RIP versus static routing
RIP was one of the earliest dynamic routing protocols to work with IP addresses. As such, it is not as complex as more recent protocols. However, RIP is a big step forward from simple static routing.
While RIP may be slow in response to network outages, static routing has zero response. The same is true for convergence — static routing has zero convergence. Both RIP and static routing have the limited hop count, so its not a strength or a weakness. Count to infinity can be a problem, but typically can be fixed as it happens or is the result of a network outage that would cause even worse problems on static routing network.
This compares to static routing where each time a packet needs to be routed, the FortiGate unit can only send it to the next hop towards the destination. That next hop then forwards it, and so on until it arrives at its destination. RIP keeps more routing information on each router so your FortiGate unit can send the packet farther towards its destination before it has to be routed again towards its destination. RIP reduces the amount of table lookups and therefore fewer network resources than static routing. Also since RIP is updated on neighboring routes it is aware of new routes or dead routes that static routing would not be aware of.
Overall, RIP is a large step forward when compared to static routing.
RIP metric — hop count
RIP uses hop count as the metric for choosing the best route. A hop count of 1 represents a network that is connected directly to the FortiGate unit, while a hop count of 16 represents a network that cannot be reached.
Each network that a packet travels through to reach its destination usually counts as one hop. When the FortiGate unit compares two routes to the same destination, it adds the route having the lowest hop count to the routing table. As you can see in RIP packet structure on page 311, the hop count is part of a RIP v2 packet.
Similarly, when RIP is enabled on an interface, the FortiGate unit sends RIP responses to neighboring routers on a regular basis. The updates provide information about the routes in the FortiGate unit’s routing table, subject to the rules that you specify for advertising those routes. You can specify how often the FortiGate unit sends updates, the period of time a route can be kept in the routing table without being updated, and for routes that are not updated regularly you can specify the period of time that the unit advertises a route as unreachable before it is removed from the routing table.
If hops are weighted higher than one, it becomes very easy to reach the upper limit. This higher weighting will effectively limit the size of your network depending on the numbers used. Merely changing from the default of 1.0 to 1.5 will lower the effective hop count from 15 to 10. This is acceptable for smaller networks, but can be a problem as your network expands over time.
In RIP, you can use the offset command to artificially increase the hop count of a route. Doing this will make this route less preferred, and in turn it will get less traffic. Offsetting routes is useful when you have network connections of different bandwidths, different levels of reliability, or different costs. In each of these situations you still want the redundancy of multiple route access, but you don’t want the bulk of your traffic using these less preferred routes. For an example of RIP offset, see Access Lists on page 304.
The Bellman–Ford routing algorithm
The routing algorithm used by RIP was first used in 1967 as the initial routing algorithm of the ARPANET. The Bellman–Ford algorithm is distributed because it involves a number of nodes (routers) within an Autonomous system, and consists of the following steps:
1. Each node calculates the distances between itself and all other nodes within the AS and stores this information as a table.
2. Each node sends its table to all neighboring nodes.
3. When a node receives distance tables from its neighbors, it calculates the shortest routes to all other nodes and updates its own table to reflect any changes.
To examine how this algorithm functions let’s look at a network with 4 routers — routers 1 through 4. The distance from router1 to router2 is 2 hops, 1 to 3 is 3 hops, and 2 to 3 is 4 hops. Router4 is only connected to routers 2 and 3, each distance being 2 hops.
1. Router1 finds all the distance to the other three routers — router 2 is 2, router 3 is 3. Router1 doesn’t have a route to router 4.
2. Routers 2 through 4 do the same calculations from their point of views.
3. Once router 1 gets an update from router 2 or 3, it will get their route to router 4. At that point it now has a route to router 4 and installs that in its local table.
4. If router1 gets an update from router3 first, it has a hop count of 5 to reach router4. But when router2 sends its update, router1 will go with router2’s shorter 4 hops to reach router4. Future updates don’t change this unless they are shorter than 4 hops, or the routing table route goes down.
RIP algorithm example in 4 steps
Step 1
Router1 finds the distance to other routers in the network.
It currently has no route to Router4. Router1 routing table:
l Distance to Router2 = 2 hops.
l Distance to Router3 = 3 hops.
Step 2
All routers do the same as Router1, and send out updates containing their routing table.
Note that Router1 and Router4 do not update each other, but rely on Router2 and Router3 to pass along accurate updates.
Step 3
Each router looks at the updates it has received, and adds any new or shorter routes to its table.
Router1 updated table:
l Distance to Router2 = 2 hops.
l Distance to Router3 = 3 hops.
l Distance to Router4 = 4 or 5 hops.
Step 4
Router1 installs the shortest route to Router4, and the other routes to it are removed from the routing table. Router1 complete table:
l Distance to Router2 = 2 hops. l Distance to Router3 = 3 hops. l Distance to Router4 = 4 hops.
The good part about the Bellman-Ford algorithm in RIP is that the router only uses the information it needs from the update. If there are no newer, better routes than the ones the router already has in its routing table, there is no need to change its routing table. And no change means no additional update, so less traffic. But even when there is update traffic, the RIP packets are very small so it takes many updates to affect overall network bandwidth. For more information about RIP packets, see RIP packet structure on page 311.
The main disadvantage of the Bellman–Ford algorithm in RIP is that it doesn’t take weightings into consideration. While it is possible to assign different weights to routes in RIP, doing so severely limits the effective network size by reducing the hop count limit. Also other dynamic routing protocols can take route qualities, such as reliability or delay, into consideration to provide not only the physically shortest but also the fastest or more reliable routes as you choose.
Another disadvantage of the Bellman-Ford algorithm is due to the slow updates passed from one RIP router to the next. This results in a slow response to changes in the network topology, which in turn results in more attempts to use routes that are down, which wastes time and network resources.
Passive versus active RIP interfaces
Normally the FortiGate unit’s routing table is kept up to date by periodically asking the neighbors for routes, and sending your routing updates out. This has the downside of generating a lot of extra traffic for large networks. The solution to this problem is passive interfaces.
An standard interface that supports RIP is active by default — it both sends and receives updates by actively communicating with its neighbors. A passive RIP interface does not send out updates — it just listens to the updates of other routers. This is useful in reducing network traffic, and if there are redundant routers in the network that would be sending out essentially the same updates all the time.
The following example shows how to create a passive RIP v2 interface on port1, using MD5 authentication and a key-chain called passiveRIPv2 that has already been configured. Note that in the CLI, you enable passive by disabling send-version2-broadcast.
To create a passive RIP interface – web-based manager
1. Go to Router > Dynamic > RIP.
2. Next to Interfaces, select Create.
3. Select port1 as the Interface.
4. Select 2 as both the Send Version and Receive Version.
5. Select MD5 for Authentication.
6. Select the passiveRIPv2Key-chain.
7. Select Passive Interface.
8. Select OK to accept this configuration, and return to the main RIP display page.
To create a passive RIP v2 interface on port1 using MD5 authentication- CLI
config router rip config interface
edit port1
set send-version2-broadcast disable set auth-keychain “passiveRIPv2”
set auth-mode md5
set receive-version 2
set send-version 2 end
end