Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Global RIP Settings Overview

 

A global RIP setting affects operations on all RIP-enabled interfaces. You configure global settings in the virtual router.

For instructions for configuring RIP settings on the virtual router and on the interface, see the Network and Security Manager Online Help.

Configuring RIP Parameters

You can configure the RIP instance parameters displayed in Table 1.

Table 1: RIP Instance Parameters

Parameters

Your Action

RIP Version (ScreenOS 5.1 and later only)

Select the version of RIP you want to use for this virtual router. When you configure RIP on the individual interfaces, you can override this setting.

Reject Default Route

Select this option to prevent route detour attacks in which a router injects a default route (0.0.0.0/0) into the routing domain to detour packets to itself. During a route detour attack, a compromised router can drop the packets, causing service disruption, or can obtain sensitive information in the packets before forwarding them. By default, this option is disabled, meaning RIP accepts any default routes that are learned in RIP and adds the default route to the routing table.

Ignore Same Subnet Checking

Select this option to allow RIP neighbors on different subnets.

Advertising Default Route

Select this option to direct the VR to advertise an active default route (0.0.0.0/0) in the VR route table to all RIP areas.

Default Metric

Configure the default metric for routes that RIP imports from other protocols, such as OSPF and BGP. By default, RIP assigns a metric of 10 to all imported routes.

Number of Alternate Routes for Prefix Allowed (ScreenOS 5.1 and later only)

Configure the maximum number of RIP routes for the same prefix that RIP can add to the RIP route database. By default, RIP does not allow alternate routes.

Hold Down Time for Routes (ScreenOS 5.1 and later only)

Configure the number of seconds that RIP waits before updating the routing table. Use this option to prevent route flapping when handling high metric routes. By default, RIP waits 120 seconds between routing table updates. When configuring this option:

  • Ensure that the value is at least three times the value of the Update Timer.

  • Ensure that the value does not exceed the sum of the Update Timer value plus the Flush Timer value.

    For example, if the Update Timer is 60 and the Flush Timer is 180, you can set the hold down time value between 181 and 239.

Retransmit Interval for Demand Circuits (ScreenOS 5.1 and later only)

Configure the number of seconds that elapse before RIP resends the RIP routing table to a demand circuit neighbor that did not respond. You can also configure the number of times RIP attempts to retransmit the routing table. By default, RIP resends every 5 seconds.

Poll Interval for Demand Circuits (ScreenOS 5.1 and later only)

Configure the number of seconds between demand circuit checks. By default, RIP sends a request through the demand circuit every three minutes to verify that the tunnel interface is up. You can also configure the number of times a demand circuit must fail to respond before RIP considers the circuit down. By default, RIP never considers an unresponsive circuit down (Number of Retries is 0).

Timers

Configure the following timers:

  • Update Timer—Configure the number of seconds that the virtual router sends RIP route database updates to neighbors.

  • Invalid Timer—Configure the number of seconds after a neighbor stops advertising a route that RIP considers the route invalid. By default, RIP considers a route invalid 180 seconds after a neighbor stops advertising it.

  • Flush Timer—Configure the number of seconds an invalid route remains in the RIP route database. By default, RIP removes a route that has been invalid for 120 seconds.

Maximum Route Update Packets

Configure the maximum number of packets that the VR can receive per RIP update.

Maximum Neighbors Allowed on One Interface

Configure the maximum number of RIP neighbors allowed on a single interface. By default, RIP allows up to 16 neighbors for the same interface.

Access List for Filtering Trusted Neighbors

Configure the access list that defines trusted RIP neighbors. If you do not select an access list, RIP uses multicasting or broadcasting to detect neighbors on a RIP-enabled interface.

Route Maps

To control which routes RIP learns and advertises, configure the following:

  • The inbound route map defines the routes that RIP learns.

  • The outbound route map defined the routes that RIP advertises.

Configuring RIP Redistribution Rules

Use route redistribution to exchange route information between routing protocols. You can redistribute the following types of routes into the RIP routing instance in the same VR:

  • Routes learned from BGP

  • Routes learned from OSPF

  • Directly connected routes

  • Imported routes

  • Statically configured routes

When you configure route redistribution, you must first specify a route map to filter the routes that are redistributed.

Configuring RIP Summary Import (ScreenOS 5.1 and later only)

In large internetworks where hundreds or even thousands of network addresses can exist, routers can become overly congested with route information. After you have redistributed a series of routes from an external protocol to the current RIP routing instance, you can bundle the routes into one generalized or summarized network route. By summarizing multiple addresses, you enable a series of routes to be recognized as one route, simplifying the process.

Using route summarization in a large, complex network can isolate topology changes from other routers. An intermittently failing link in a domain does not affect the summary route, so no router external to the domain needs to modify its routing table due to the link failure.

You can summarize inter area routes or external routes.