Configure IPv4 Routing with RIP
This topic explains how to configure RIP on your Firebox.
Free Range Routing (Fireware v12.9 or Higher)
In Fireware v12.9 or higher, Fireware uses the Free Range Routing (FRR) routing engine, which replaces Quagga. If your configuration includes Quagga commands for dynamic routing, those commands work after you upgrade. Some FRR commands appear in a different section than in Quagga.
For a routing configuration file sample, go to Sample RIP Routing Configuration File (FRR).
For a list of commands, go to RIP Commands (FRR).
Quagga (Fireware v12.8.x or Lower)
Quagga is the routing daemon in Fireware v12.8.x or lower.
For a sample routing configuration file, go to Sample RIP Routing Configuration File (Quagga).
For a list of commands, go to RIP Commands (Quagga).
- Select Network > Dynamic Routing.
The Dynamic Routing page appears. - Select the Enable Dynamic Routing check box.
- Select the RIP tab.
- Select the Enable check box.
- Copy and paste the text of your routing daemon configuration file in the window.
- Click Save.
If necessary, Fireware automatically adds the required dynamic routing policy or enables an existing RIP dynamic routing policy, if one exists.
- Select Network > Dynamic Routing.
The Dynamic Routing Setup dialog box appears. - Select the Enable Dynamic Routing check box.
- Select the RIP tab.
- Select the Enable RIP check box.
- Click Import to import a routing daemon configuration file, or copy and paste your configuration file in the text box.
- Click OK.
If an enabled dynamic routing policy does not exist, Policy Manager asks if you want to add the required policy. - Click Yes to add the required dynamic routing policy.
Policy Manager adds the required dynamic routing policy, or enables an existing RIP dynamic routing policy, if one exists.
When you enable RIP, a dynamic routing policy called DR-RIP-Allow is automatically created. You can edit this policy to add authentication and restrict the policy to listen on only the correct interfaces. The DR-RIP-Allow policy is configured to allow RIP multicasts to the reserved multicast address for RIP v2.
If you use RIP v1, you must configure the RIP policy to allow RIP broadcasts from the network broadcast IP address to the Firebox. For example, if your external interface IP address is 203.0.113.2/24, the RIP policy must allow traffic from the broadcast address 203.0.113.255 to the Firebox.
If your Firebox has multi-WAN enabled, you can configure a loopback interface, and use the IP address of the loopback interface instead of the IP address of the physical interfaces in the dynamic routing configuration. For more information, see Configure a Loopback Interface.
After you configure the Firebox and the RIP router, you can look at the routes table to verify that the Firebox has received route updates from the RIP router.
To see the dynamic routes, from Firebox System Manager select the Status Report tab.
To see the dynamic routes, from Fireware Web UI select System Status > Routes.