Introduction to RIP

RIP was defined in 1988 in RFC 1058. It was the first widely used routing protocol but today it has been superseded by much better alternatives.

How does RIP work?

RIP is a distance vector routing protocol. Because of the limitations outlined below, it isn’t really seen in modern networks, but it does demonstrate some of the principles necessary to understand the protocols which are more widely used today.

The routing metric used by RIP to evaluate routes is just hop count. A hop count of 1 indicates a directly connected network, a hop count of 2 indicates that the packet will hit two routers before reaching the target network and so on. The maximum number of hops is 15, a metric of 16 indicates that a destination is considered unreachable. RIP uses split horizon and route poisoning. A metric of 16 is used to poison the route.

RIP is a ‘classful’ routing protocol which means that networks aren’t advertised with a subnet prefix. This is a major limiting factor as the router then assumes that the network is an entire classful address space. For example any network in 10.0.0.0/8 is treated as 10.0.0.0/8 even if it is a smaller subnet such as 10.1.1.0/24.

Every 30 seconds a router with RIPv1 enabled broadcasts a RIP request message out of every interface to 255.255.255.255. Routers which receive the broadcast and have RIP enabled will respond with a response containing all or part of their routing table. RIP is uses UDP for transport and communicates on port 520.

RIP Version 1 Limitations

  • Because RIPv1 is classful, it does not share subnet masks. This makes it pretty much useless on most modern networks which will use a classless addressing scheme.

  • RIPv1 doesn’t support any authentication which means that a rogue device could trick other routers into routing traffic through it.

  • Because RIP broadcasts on 255.255.255.255 a lot of devices (e.g. hosts) receive packets which they don’t need.

  • Because updates are requested periodically (every 30 seconds) there may be a lot of messages sent even though there haven’t been any network changes.

  • When there are network changes, it can take a long time for the network to converge because changes are only requested every 30 seconds.

What is convergence between routers?

All the routers on a network are said to have converged when they have exchanged enough routing information to ‘agree’ on the topology of the network.

RIPv2

RIP-2 (also referred to as RIPv2) is defined in RFC 2453. It overcomes several of the problems presented by RIP version 1.

For each route advertised with RIPv2, it specifies the associated subnet. For example a route to the subnet 10.10.10.0/28 would explicitly include the subnet mask /28 or 255.255.255.240. Therefore version 2 is able to support classless networks and VLSM (Variable Length Subnet Masks).

Version 2 uses IP the multicast address of 224.0.0.9 (registered with IANA) to send routing updates. This means that packets containing routing updates are no longer broadcast to all devices on the network, just the routers which are listening for them. Updates are still sent using UDP on port 520.

Furthermore, RIPv2 adds support for authentication which helps prevent rogue devices injecting false routes. In the initial RFC, this was just using a plain text password which doesn’t provide much additional security. Subsequent extensions added support for more secure authentication, initially just MD5 which today isn’t considered secure. However RFC 4822 extends this to support more secure cryptographic algorithms.

Finally, RIPv2 adds a ‘Route Tag’ field which allows routers to include a tag with each route so that routes learned from different sources may be separated.

RIP vs RIPv2

Differences between RIP and RIPv2

RIPv1 RIPv2
Routing updates don’t include information about the subnet Routing updates specify the associated subnet.
Only supports ‘classful’ networks. Supports ‘classless’ networks.
Doesn’t support Variable Length Subnet Masks (VLSM). Supports routes with Variable Length Subnet Masks (VLSM).
Updates are sent as ‘broadcasts’ to all hosts on the network. Updates are sent to multicast address 224.0.0.9
No authentication methods. Support for authentication of messages.
No support for tagging routes. Includes a Route Tag field.

Similarities between RIP and RIPv2

  • Both use UDP (User Datagram Protocol)

  • Both use port 520

  • RIP and RIPv2 are Distance Vector Routing Protocols

  • Both use ‘split horizon’ and ‘route poisoning’ to prevent routing loops

  • Both have a maximum hop count of 15 and an infinity metric of 16