Question & Answer
Question
What kind of authentication for routing update security does OMPROUTE support for Routing Information Protocol (RIP) ?
Answer
RFC2328 for OSPF describes three Authentication_Types:
1 Specifies a specific type of encryption (for example, MD5)
2 PASSWORD
3 NONE
For RIP Version 1 (RIPv1), OMPROUTE does not support authentication for routing update security.
RIP Version 2 (RIPv2) provides authentication for routing updates. Configure authentication keys to include them in outgoing RIPv2 packets. Incoming RIPv2 packets are checked against the configured keys.
For RIPv2, the only supported authentication type is PASSWORD (RFC1388). OMPROUTE does not support RIP protocol with MD5 authentication. No Authentication_Type parameter is on the RIP_INTERFACE statement because password authentication is assumed.
On the RIP_INTERFACE statement, code both of the following:
- Receive_RIP=RIP2
- Authentication_Key=key
To ensure that only authenticated RIP packets can be received over the interface, code both Receive_RIP=RIP2 and Authentication_Key=key. Make sure the RIP neighbors that send the RIP packets to OMPROUTE use the matching authentication keys. Any RIP packet received over an interface that has a mismatched authentication key will be rejected.
To enable these changes, restart OMPROUTE.
You should see authentication enabled in the output from any of the following commands:
- DISPLAY TCPIP,tcpipjobname,OMPROUTE,RIP,LIST,ALL
- DISPLAY TCPIP,tcpipjobname,OMPROUTE,RIP,LIST,InterFaceS
- DISPLAY TCPIP,tcpipjobname,OMPROUTE,RIP,InterFace,NAME=if_name
- F procname,RIP,LIST,ALL
- F procname,RIP,LIST,InterFaceS
- F procname,RIP,LIST,InterFace,NAME=if_name
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21687932