets except to RIP neighbors
  145. specified with @code{neighbor} command. The interface may be specified
  146. as @var{default} to make ripd default to passive on all interfaces.
  147. The default is to be passive on all interfaces.
  148. @end deffn
  149. RIP split-horizon
  150. @deffn {Interface command} {ip split-horizon} {}
  151. @deffnx {Interface command} {no ip split-horizon} {}
  152. Control split-horizon on the interface. Default is @code{ip
  153. split-horizon}. If you don't perform split-horizon on the interface,
  154. please specify @code{no ip split-horizon}.
  155. @end deffn
  156. @node RIP Version Control
  157. @section RIP Version Control
  158. RIP can be configured to send either Version 1 or Version 2 packets.
  159. The default is to send RIPv2 while accepting both RIPv1 and RIPv2 (and
  160. replying with packets of the appropriate version for REQUESTS /
  161. triggered updates). The version to receive and send can be specified
  162. globally, and further overriden on a per-interface basis if needs be
  163. for send and receive seperately (see below).
  164. It is important to note that RIPv1 can not be authenticated. Further,
  165. if RIPv1 is enabled then RIP will reply to REQUEST packets, sending the
  166. state of its RIP routing table to any remote routers that ask on
  167. demand. For a more detailed discussion on the security implications of
  168. RIPv1 see @ref{RIP Authentication}.
  169. @deffn {RIP Command} {version @var{version}} {}
  170. Set RIP version to accept for reads and send. @var{version}
  171. can be either `1'' or `2''.
  172. Disabling RIPv1 by specifying version 2 is STRONGLY encouraged,
  173. @xref{RIP Authentication}. This may become the default in a future
  174. release.
  175. Default: Send Version 2, and accept either version.
  176. @end deffn
  177. @deffn {RIP Command} {no version} {}
  178. Reset the global version setting back to the default.
  179. @end deffn
  180. @deffn {Interface command} {ip rip send version @var{version}} {}
  181. @var{version} can be `1', `2' or `1 2'.
  182. This interface command overrides the global rip version setting, and
  183. selects which version of RIP to send packets with, for this interface
  184. specifically. Choice of RIP Version 1, RIP Version 2, or both versions.
  185. In the latter case, where `1 2' is specified, packets will be both
  186. broadcast and multicast.
  187. Default: Send packets according to the global version (version 2)
  188. @end deffn
  189. @deffn {Interface command} {ip rip receive version @var{version}} {}
  190. @var{version} can be `1', `2' or `1 2'.
  191. This interface command overrides the global rip version setting, and
  192. selects which versions of RIP packets will be accepted on this
  193. interface. Choice of RIP Version 1, RIP Version 2, or both.
  194. Default: Accept packets according to the global setting (both 1 and 2).
  195. @end deffn
  196. @node How to Announce RIP route
  197. @section How to Announce RIP route
  198. @deffn {RIP command} {redistribute kernel} {}
  199. @deffnx {RIP command} {redistribute kernel metric <0-16>} {}
  200. @deffnx {RIP command} {redistribute kernel route-map @var{route-map}} {}
  201. @deffnx {RIP command} {no redistribute kernel} {}
  202. @code{redistribute kernel} redistributes routing information from
  203. kernel route entries into the RIP tables. @code{no redistribute kernel}
  204. disables the routes.
  205. @end deffn
  206. @deffn {RIP command} {redistribute static} {}
  207. @deffnx {RIP command} {redistribute static metric <0-16>} {}
  208. @deffnx {RIP command} {redistribute static route-map @var{route-map}} {}
  209. @deffnx {RIP command} {no redistribute static} {}
  210. @code{redistribute static} redistributes routing information from
  211. static route entries into the RIP tables. @code{no redistribute static}
  212. disables the routes.
  213. @end deffn
  214. @deffn {RIP command} {redistribute connected} {}
  215. @deffnx {RIP command} {redistribute connected metric <0-16>} {}
  216. @deffnx {RIP command} {redistribute connected route-map @var{route-map}} {}
  217. @deffnx {RIP command} {no redistribute connected} {}
  218. Redistribute connected routes into the RIP tables. @code{no
  219. redistribute connected} disables the connected routes in the RIP tables.
  220. This command redistribute connected of the interface which RIP disabled.
  221. The connected route on RIP enabled interface is announced by default.
  222. @end deffn
  223. @deffn {RIP command} {redistribute ospf} {}
  224. @deffnx {RIP command} {redistribute ospf metric <0-16>} {}
  225. @deffnx {RIP command} {redistribute ospf route-map @var{route-map}} {}
  226. @deffnx {RIP command} {no redistribute ospf} {}
  227. @code{redistribute ospf} redistributes routing information from
  228. ospf route entries into the RIP tables. @code{no redistribute ospf}
  229. disables the routes.
  230. @end deffn
  231. @deffn {RIP command} {redistribute bgp} {}
  232. @deffnx {RIP command} {redistribute bgp metric <0-16>} {}
  233. @deffnx {RIP command} {redistribute bgp route-map @var{route-map}} {}
  234. @deffnx {RIP command} {no redistribute bgp} {}
  235. @code{redistribute bgp} redistributes routing information from
  236. bgp route entries into the RIP tables. @code{no redistribute bgp}
  237. disables the routes.
  238. @end deffn
  239. If you want to specify RIP only static routes:
  240. @deffn {RIP command} {default-information originate} {}
  241. @end deffn
  242. @deffn {RIP command} {route @var{a.b.c.d/m}} {}
  243. @deffnx {RIP command} {no route @var{a.b.c.d/m}} {}
  244. This command is specific to Quagga. The @code{route} command makes a static
  245. route only inside RIP. This command should be used only by advanced
  246. users who are particularly knowledgeable about the RIP protocol. In
  247. most cases, we recommend creating a static route in Quagga and
  248. redistributing it in RIP using @code{redistribute static}.
  249. @end deffn
  250. @node Filtering RIP Routes
  251. @section Filtering RIP Routes
  252. RIP routes can be filtered by a distribute-list.
  253. @deffn Command {distribute-list @var{access_list} @var{direct} @var{ifname}} {}
  254. You can apply access lists to the interface with a @code{distribute-list}
  255. command. @var{access_list} is the access list name. @var{direct} is
  256. @samp{in} or @samp{out}. If @var{direct} is @samp{in} the access list
  257. is applied to input packets.
  258. The @code{distribute-list} command can be used to filter the RIP path.
  259. @code{distribute-list} can apply access-lists to a chosen interface.
  260. First, one should specify the access-list. Next, the name of the
  261. access-list is used in the distribute-list command. For example, in the
  262. following configuration @samp{eth0} will permit only the paths that
  263. match the route
  264. @example
  265. @group
  266. !
  267. router rip
  268. distribute-list private in eth0
  269. !
  270. access-list private permit 10
  271. access-list private deny any
  272. !
  273. @end group
  274. @end example
  275. @end deffn
  276. @code{distribute-list} can be applied to both incoming and outgoing data.
  277. @deffn Command {distribute-list prefix @var{prefix_list} (in|out) @var{ifname}} {}
  278. You can apply prefix lists to the interface with a
  279. @code{distribute-list} command. @var{prefix_list} is the prefix list
  280. name. Next is the direction of @samp{in} or @samp{out}. If
  281. @var{direct} is @samp{in} the access list is applied to input packets.
  282. @end deffn
  283. @node RIP Metric Manipulation
  284. @section RIP Metric Manipulation
  285. RIP metric is a value for distance for the network. Usually
  286. @command{ripd} increment the metric when the network information is
  287. received. Redistributed routes' metric is set to 1.
  288. @deffn {RIP command} {default-metric <1-16>} {}
  289. @deffnx {RIP command} {no default-metric <1-16>} {}
  290. This command modifies the default metric value for redistributed routes. The
  291. default value is 1. This command does not affect connected route
  292. even if it is redistributed by @command{redistribute connected}. To modify
  293. connected route's metric value, please use @command{redistribute
  294. connected metric} or @command{route-map}. @command{offset-list} also
  295. affects connected routes.
  296. @end deffn
  297. @deffn {RIP command} {offset-list @var{access-list} (in|out)} {}
  298. @deffnx {RIP command} {offset-list @var{access-list} (in|out) @var{ifname}} {}
  299. @end deffn
  300. @node RIP distance
  301. @section RIP distance
  302. Distance value is used in zebra daemon. Default RIP distance is 120.
  303. @deffn {RIP command} {distance <1-255>} {}
  304. @deffnx {RIP command} {no distance <1-255>} {}
  305. Set default RIP distance to specified value.
  306. @end deffn
  307. @deffn {RIP command} {distance <1-255> @var{A.B.C.D/M}} {}
  308. @deffnx {RIP command} {no distance <1-255> @var{A.B.C.D/M}} {}
  309. Set default RIP distance to specified value when the route's source IP
  310. address matches the specified prefix.
  311. @end deffn
  312. @deffn {RIP command} {distance <1-255> @var{A.B.C.D/M} @var{access-list}} {}
  313. @deffnx {RIP command} {no distance <1-255> @var{A.B.C.D/M} @var{access-list}} {}
  314. Set default RIP distance to specified value when the route's source IP
  315. address matches the specified prefix and the specified access-list.
  316. @end deffn
  317. @node RIP route-map
  318. @section RIP route-map
  319. Usage of @command{ripd}'s route-map support.
  320. Optional argument route-map MAP_NAME can be added to each @code{redistribute}
  321. statement.
  322. @example
  323. redistribute static [route-map MAP_NAME]
  324. redistribute connected [route-map MAP_NAME]
  325. .....
  326. @end example
  327. Cisco applies route-map _before_ routes will exported to rip route table.
  328. In current Quagga's test implementation, @command{ripd} applies route-map
  329. after routes are listed in the route table and before routes will be
  330. announced to an interface (something like output filter). I think it is not
  331. so clear, but it is draft and it may be changed at future.
  332. Route-map statement (@pxref{Route Map}) is needed to use route-map
  333. functionality.
  334. @deffn {Route Map} {match interface @var{word}} {}
  335. This command match to incoming interface. Notation of this match is
  336. different from Cisco. Cisco uses a list of interfaces - NAME1 NAME2
  337. ... NAMEN. Ripd allows only one name (maybe will change in the
  338. future). Next - Cisco means interface which includes next-hop of
  339. routes (it is somewhat similar to "ip next-hop" statement). Ripd
  340. means interface where this route will be sent. This difference is
  341. because "next-hop" of same routes which sends to different interfaces
  342. must be different. Maybe it'd be better to made new matches - say
  343. "match interface-out NAME" or something like that.
  344. @end deffn
  345. @deffn {Route Map} {match ip address @var{word}} {}
  346. @deffnx {Route Map} {match ip address prefix-list @var{word}} {}
  347. Match if route destination is permitted by access-list.
  348. @end deffn
  349. @deffn {Route Map} {match ip next-hop @var{word}} {}
  350. @deffnx {Route Map} {match ip next-hop prefix-list @var{word}} {}
  351. Match if route next-hop (meaning next-hop listed in the rip route-table
  352. as displayed by "show ip rip") is permitted by access-list.
  353. @end deffn
  354. @deffn {Route Map} {match metric <0-4294967295>} {}
  355. This command match to the metric value of RIP updates. For other
  356. protocol compatibility metric range is shown as <0-4294967295>. But
  357. for RIP protocol only the value range <0-16> make sense.
  358. @end deffn
  359. @deffn {Route Map} {set ip next-hop A.B.C.D} {}
  360. This command set next hop value in RIPv2 protocol. This command does
  361. not affect RIPv1 because there is no next hop field in the packet.
  362. @end deffn
  363. @deffn {Route Map} {set metric <0-4294967295>} {}
  364. Set a metric for matched route when sending announcement. The metric
  365. value range is very large for compatibility with other protocols. For
  366. RIP, valid metric values are from 1 to 16.
  367. @end deffn
  368. @node RIP Authentication
  369. @section RIP Authentication
  370. RIPv2 allows packets to be authenticated via either an insecure plain
  371. text password, included with the packet, or via a more secure MD5 based
  372. @acronym{HMAC, keyed-Hashing for Message AuthentiCation},
  373. RIPv1 can not be authenticated at all, thus when authentication is
  374. configured @code{ripd} will discard routing updates received via RIPv1
  375. packets.
  376. However, unless RIPv1 reception is disabled entirely,
  377. @xref{RIP Version Control}, RIPv1 REQUEST packets which are received,
  378. which query the router for routing information, will still be honoured
  379. by @code{ripd}, and @code{ripd} WILL reply to such packets. This allows
  380. @code{ripd} to honour such REQUESTs (which sometimes is used by old
  381. equipment and very simple devices to bootstrap their default route),
  382. while still providing security for route updates which are received.
  383. In short: Enabling authentication prevents routes being updated by
  384. unauthenticated remote routers, but still can allow routes (I.e. the
  385. entire RIP routing table) to be queried remotely, potentially by anyone
  386. on the internet, via RIPv1.
  387. To prevent such unauthenticated querying of routes disable RIPv1,
  388. @xref{RIP Version Control}.
  389. @deffn {Interface command} {ip rip authentication mode md5} {}
  390. @deffnx {Interface command} {no ip rip authentication mode md5} {}
  391. Set the interface with RIPv2 MD5 authentication.
  392. @end deffn
  393. @deffn {Interface command} {ip rip authentication mode text} {}
  394. @deffnx {Interface command} {no ip rip authentication mode text} {}
  395. Set the interface with RIPv2 simple password authentication.
  396. @end deffn
  397. @deffn {Interface command} {ip rip authentication string @var{string}} {}
  398. @deffnx {Interface command} {no ip rip authentication string @var{string}} {}
  399. RIP version 2 has simple text authentication. This command sets
  400. authentication string. The string must be shorter than 16 characters.
  401. @end deffn
  402. @deffn {Interface command} {ip rip authentication key-chain @var{key-chain}} {}
  403. @deffnx {Interface command} {no ip rip authentication key-chain @var{key-chain}} {}
  404. Specifiy Keyed MD5 chain.
  405. @end deffn
  406. @example
  407. !
  408. key chain test
  409. key 1
  410. key-string test
  411. !
  412. interface eth1
  413. ip rip authentication mode md5
  414. ip rip authentication key-chain test
  415. !
  416. @end example
  417. @node RIP Timers
  418. @section RIP Timers
  419. @deffn {RIP command} {timers basic @var{update} @var{timeout} @var{garbage}} {}
  420. RIP protocol has several timers. User can configure those timers' values
  421. by @code{timers basic} command.
  422. The default settings for the timers are as follows:
  423. @itemize @bullet
  424. @item
  425. The update timer is 30 seconds. Every update timer seconds, the RIP
  426. process is awakened to send an unsolicited Response message containing
  427. the complete routing table to all neighboring RIP routers.
  428. @item
  429. The timeout timer is 180 seconds. Upon expiration of the timeout, the
  430. route is no longer valid; however, it is retained in the routing table
  431. for a short time so that neighbors can be notified that the route has
  432. been dropped.
  433. @item
  434. The garbage collect timer is 120 seconds. Upon expiration of the
  435. garbage-collection timer, the route is finally removed from the routing
  436. table.
  437. @end itemize
  438. The @code{timers basic} command allows the the default values of the timers
  439. listed above to be changed.
  440. @end deffn
  441. @deffn {RIP command} {no timers basic} {}
  442. The @code{no timers basic} command will reset the timers to the default
  443. settings listed above.
  444. @end deffn
  445. @node Show RIP Information
  446. @section Show RIP Information
  447. To display RIP routes.
  448. @deffn Command {show ip rip} {}
  449. Show RIP routes.
  450. @end deffn
  451. The command displays all RIP routes. For routes that are received
  452. through RIP, this command will display the time the packet was sent and
  453. the tag information. This command will also display this information
  454. for routes redistributed into RIP.
  455. @c Exmaple here.
  456. @deffn Command {show ip rip status} {}
  457. The command displays current RIP status. It includes RIP timer,
  458. filtering, version, RIP enabled interface and RIP peer inforation.
  459. @end deffn
  460. @example
  461. @group
  462. ripd> @b{show ip rip status}
  463. Routing Protocol is "rip"
  464. Sending updates every 30 seconds with +/-50%, next due in 35 seconds
  465. Timeout after 180 seconds, garbage collect after 120 seconds
  466. Outgoing update filter list for all interface is not set
  467. Incoming update filter list for all interface is not set
  468. Default redistribution metric is 1
  469. Redistributing: kernel connected
  470. Default version control: send version 2, receive version 2
  471. Interface Send Recv
  472. Routing for Networks:
  473. eth0
  474. eth1
  477. Routing Information Sources:
  478. Gateway BadPackets BadRoutes Distance Last Update
  479. @end group
  480. @end example
  481. @node RIP Debug Commands
  482. @section RIP Debug Commands
  483. Debug for RIP protocol.
  484. @deffn Command {debug rip events} {}
  485. Debug rip events.
  486. @end deffn
  487. @code{debug rip} will show RIP events. Sending and receiving
  488. packets, timers, and changes in interfaces are events shown with @command{ripd}.
  489. @deffn Command {debug rip packet} {}
  490. Debug rip packet.
  491. @end deffn
  492. @code{debug rip packet} will display detailed information about the RIP
  493. packets. The origin and port number of the packet as well as a packet
  494. dump is shown.
  495. @deffn Command {debug rip zebra} {}
  496. Debug rip between zebra communication.
  497. @end deffn
  498. This command will show the communication between @command{ripd} and
  499. @command{zebra}. The main information will include addition and deletion of
  500. paths to the kernel and the sending and receiving of interface information.
  501. @deffn Command {show debugging rip} {}
  502. Display @command{ripd}'s debugging option.
  503. @end deffn
  504. @code{show debugging rip} will show all information currently set for ripd
  505. debug.