Lab 7-6 – Configuring RIP Static Neighbors

In this lab you will learn how to configure Static neighbors in the Routing Information Protocol (RIP) to send updates via unicast over non-broadcast networks.

Real World Application & Core Knowledge

There is however another advantage to configuring RIP with static neighbor relationships which is added security but there is one catch!!! By default RIPv2 will send multicast updates out all interfaces specified within the range of the network command. If you configure a static neighbor; not only will that router send updates via unicast to that neighbor out the respected link. It will also send multicast updates out the same link as well. To prevent this from happening, you must utilize a feature called “Passive Interface”.

A RIP Passive Interface in a nut shell prevents the RIP routing process from sending multicast/broadcast updates out a specified interface. A RIP Passive interface however does not block unicast updates. Keep in mind a Passive Interface DOES NOT block multicast/broadcast updates therefore the router would still process received RIP updates.

So with that in mind, it’s quite common in secure networks the passive interface feature will be utilized on all interfaces and the neighbors will statically be configured to prevent RIP route snooping via Wireshark.

This lab will continue to build upon the same logical topology used previously in Lab 7-5 as shown below;

In this lab you will configure a static neighbor relationship between R1 and R2 via the Point-to-Point T1 link and verify that the neighbor relationship is indeed operating in a unicast fashion using debug ip rip events

Familiarize yourself with the following new command(s);

neighbor x.x.x.x – This command is configured in the RIP routing process to specify a static neighbor relationship and use unicast communication with that node.

passive-interface name#/# – This command is executed in RIP configuration mode to specify a specific interface as passive which prevents the advertisement of multicast/broadcast updates.

Lab Prerequisites

If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the config from the textbox and pasting it into the respected routers console.

!##################################################
!#  Free CCNA Workbook Lab 7-6 R1 Initial Config  #
!##################################################
!
enable
configure terminal
!
hostname R1
!
interface Loopback0
 description ### SIMULATED NETWORK ###
 ip address 10.70.10.1 255.255.255.0
!
interface Serial0/0
 description ### PHYSICAL FRAME RELAY INTERFACE ###
 no ip address
 encapsulation frame-relay
 serial restart-delay 0
 no frame-relay inverse-arp
!
interface Serial0/0.122 point-to-point
 description ### FRAME RELAY LINK TO R2 ###
 ip address 10.70.12.1 255.255.255.252
 frame-relay interface-dlci 122
 ip rip v2-broadcast
!
interface Serial0/0
 no shut
!
interface Serial0/1
 description ### PPP Link TO R2 ###
 ip address 10.70.21.1 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
 ip rip v2-broadcast
 clock rate 128000
 no shut
!
exit
!
router rip
 version 2
 network 10.0.0.0
 timers basic 30 40 10 60
!
end

!##################################################
!#  Free CCNA Workbook Lab 7-6 R2 Initial Config  #
!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
 description ### SIMULATED NETWORK ###
 ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
 description ### PHYSICAL FRAME RELAY INTERFACE ###
 no ip address
 encapsulation frame-relay
 serial restart-delay 0
 no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
 description ### FRAME RELAY LINK TO R1 ###
 ip address 10.70.12.2 255.255.255.252
 frame-relay interface-dlci 221
 ip rip triggered
 ip rip send version 1 2
 ip rip receive version 1 2
!
interface Serial0/0.223 point-to-point
 description ### FRAME RELAY LINK TO R3 ###
 ip address 10.70.23.1 255.255.255.252
 frame-relay interface-dlci 223
!
interface Serial0/0
 no shut
exit
!
interface Serial0/1
 description ### PPP LINK TO R1 ###
 ip address 10.70.21.2 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
 clock rate 128000
 no shut
 exit
!
router rip
 version 2
 network 10.0.0.0
 timers basic 30 40 10 60
!
end

!##################################################
!#  Free CCNA Workbook Lab 7-6 R3 Initial Config  #
!##################################################
!
enable
configure terminal
!
hostname R3
!
interface Loopback0
 description ### SIMULATED NETWORK ###
 ip address 10.70.30.1 255.255.255.0
!
interface Serial0/0
 description ### PHYSICAL FRAME RELAY INTERFACE ###
 no ip address
 encapsulation frame-relay
 serial restart-delay 0
 no frame-relay inverse-arp
!
interface Serial0/0.322 point-to-point
 description ### FRAME RELAY LINK TO R2 ###
 ip address 10.70.23.2 255.255.255.252
 frame-relay interface-dlci 322
 ip rip advertise 10
 ip rip triggered
 ip rip send version 1 2
 ip rip receive version 1 2
!
interface Serial0/0
 no shut
exit
!
router rip
 version 2
 network 10.0.0.0
 timers basic 30 40 10 60
!
end

Lab Objectives

Remove the previous RIP v2-broadcast configuration from R1′s point-to-point towards R2 and configure R2′s Point-to-Point T1 interface IP address as a static neighbor.
On R2, Configure R1′s Point-to-Point T1 interface IP as a static neighbor.
Configure both R1 and R2 to not send Multicast/Broadcast updates out the Point-to-Point T1 link.
Verify that RIP updates are being sent between R1 and R2 via Unicast using the debug ip rip events command.

Lab Instruction

Objective 1. – Remove the previous RIP v2-broadcast configuration from R1′s point-to-point towards R2 and configure a R2′s Point-to-Point T1 interface IP address as a static neighbor.

R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface Serial0/1
R1(config-subif)#no ip rip v2-broadcast
R1(config-subif)#router rip
R1(config-router)#neighbor 10.70.21.2
R1(config-router)#end
R1#

Objective 2. – On R2, Configure R1′s Point-to-Point T1 interface IP as a static neighbor.

R2>enable
R2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router rip
R2(config-router)#neighbor 10.70.21.1
R2(config-router)#end
R2#

Objective 3. – Configure both R1 and R2 to not send Multicast/Broadcast updates out the Point-to-Point T1 link.

R1#configure terminal
R1(config)#router rip
R1(config-router)#passive-interface serial0/1
R1(config-router)#end
R1#

R2#configure terminal
R2(config)#router rip
R2(config-router)#passive-interface serial0/1
R2(config-router)#end
R2#

Objective 4. – Verify that RIP updates are being sent between R1 and R2 via Unicast using the debug ip rip events command.

R1#debug ip rip events
RIP: sending v2 update to 10.70.21.2 via Serial0/1 (10.70.21.1)
RIP: Update contains 3 routes
RIP: Update queued
RIP: Update sent via Serial0/1
RIP: received v2 update from 10.70.21.2 on Serial0/1
RIP: Update contains 5 routes
R1#u all
All possible debugging has been turned off
R1#

As shown by the debug output above you can see that R1 sends a RIPv2 update to 10.70.21.2 via Serial0/1 and receives RIPv2 updates from 10.70.21.2. This shows that RIP unicast control traffic is operating as configured.

3 comments so far

Add Your Comment

acheampong said: June 30, 2010 8:49 AM

hi thks for the goods it is helping me soon much.
Eric said: August 4, 2010 3:08 PM

Great work Thanks
vinay said: February 27, 2011 7:49 AM

what happens if i use these command ip rip v2-broadcast , neighbour x.x.x.x and passive-interface se0/1 ?

u say that if we use neighbour x.x.x.x with passive-interface command then broadcast and multicast will not work so if i forgot to remove the ip rip v2-broadcast command what happends ?