Sample RIP Routing Configuration File (FRR)
This topic includes a sample configuration file for Free Range Routing (FRR), which is the routing daemon in Fireware v12.9 or higher. To use this configuration file as a starting point for your RIPng configuration, copy the text into a text editor application and edit the parameters to meet your business requirements.
For information how to configure RIP, go to Configure IPv4 Routing with RIP.
In Fireware v12.8.x or lower, Fireware uses the Quagga routing engine. For a sample routing configuration file for Fireware v12.8.x or lower, go to Sample RIP Routing Configuration File (Quagga). For a list of Quagga commands, go to Sample RIP Routing Configuration File (Quagga).
For greater security, we recommend MD5 authentication instead of simple authentication. Simple authentication passes the authentication string in plain text. Commands for both MD5 and simple authentication are shown here.
Sample
This configuration sample shows how to configure some common RIP commands that you might include in your RIP configuration in Fireware v12.9 or higher. Your configuration file might include other commands.
For descriptions of common commands, go to RIP Commands (FRR). For a complete list of FRR commands, go to the FRRouting User Guide.
! SECTION 1: Configure MD5 authentication keychains.
! Set MD5 authentication key chain name (KEYCHAIN), key number (1), and authentication key string (AUTHKEY).
key chain KEYCHAIN
key 1
key-string AUTHKEY
! SECTION 2: Configure interface properties.
! Set authentication for interface (eth1).
interface eth1
ip rip authentication string SHAREDKEY
! Set RIP simple authentication password (SHAREDKEY).
ip rip authentication string SHAREDKEY
ip rip authentication mode text
! Set RIP MD5 authentication and MD5 keychain (KEYCHAIN).
ip rip authentication mode md5
ip rip authentication key-chain KEYCHAIN
! Set RIP to send or received to version 1; default is version 2.
ip rip send version 1
ip rip receive version 1
! Set RIP version to 1; default is version 2.
version 1
! Disable split-horizon to prevent routing loop. Default is enabled.
no ip split-horizon
! SECTION 3: Configure global RIP daemon properties
! Enable RIP daemon. Must be enabled for all RIP configurations.
router rip
! Share route of last resort (default route) from kernel routing table with RIP peers.
default-information originate
! Set unicast routing table updates to neighbor (192.168.253.254).
neighbor 192.168.253.254
network 192.168.253.0/24
! Disable RIP send and receive on interface (eth0).
no network eth0
! Set RIP to receive-only on interface (eth2).
passive-interface eth2
! Set RIP to receive-only on all interfaces.
passive-interface default
! Redistribute firewall static routes to RIP peers.
redistribute static
! Redistribute routes from all interfaces to RIP peers or with a route map filter (MAPNAME).
redistribute connected
redistribute connected route-map MAPNAME
! Redistribute routes from OSPF to RIP or with a route map filter (MAPNAME).
redistribute ospf
! Redistribute routes from BGP to RIP or with a route map filter (MAPNAME).
redistribute ospf route-map MAPNAME
redistribute bgp
! Redistribute routes from BGP to RIP or with a route map filter (MAPNAME).
redistribute bgp route-map MAPNAME
! SECTION 4: Configure route redistribution filters with route maps and access lists.
! Create an access list to only allow redistribution of 172.16.30.0/24.
access-list LISTNAME permit 172.16.30.0/24
access-list LISTNAME deny any
! SECTION 5: Create a route map.
! Create a route map with name MAPNAME and allow with a priority of 10 (1-199).
route-map MAPNAME permit 10
match ip address LISTNAME