Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
435
Views
1
Helpful
3
Replies

RIPng Route Poisoning

Go to solution
Teck Sing
Level 1
Level 1

‎10-01-2024 09:03 PM

Dear experts

I've a topology like below:

TeckSing_0-1727835758850.png

IPv4/IPv6 dual-stack is running, RIPv2 and RIPng are on,here's configuration:

R1:

interface Ethernet0/0
ip address 10.12.1.1 255.255.255.0
duplex auto
ipv6 enable
ipv6 rip RIP enable

interface Loopback0
ip address 192.168.1.1 255.255.255.255
ipv6 address 2001:DB8:0:1::1/128
ipv6 rip RIP enable

router rip
version 2
network 10.0.0.0
network 192.168.1.0
ipv6 router rip RIP

R2:

interface Ethernet0/0
ip address 10.12.1.2 255.255.255.0
duplex auto
ipv6 enable
ipv6 rip RIP enable

router rip
version 2
network 10.0.0.0
ipv6 router rip RIP

Now, once I remove network 192.168.1.0 from RIP or shutdown lo 0 on R1, R1 will immediately advertise 192.168.1.0 with metric 16 to R2, and R2 also will advertise it to its neighbors. However, this infinite route will be advertised when I shutdown the port lo 0 only under RIPng environment. If I delete ipv6 rip RIP enable under interface lo 0 on R1, no infinite route is sent, and I can reach 2001:db8:0:1::1 from R2 till this route disappears from ipv6 route table on R2. Why? 

Thanks

- Teck Sing 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎10-01-2024 10:34 PM - edited ‎10-01-2024 10:35 PM

Hello @Teck Sing 

The behavior you're experiencing can be explained by differences in how RIPv2 and RIPng handle route withdrawals when interfaces or network advertisements change. In your IPv4 setup using RIPv2, when you either remove the 192.168.1.0 network from RIP or shut down the loopback interface (Lo0) on R1, R1 immediately starts advertising the 192.168.1.1/32 route with a metric of 16. This is RIP’s way of signaling to its neighbors that the route is unreachable, as metric 16 in RIP indicates an infinite distance. R2 then receives this update and propagates the unreachable route to its neighbors, ensuring that all routers in the network quickly discard the now-invalid route. This behavior is standard for RIPv2, ensuring that route invalidation is rapid and consistent across the network to prevent routing loops or stale routes.

In RIPng, the behavior is somewhat different due to the protocol’s approach to route advertisements. When you shut down the loopback interface on R1, RIPng behaves similarly to RIPv2 by sending out an advertisement for the unreachable IPv6 route with a metric of 16. This informs R2 that the route is no longer valid, and R2 will treat it as such and propagate the change accordingly. However, when you remove the `ipv6 rip RIP enable` command from the loopback interface, R1 simply stops advertising the route entirely, rather than sending an advertisement with a metric of 16. In this scenario, the last valid route advertisement remains in R2’s routing table until RIPng’s route timeout expires. During this period, R2 can still reach the 2001:DB8:0:1::1 address, even though R1 is no longer actively advertising it. Eventually, when the RIPng route timers expire, the route will disappear from R2’s routing table.

The difference in behavior between RIPv2 and RIPng can be attributed to their handling of route withdrawals. In RIPv2, removing a route from the RIP configuration or shutting down an interface both trigger a triggered update with metric 16, which ensures quick invalidation of the route in neighboring routers. RIPng, however, does not send an update with metric 16 when the routing process for an interface is disabled. Instead, it simply stops advertising the route, relying on the route expiration timers in the neighboring routers to eventually clear the stale route. This delay can lead to a brief period where the route is still reachable from neighboring routers, even though the originating router is no longer advertising it.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

3 Replies 3

Go to solution
M02@rt37
VIP
VIP

‎10-01-2024 10:34 PM - edited ‎10-01-2024 10:35 PM

Hello @Teck Sing 

The behavior you're experiencing can be explained by differences in how RIPv2 and RIPng handle route withdrawals when interfaces or network advertisements change. In your IPv4 setup using RIPv2, when you either remove the 192.168.1.0 network from RIP or shut down the loopback interface (Lo0) on R1, R1 immediately starts advertising the 192.168.1.1/32 route with a metric of 16. This is RIP’s way of signaling to its neighbors that the route is unreachable, as metric 16 in RIP indicates an infinite distance. R2 then receives this update and propagates the unreachable route to its neighbors, ensuring that all routers in the network quickly discard the now-invalid route. This behavior is standard for RIPv2, ensuring that route invalidation is rapid and consistent across the network to prevent routing loops or stale routes.

In RIPng, the behavior is somewhat different due to the protocol’s approach to route advertisements. When you shut down the loopback interface on R1, RIPng behaves similarly to RIPv2 by sending out an advertisement for the unreachable IPv6 route with a metric of 16. This informs R2 that the route is no longer valid, and R2 will treat it as such and propagate the change accordingly. However, when you remove the `ipv6 rip RIP enable` command from the loopback interface, R1 simply stops advertising the route entirely, rather than sending an advertisement with a metric of 16. In this scenario, the last valid route advertisement remains in R2’s routing table until RIPng’s route timeout expires. During this period, R2 can still reach the 2001:DB8:0:1::1 address, even though R1 is no longer actively advertising it. Eventually, when the RIPng route timers expire, the route will disappear from R2’s routing table.

The difference in behavior between RIPv2 and RIPng can be attributed to their handling of route withdrawals. In RIPv2, removing a route from the RIP configuration or shutting down an interface both trigger a triggered update with metric 16, which ensures quick invalidation of the route in neighboring routers. RIPng, however, does not send an update with metric 16 when the routing process for an interface is disabled. Instead, it simply stops advertising the route, relying on the route expiration timers in the neighboring routers to eventually clear the stale route. This delay can lead to a brief period where the route is still reachable from neighboring routers, even though the originating router is no longer advertising it.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
Teck Sing
Level 1
Level 1
In response to M02@rt37

‎10-01-2024 10:45 PM

Thanks a lot M02@rt37 for your prompt reply and clear explanation! 

0 Helpful

Go to solution
M02@rt37
VIP
VIP
In response to Teck Sing

‎10-02-2024 12:00 AM

You're so welcome @Teck Sing 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful
Customers Also Viewed These Support Documents
Top