Select Page

RIP v2 | AuthenticatioN

RIPv2 |Authentication

  • RIPv2 provides authentication support so that RIP links can require authentication keys (passwords) before they become active.
  • Authentication keys can be specified in either plain-text or MD5 form. Authentication requires all routers within the RIP network or subnetwork to have the same authentication type and key (password) configured. This type of authentication is not supported on RIPv1 networks.

Juniper vMX 14 & EVE-NG Pro is used for this lab.

 Devices Configuration: 

[email protected]> show configuration |display set 
set version 14.1R4.8
set system host-name R1
set system root-authentication encrypted-password "$1$i6h.nKUh$5bQWDubZp8cXy0Rv.ibOb."
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set interfaces ge-0/0/0 unit 0 family inet address 12.12.12.1/24
set protocols rip traceoptions file R1-log
set protocols rip traceoptions flag all
set protocols rip group RIP neighbor ge-0/0/0.0 authentication-type md5
set protocols rip group RIP neighbor ge-0/0/0.0 authentication-key "$9$9JRGt01Srv7-wRh-wYgUD9Ap0Rh"
[email protected]> show configuration |display set 
set version 14.1R4.8
set system host-name R2
set system root-authentication encrypted-password "$1$ahpubSRm$72DnHbTKg/s3QKrq4t9ky/"
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set interfaces ge-0/0/0 unit 0 family inet address 12.12.12.2/24
set interfaces lo0 unit 2 family inet address 2.2.2.2/24
set protocols rip group RIP export R2-loop
set protocols rip group RIP neighbor ge-0/0/0.0 authentication-type md5
set protocols rip group RIP neighbor ge-0/0/0.0 authentication-key "$9$c54rKWNdsJGiLxGik.zFcylKLx"
set policy-options policy-statement R2-loop term t1 from protocol direct
set policy-options policy-statement R2-loop term t1 then accept
— Configuration | Verification —

— RIP Neighbor:

  –SIMPLE AUTH–
   R1:
   set protocols rip group RIP neighbor ge-0/0/0.0 authentication-type simple
   set protocols rip group RIP neighbor ge-0/0/0.0 authentication-key “$9$9JRGt01Srv7-wRh-wYgUD9Ap0Rh”

  R2:
  set protocols rip group RIP neighbor ge-0/0/0.0 authentication-type simple
  set protocols rip group RIP neighbor ge-0/0/0.0 authentication-key “$9$c54rKWNdsJGiLxGik.zFcylKLx”

  –MD5 AUTH–
  R1:
  set protocols rip group RIP neighbor ge-0/0/0.0 authentication-type md5
  set protocols rip group RIP neighbor ge-0/0/0.0 authentication-key “$9$9JRGt01Srv7-wRh-wYgUD9Ap0Rh”

  R2:
  set protocols rip group RIP neighbor ge-0/0/0.0 authentication-type md5
  set protocols rip group RIP neighbor ge-0/0/0.0 authentication-key “$9$c54rKWNdsJGiLxGik.zFcylKLx”

  Note: Use either basic authentication or MD5 authentication.

 

[email protected]> show log R1-log |match auth 
May 21 23:15:59.212276 RIPv2 authentication for neighbor ge-0/0/0.0 changed

[email protected]> show rip neighbor    
                  Local  Source          Destination     Send   Receive   In
Neighbor          State  Address         Address         Mode   Mode     Met 
--------          -----  -------         -----------     ----   -------  --- 
ge-0/0/0.0           Up 12.12.12.1      224.0.0.9       mcast  both       1

[email protected]> show rip neighbor 
                  Local  Source          Destination     Send   Receive   In
Neighbor          State  Address         Address         Mode   Mode     Met 
--------          -----  -------         -----------     ----   -------  --- 
ge-0/0/0.0           Up 12.12.12.2      224.0.0.9       mcast  both       1

[email protected]# show protocols 
rip {
    traceoptions {
        file R1-log;
        flag all;
    }
    group RIP {
        neighbor ge-0/0/0.0 {
            authentication-type md5;
            authentication-key "$9$9JRGt01Srv7-wRh-wYgUD9Ap0Rh"; ## SECRET-DATA
        }
    }
}

[email protected]# show protocols 
rip {
    group RIP {
        export R2-loop;
        neighbor ge-0/0/0.0 {
            authentication-type md5;
            authentication-key "$9$c54rKWNdsJGiLxGik.zFcylKLx"; ## SECRET-DATA
        }
    }
}

[edit]
[email protected]# show policy-options 
policy-statement R2-loop {
    term t1 {
        from protocol direct;
        then accept;
    }
}

[email protected]> show rip statistics 
RIPv2 info: port 520; holddown 120s. 
    rts learned  rts held down  rqsts dropped  resps dropped
              1              0              0              0

ge-0/0/0.0:  1 routes learned; 0 routes advertised; timeout 180s; update interval 30s
Counter                         Total   Last 5 min  Last minute
-------                   -----------  -----------  -----------
Updates Sent                        0            0            0
Triggered Updates Sent              0            0            0
Responses Sent                      0            0            0
Bad Messages                        0            0            0
RIPv1 Updates Received              0            0            0
RIPv1 Bad Route Entries             0            0            0
RIPv1 Updates Ignored               0            0            0
RIPv2 Updates Received             29           11            2
RIPv2 Bad Route Entries             0            0            0
RIPv2 Updates Ignored               0            0            0
Authentication Failures             7            0            0
RIP Requests Received               1            0            0
RIP Requests Ignored                0            0            0
RIP Update Acks Received            0            0            0

 

Share on print
Print
Share on google
Google+
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Training individuals to equip with cutting-edge technologies & Certifications.

 

The Juniper All-Access | Reading List

Leave a reply

Your email address will not be published. Required fields are marked *

ADENTECH guides

We love to help.

Get our newsletter, join the community: