Running ripd

Routing protocols are not limited to routers. It is possible to need a routing protocol on a Linux host. Suppose that you have a host on a network in which routing updates are distributed via RIPv2. This system is not a router, but because it is on a network segment with more than one router, you decide to configure it to listen to the RIPv2 updates that the routers are broadcasting. Listing 7.9 shows a possible ripd.conf file for this host.

Listing 7.9: A Sample ripd.conf File

! Enable RIPV2, but don't send updates ! Check that packets are authentic interface eth0

ip rip authentication string EZdozIt

router rip passive-interface eth0

The RIPv2 configuration is very simple. The command router rip enables RIP. By default, Zebra uses RIPv2, which is capable of handling address masks and is compatible with RIP version 1. To force Zebra to use RIP version 1, a version 1 clause could be used with the router rip command, but using RIP version 1 is generally ill advised.

The passive-interface clause is used because this host listens to routing updates, but does not send routing updates. This is equivalent to the -q option mentioned earlier for the routed command. passive-interface is used on hosts that listen for updated; routers that actively participate in the routing exchange use the network clause. The network clause uses the interface name to identify the interface over which routing updates are exchanged; for example, network eth0. Alternatively, it can use an IP address to identify the systems with which routing updates are exchanged. The IP address is defined with an address mask. For example, network would exchange routing updates with any system on subnet We will see the network clause in action when we configure an interior router.

The interface statement is used to configure the network interface for RIP. In Listing 7.9, a RIPv2 authentication mode is set for the interface. In this example, a simple clear text password is used. Clear text passwords are used to help the router avoid accepting updates from misconfigured systems; it is not a security method. Stronger update authentication is available in the form of MD5 authentication.

In addition to the ripd.conf file shown in Listing 7.9, the host needs a zebra.conf file. The zebra.conf file we created for our sample host is shown in Listing 7.10.

Listing 7.10: A zebra.conf File for a Linux Host hostname grebe password lOOK!c?

log file /var/log/zebra.log !

interface eth0

ip address multicast

This file is simpler than the zebra.conf file shown in Listing 7.5. It defines the hostname used by this host and the path to the log file, but it defines only one vtysh password. This password allows interactive queries of the routing configuration, but it does not allow the configuration to be changed. The interface command in Listing 7.10 defines the interface over which this host listens to RIPv2 updates.

The RIPv2 updates that this host uses to build its routing configuration come from the routers on the subnet. In the next section, we look at the sample configuration of such a router.

Was this article helpful?

0 0

Post a comment