While working on my CCIE LAB preparation I always thought that I am too good with RIPv1 & RIPv2 and I can make it work easily. The main reason was that as far I know, Jeff Doyle's Routing TCP/IP Volume 1 covers pretty much everything about all RIP flavors. Later I came to know about some other references which I used and found some new things about RIP as well. So let me summarize the list of material which I used to study RIP.1.) Jeff Doyle's Routing TCP/IP Vol 1 - This book covers at least 80% of all RIP terminologies &
scenarios.
2.) Cisco IOS Cookbook - I don't know if many people know about this book. But trust me even
if you are done with all CCIE lab preparation workbooks still you gonna
find some interesting things.
3.) Cisco's IOS 12.4 Routing Configuration Guide
4.) Internetwork Expert's Routing and Switching Workbooks Ver 4.1
So after reading lots of stuff like this I believe you will feel the same way I was feeling :-)
hhuurrraaahhh ... I can make RIP working in any situation :-) ----- Sounds pretty good..but then...
Bangggg.......... :-(
When I came across this interesting scenario.....I felt initially that this scenario is not gonna work any how.
Here is the scenario. We have two routers say R1 & R2, both routers are connected to a L2 switch ( say 2950 :-) ...its all Cisco World) through their Fast Ethernet interfaces. On R1's Fast Ethernet interface we have ip address configured as 10.0.0.1/8 and on R2's fast Ethernet interface we have configured ip address as 20.0.0.1/8. Both the switch ports of 2950 switch are configured in same VLAN. On Router R1 we have configured one loop back interface with ip address 1.0.0.1/8 and on R2's loopback interface we have configured ip address as 2.0.0.2/8. Now the requirement was to establish connectivity between R1's loopback interface & R2's loopback interface using RIPv2. Also I was not allowed to use secondary ip address on any interface. They asked me to use RIPv2 but RIPv1 can also work in this scenario. Anyways.... I took some time and after thinking about 10 minutes I tried some thing out and it worked for me.
First let me explain the problem with scenario: As both RIP routers are connected to each other through a broadcast media so definitely they can hear each others RIP updates. However the problem was... as both routers are configured with two different subnet's ip addresses on ethernet interfaces so they will hear each others RIP updates but won't accept it. I run debug ip rip command and found the clue :-)
R1#*Mar 1 00:13:56.487: RIP: ignored v2 update from bad source 20.0.0.1 on FastEth
ernet0/0
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Loopback0
C 10.0.0.0/8 is directly connected, FastEthernet0/0
And this clue saved my life. I read a small terminology of SANITY CHECKS while reading Jeff Doyle's book a long time ago. This terminology is only applicable to RIP and IGRP, in which they validate that the update which they are receiving is belong to same ip subnet or not, and if update is from different ip subnet in that case update will be ignored and a debug message is generated which states that update has been ignored as it is received from a bad source (means different ip subnet).
So I disabled this SANITY CHECK FEATURE on both router and finally I found that now both routers are exchanging prefixes with each other which belongs to their loopback interfaces :-)
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Loopback0
R 2.0.0.0/8 [120/1] via 20.0.0.1, 00:00:13
C 10.0.0.0/8 is directly connected, FastEthernet0/0
But when I tried to ping R2's loopback address sitting on R1 ....ahhhh...still not able to ping :-(
R1#ping 2.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.0.0.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
So I checked the routing table again and found the reason why ping failed. However both routers had learned loopback's addresses prefixes but still they don't have any information about the how to reach to the next hop address like from R1 to R2's fast ethernet interface ip 20.0.0.1...R1 don't have any route or information about how to reach to that network.
So Finally I fixed it by pointing a host static route (or some people call it alternate static route) which was pointing to each others fast ethernet ip address. I used it with exit interface option.
R1(config)#ip route 20.0.0.1 255.255.255.255 fastEthernet 0/0
Any Finally after that my ping worked :-)
R1#ping 2.0.0.2 rep 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 2.0.0.2, timeout is 2 seconds:
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 48/129/404 ms
huurraahhh
Below is the configuration for both routers...anyways happy ???? I didn't tell you the command which disabled SANITY CHECKS...here it is :-)
Under Router RIP process run this command: no validate-update-source
Best Regards,
Deepak Arora
CCIE#2XXXX....Oops that number is still missing :-)
-----------------------------------------------------------------------
R1#sh run
Building configuration...
Current configuration : 737 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip cef
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.0.0.1 255.0.0.0
!
interface FastEthernet0/0
ip address 10.0.0.1 255.0.0.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router rip
version 2
no validate-update-source
network 1.0.0.0
network 10.0.0.0
no auto-summary
!
ip route 20.0.0.1 255.255.255.255 FastEthernet0/0
!
ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
----------------------------------------------------------------------------
R2#sh run
Building configuration...
Current configuration : 737 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip cef
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.0.0.2 255.0.0.0
!
interface FastEthernet0/0
ip address 20.0.0.1 255.0.0.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router rip
version 2
no validate-update-source
network 2.0.0.0
network 20.0.0.0
no auto-summary
!
ip route 10.0.0.1 255.255.255.255 FastEthernet0/0
!
ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
-----------------------------------------------------------------------------------------
Here is the scenario. We have two routers say R1 & R2, both routers are connected to a L2 switch ( say 2950 :-) ...its all Cisco World) through their Fast Ethernet interfaces. On R1's Fast Ethernet interface we have ip address configured as 10.0.0.1/8 and on R2's fast Ethernet interface we have configured ip address as 20.0.0.1/8. Both the switch ports of 2950 switch are configured in same VLAN. On Router R1 we have configured one loop back interface with ip address 1.0.0.1/8 and on R2's loopback interface we have configured ip address as 2.0.0.2/8. Now the requirement was to establish connectivity between R1's loopback interface & R2's loopback interface using RIPv2. Also I was not allowed to use secondary ip address on any interface. They asked me to use RIPv2 but RIPv1 can also work in this scenario. Anyways.... I took some time and after thinking about 10 minutes I tried some thing out and it worked for me.
First let me explain the problem with scenario: As both RIP routers are connected to each other through a broadcast media so definitely they can hear each others RIP updates. However the problem was... as both routers are configured with two different subnet's ip addresses on ethernet interfaces so they will hear each others RIP updates but won't accept it. I run debug ip rip command and found the clue :-)
R1#*Mar 1 00:13:56.487: RIP: ignored v2 update from bad source 20.0.0.1 on FastEth
ernet0/0
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Loopback0
C 10.0.0.0/8 is directly connected, FastEthernet0/0
And this clue saved my life. I read a small terminology of SANITY CHECKS while reading Jeff Doyle's book a long time ago. This terminology is only applicable to RIP and IGRP, in which they validate that the update which they are receiving is belong to same ip subnet or not, and if update is from different ip subnet in that case update will be ignored and a debug message is generated which states that update has been ignored as it is received from a bad source (means different ip subnet).
So I disabled this SANITY CHECK FEATURE on both router and finally I found that now both routers are exchanging prefixes with each other which belongs to their loopback interfaces :-)
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Loopback0
R 2.0.0.0/8 [120/1] via 20.0.0.1, 00:00:13
C 10.0.0.0/8 is directly connected, FastEthernet0/0
But when I tried to ping R2's loopback address sitting on R1 ....ahhhh...still not able to ping :-(
R1#ping 2.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.0.0.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
So I checked the routing table again and found the reason why ping failed. However both routers had learned loopback's addresses prefixes but still they don't have any information about the how to reach to the next hop address like from R1 to R2's fast ethernet interface ip 20.0.0.1...R1 don't have any route or information about how to reach to that network.
So Finally I fixed it by pointing a host static route (or some people call it alternate static route) which was pointing to each others fast ethernet ip address. I used it with exit interface option.
R1(config)#ip route 20.0.0.1 255.255.255.255 fastEthernet 0/0
Any Finally after that my ping worked :-)
R1#ping 2.0.0.2 rep 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 2.0.0.2, timeout is 2 seconds:
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 48/129/404 ms
huurraahhh
Below is the configuration for both routers...anyways happy ???? I didn't tell you the command which disabled SANITY CHECKS...here it is :-)
Under Router RIP process run this command: no validate-update-source
Best Regards,
Deepak Arora
CCIE#2XXXX....Oops that number is still missing :-)
-----------------------------------------------------------------------
R1#sh run
Building configuration...
Current configuration : 737 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip cef
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.0.0.1 255.0.0.0
!
interface FastEthernet0/0
ip address 10.0.0.1 255.0.0.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router rip
version 2
no validate-update-source
network 1.0.0.0
network 10.0.0.0
no auto-summary
!
ip route 20.0.0.1 255.255.255.255 FastEthernet0/0
!
ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
----------------------------------------------------------------------------
R2#sh run
Building configuration...
Current configuration : 737 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip cef
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.0.0.2 255.0.0.0
!
interface FastEthernet0/0
ip address 20.0.0.1 255.0.0.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router rip
version 2
no validate-update-source
network 2.0.0.0
network 20.0.0.0
no auto-summary
!
ip route 10.0.0.1 255.255.255.255 FastEthernet0/0
!
ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
-----------------------------------------------------------------------------------------
No comments:
Post a Comment