RIP

» » RIP

Minggu, 09 Desember 2012

RIP

   21.30      


---FITUR RIP---
  • RIPv2 merupakan classless routing protocol.
  • RIPv2 membawa subnet-mask saat melakukan update.
  • RIPv2 diaktifkan menggunakan perintah network
  • Perintah network pada RIP memiliki 3 fungsI
  • Mengirimkan update pada interface tersebut
  • Mengadvertise network ke router lain
  • Menerima advertise suatu network dari router lain
  • Perintah network pada RIP tidak akan mengadvertise subnet, hanya major network yang diadvertise
  • Passive interface akan membuat interface tidak mengirimkan update, namun masih tetap dapat menerima update
---Authentikasi RIP---
  • RIP support 2 tipe authentikasi
             Clear Text (Default)
             MD5
  • Konfigurasinya
  1. Buat key-chain, kmudian key-idn dan key-string
  2. Nilai key-id dan key-string harus sama di kedua sisi
  3. Apply key chain didalam interface
 ---Authentikasi Clear Text and MD5---

key chain RIP
 key 1
   key-string CISCO
!
interface Serial0/0
 ip address 12.12.12.1 255.255.255.0
 ip rip authentication mode text
 ip rip authentication key-chain RIP
 clock rate 2000000
!
interface Serial0/0
 ip address 12.12.12.1 255.255.255.0
 ip rip authentication mode md5
 ip rip authentication key-chain RIP
 clock rate 2000000
!

---RIP Filtering---
Memfilter route mana saja yang akan dimasukkan dalam routing tabel
Memfilter route mana saja yang akan diadvertise ke router lain
Filtering route bisa dilakukan dengan hal berikut
  1. Access-list (Standar, Extended, Name)
  2. Prefix List
  3. Distribute List
  4. Administrative Distance
  5. Offset List
  6. Route Tagging
--- Contoh Access List Filtering---
R1(config)# access-list 1 deny 2.2.1.0 0.0.254.255
R1(config)# access-list 1 permit any
R1(config)# router rip
R1(config)# distribute-list 1 in S0/0/0.12

---Contoh Prefix List Fitering---
ip prefix-list ROUTE permit 10.0.0.0/8
ip prefix-list SOURCE permit 1.2.3.4/32
distribute-list prefix ROUTE gateway SOURCE in

---Route Summarization---
RIP secara default melakukan summarization secara classful
Namun demikian RIP juga dapat dikonfigurasikan agar melakukan summarize terhadap subnetnya
Summarization dikonfigurasikan dibawah mode interface dengan perintah berikut ini :
ip summary-addres rip x.x.x.x mask

---RIP Offset List---
Digunakan untuk menambah nilai metric suatu route baik incoming maupun outgoing
Dikonfigurasikan dengan perintah berikut ini

R2(config)# access-list 1 permit 1.0.0.0 0.255.255.255
R2(config)# router rip
R2(config)# offset-set 1 out 13 f0/0

Offset-list hanya ada di RIP dan EIGRP
Pada RIP digunakan untuk menambah nilai metric/hop count suatu route
Pada EIGRP digunakan untuk menambah nilai delay
Access list digunakan bila offset-list digunakan untuk mempengaruhi spesific route yang diinginkan
Bila diinginkan untuk mempngaruhi semua route, maka nilai offset-list diset 0

---RIP Passive Interface---
Digunakan untuk mendisable routing update pada interface
Pada RIP, interface hanya tidak mengirim update saja namun tetap dapat menerima routing update
Pada EIGRP dan OSPF, passive interface akan membuat interface tidak akan dapat mengirim dan juga tidak dapat menerima routing update
Konfigurasikan passive interface dibawah router-mode

R1(router)# passive interface default (semua interface)
R1(router)# passive interface fa0/0 (spesifik interface)

---RIP Unicast Update---
RIP V1 default updatenya secara broadcast
RIP V2 default updatenya secara multicast
Konfigurasikan RIPv2 agar melakukan update secara unicast
R2(config)# router rip
R2(config-router)# passive interface F0/0
R2(config-router)# neighbor 131.1.23.3

Perintah neighbor digunakan agar RIP melakukan update secara unicast dan perintah passive interface f0/0 digunakan agar RIP tidak melakukan update secara multicast.

 Coba kita LAB kan yuk
lab 1. RIP - Filtering - Distribute List

===
R1
===
[command_start]
!
interface Loopback1
 ip address 10.0.0.1 255.255.255.255
!
interface Loopback2
 ip address 10.0.0.2 255.255.255.255
!
interface Loopback3
 ip address 10.0.0.3 255.255.255.255
!
interface Loopback4
 ip address 10.0.0.4 255.255.255.255
!
interface Loopback5
 ip address 10.0.0.5 255.255.255.255
!
interface Loopback6
 ip address 10.0.0.6 255.255.255.255
!
interface Serial0/0
 ip address 12.12.12.1 255.255.255.0
!
router rip
 version 2
 network 10.0.0.0
 network 12.0.0.0
 no auto-summary
!
[command_end]

===
R2
===
[command_start]
!
interface FastEthernet0/0
 ip address 23.23.23.2 255.255.255.0
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 12.12.12.2 255.255.255.0
 clock rate 2000000
!
router rip
 version 2
 network 12.0.0.0
 network 23.0.0.0
 distribute-list 1 out FastEthernet0/0
 no auto-summary
!
[command_end]

===
R3
===
[command_start]
!
interface FastEthernet0/0
 ip address 23.23.23.3 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 23.0.0.0
 no auto-summary
!
[command_end]

verifikasi
===
R3
===
sh ip route
Gateway of last resort is not set

     23.0.0.0/24 is subnetted, 1 subnets
C       23.23.23.0 is directly connected, FastEthernet0/0
     10.0.0.0/32 is subnetted, 6 subnets
R       10.0.0.2 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.3 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.1 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.6 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.4 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.5 [120/2] via 23.23.23.2, 00:00:06, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
R       12.12.12.0 [120/1] via 23.23.23.2, 00:00:06, FastEthernet0/0

selanjutnya kita filtering di router 2
===
R2
===
[configuration_start]
!
router rip
 ver 2
 distribute-list 1 fa0/0
 access-list 1 permit 0.0.0.0 255.255.255.254
 clear ip route *
!
[configuration_end]

verifikasi di router 3
===
R3
===
sh ip route 
  23.0.0.0/24 is subnetted, 1 subnets
C       23.23.23.0 is directly connected, FastEthernet0/0
     10.0.0.0/32 is subnetted, 3 subnets
R       10.0.0.2 [120/2] via 23.23.23.2, 00:00:02, FastEthernet0/0
R       10.0.0.6 [120/2] via 23.23.23.2, 00:00:02, FastEthernet0/0
R       10.0.0.4 [120/2] via 23.23.23.2, 00:00:02, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
R       12.12.12.0 [120/1] via 23.23.23.2, 00:00:02, FastEthernet0/0



maka kondisi ini hanya IP 10.0.0.2, 10.0.0.4 dan 10.0.0.6 saja yang bisa di ping, sedangkan 10.0.0.1, 10.0.0.3 dan 10.0.0.5 tidak bisa di ping.
kalau diperhatikan bahwa yang di filter hanya route nya saja, bukan paketnya. artinya kalau dibuat default route di R3 ke arah R2, maka ip yang tidak tampil dalam routing tabel tetap bisa di ping, asalkan di tambah default route

===
R3
===
[command_start]
!
ip route 0.0.0.0 0.0.0.0 23.23.23.2
!
[command_end]

sh ip route
Gateway of last resort is 23.23.23.2 to network 0.0.0.0

     23.0.0.0/24 is subnetted, 1 subnets
C       23.23.23.0 is directly connected, FastEthernet0/0
     10.0.0.0/32 is subnetted, 3 subnets
R       10.0.0.2 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.6 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
R       10.0.0.4 [120/2] via 23.23.23.2, 00:00:05, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
R       12.12.12.0 [120/1] via 23.23.23.2, 00:00:05, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 23.23.23.2

R3#ping 10.0.0.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/40/76 ms

   /

   No Comments

di 21.30

0 komentar :

Posting Komentar

Langganan: Posting Komentar ( Atom )