RIP packet structure
It is hard to fully understand a routing protocol without knowing what information is carried in its packets. Knowing what information is exchanged between routers and how will help you better understand the RIP protocol, and better configure your network for it.
This section provides information on the contents of RIP 1 and RIP 2 packets.
RIP version 1
RIP version 1, or RIP IP packets are 24 bytes in length, with some empty areas left for future expansion.
RIP IP packets
1-byte command |
1-byte version |
2-byte zero field |
2-byte AFI |
2-byte zero field |
4-byte IP address |
4-byte zero field |
4-byte zero field |
4-byte metric |
A RIP 1 packet contains the following fields:
- Command — Indicates whether the packet is a request or a response. The request asks that a router send all or part of its routing table. The response can be an unsolicited regular routing update or a reply to a request. Responses contain routing table entries. Multiple RIP packets are used to convey information from large routing tables.
- Version — Specifies the RIP version used. This field can signal different potentially incompatible versions.
- Zero field — This field defaults to zero, and is not used by RFC 1058 RIP.
- Address-family identifier (AFI) — Specifies the address family used. RIP is designed to carry routing information for several different protocols. Each entry has an address-family identifier to indicate the type of address being specified. The AFI for IP is 2.
- IP Address — Specifies the IP address for the entry.
- Metric — This is the number of hops or routers traversed along the route on its trip to the destination. The metric is between 1 and 15 for that number of hops. If the route is unreachable the metric is 16.
RIP version 2
RIP version 2 has more features than RIP 1, which is reflected in its packets which carry more information. All but one of the empty zero fields in RIP 1 packets are used in RIP 2.
RIP 2 packets
1-byte command |
1-byte version |
2-byte unused |
2-byte AFI |
2-byte route tag |
4-byte IP address |
4-byte subnet |
4-byte next hop |
4-byte metric |
A RIP 2 packet contains fields described above in RIP 1, as well as the following:
- Unused — Has a value set to zero, and is intended for future use
- Route tag — Provides a method for distinguishing between internal routes learned by RIP and external routes learned from other protocols.
- Subnet mask — Contains the subnet mask for the entry. If this field is zero, no subnet mask has been specified for the entry.
- Next hop — Indicates the IP address of the next hop to which packets for the entry should be forwarded.
Troubleshooting RIP
This section is about troubleshooting RIP. For general troubleshooting information, see the FortiOS Handbook
Troubleshooting chapter. This section includes:
- Routing Loops
- Holddowns and Triggers for updates
- Split horizon and Poison reverse updates
- Debugging IPv6 on RIPng
Routing Loops
Normally in routing, a path between two addresses is chosen and traffic is routed along that path from one address to the other. When there is a routing loop, that normal path doubles back on itself creating a loop. When there are loops, the network has problems getting information to its destination and also prevents it from returning to the source to report the inaccessible destination.
A routing loop happens when a normally functioning network has an outage, and one or more routers are offline. When packets encounter this, an alternate route is attempted to maneuver around the outage. During this phase it is possible for a route to be attempted that involves going back a hop, and trying a different hop forward. If that hop forward is blocked by the outage as well, a hop back and possibly the original hop forward may be selected. You can see if this continues, how it can consume not only network bandwidth but also many resources on those routers affected. The worst part is this situation will continue until the network administrator changes the router settings, or the downed routers come back online.
Routing loops’ effect on the network
In addition to this “traffic jam” of routed packets, every time the routing table for a router changes that router sends an update out to all of the RIP routers connected to it. In a network loop, its possible for a router to change its routes very quickly as it tries and fails along these new routes. This can quickly result in a flood of updates being sent out, which can effectively grind the network to a halt until the problem is fixed.
How can you spot a routing loop
Any time network traffic slows down, you will be asking yourself if it is a network loop or not. Often slowdowns are normal, they are not a full stoppage, and normal traffic resumes in a short period of time.
If the slow down is a full halt of traffic or a major slowdown does not return to normal quickly, you need to do serious troubleshooting quickly.
If you aren’t running SNMP, dead gateway detection, or you have non-Fortinet routers in your network, you can use networking tools such as ping and traceroute to define the outage on your network and begin to fix it. Ping, traceroute, and other basic troubleshooting tools are largely the same between static and dynamic, and are covered in Advanced Static Routing on page 256.