RIPv2: Authentication

RIPv2 authentication requires the use and creation of keys and also requires authentication to be enabled on an interface.  Keys can be clear text or encrypted with Md5.

Multiple keys are also allowed and are grouped using a key chain.  Key chains are just sets of related keys each of which has a different number and may be restricted for use during a specific time period.

RIPv2 is enabled on a per interface basis, referring to the key chain that holds the keys with the ip rip authentication key-chain subcommand.  The router looks at the keychain, selects the key(s) valid for that particular time, if multiple keys are available, the key with the lowest sequence number will be used.  if the authentication type command does not specify clear text or MD5 it will default to clear text.

When authentication is enabled the max number of network prefixes included in a RIP update goes down to 24 from 25, the reason is that hte first route entry in each RIPv2 message would carry 20 bytes of authentication data.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s