Weight-of-conflict conjecture

From formulasearchengine
Revision as of 04:30, 19 March 2012 by en>Helpful Pixie Bot (ISBNs (Build J/))
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

When you earned your CCNA, you thought you learned every little thing there is to know about RIP. Close, but not quite! There are some further specifics you require to know to pass the BSCI exam and get a single step closer to the CCNP exam, and a single of these entails RIP update packet authentication.

You happen to be familiar with some positive aspects of using RIPv2 more than RIPv1, assistance for VLSM chief amongst them. We found out about mary site by searching newspapers. This interesting look into mary article has a few dazzling cautions for the purpose of this activity. But one particular benefit that you are not introduced to in your CCNA research is the potential to configure routing update packet authentication.

You have two alternatives, clear text and MD5. Clear text is just that - a clear text password that is visible by any person who can choose a packet off the wire. If you"re going to go to the difficulty of configuring update authentication, you ought to use MD5. The MD stands for "Message Digest", and this is the algorithm that generates the hash value for the password that will be contained in the update packets.

Not only have to the routers agree on the password, they should agree on the authentication strategy. If 1 router sends an MD5-hashed password to yet another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a fantastic command for troubleshooting authenticated updates.

R1, R2, and R3 are operating RIP over a frame relay cloud. Here is how RIP authentication would be configured on these 3 routers.

R1#conf t

R1(config)#important chain RIP



R1(config-keychain)#key 1

analyze lifesoulutions.net</a>. Number them carefully when using multiples.>

R1(config-keychain-key)#crucial-string CISCO



R1(config)#int s0

R1(config-if)#ip rip authentication mode text



R1(config-if)#ip rip authentication crucial-chain RIP



R2#conf t

R2(config)#key chain RIP

R2(config-keychain)#important 1

R2(config-keychain-crucial)#important-string CISCO

R2(config)#int s0.123

R2(config-subif)#ip rip authentication mode text

R2(config-subif)#ip rip authentication key-chain RIP

R3#conf t

R3(config)#key chain RIP

R3(config-keychain)#key 1

R3(config-keychain-essential)#crucial-string CISCO

R3(config)#int s0.31

R3(config-subif)#ip rip authentication mode text

R3(config-subif)#ip rip authentication key-chain RIP

To use MD5 authentication rather than clear-text, merely replace the word "text" in the ip rip authentication mode command with md5.

Here"s what a successfully authentication RIPv2 packet looks like, courtesy of debug ip rip. Clear-text authentication is in effect and the password is "cisco".

3d04h: RIP: received packet with text authentication cisco

3d04h: RIP: received v2 update from 150.1.1.three on Ethernet0

3d04h: 100.../8 via ... in 1 hops

3d04h: 150.1.2./24 by means of ... in 1 hops

Here"s what it looks like when the remote device is set for MD5 authentication and the regional router is set for clear-text. You will also see this message if the password itself is incorrect.

3d04h: RIP: ignored v2 packet from 150.1.1.3 (invalid authentication)

"Debug ip rip" could be a simple command as compared to the debugs for other protocols. but it"s also a extremely effective debug. Begin utilizing debugs as early as attainable in your Cisco scientific studies to find out how router commands actually function!.

In the event you loved this information and you would love to receive details regarding health insurace - please click the following internet page, generously visit our web site.