Routing protocols and architectures/Routing Information Protocol
Routing Information Protocol (RIP) is an intra-domain routing protocol based on the Distance Vector (DV) algorithm. RIP version 1 was defined in 1988 and was the first routing protocol used on the Internet.
RIP, depending on the implementation, includes split horizon, route poisoning and path hold down mechanisms to limit propagation of incorrect routing information.
RIP is suitable for small, stable and homogeneous networks:
- small: the metric is simply based on the hop count (each link has cost 1), but the 16-hop limit can not be exceeded → more than 15 routers in a cascade within a same RIP domain are not allowed;
- stable: status changes may trigger long-lasting transients;
- homogeneous links: costs on different links can not be differentiated based on bandwidth;
- homogeneous routers: every router needs to finish processing before producing its new DV → the transient duration is bound to performance of the slowest router.
- 1 Packet format
- 2 Timers
- 3 Limitations
- 4 RIP version 2
- 5 Advantages
- 6 References
RIP packets have the following format:
|Address Family Identifier||0|
where the most significant fields are:
- Command field (1 byte): it specifies the type of message:
- 'Response' value: the packet is transporting a DV containing one or more addresses;
- 'Request' value: a router newly connected to the network is notifying its neighbors of its presence → neighbors will send back their DVs without having to wait the timeout, increasing the convergence speed;
- Address Family Identifier field (2 bytes): it specifies the network-layer protocol being used (e.g. value 2 = IP);
- IP Address field (4 bytes): it specifies the IP address being announced (without netmask).
Up to 25 addresses can be announced in a single RIP packet;
- Metric field (4 bytes): it specifies the cost related to the announced address.
The RIP packet is encapsulated into an UDP packet:
- the destination UDP port is port 520, which at the time was chosen as a security mechanism since ports lower than 1024 can be used only under administrative privileges;
- the destination IP address is the broadcast address (255.255.255.255) → all devices can receive it, including hosts, although it is better to disable routing protocols on the host side to protect them from malicious attacks and learn better routes by listening to possible ICMP Redirect messages:
RIP is heavily based on timers:
- it is difficult to precisely comply with fixed timers because the CPU may be busy → uncertainties introduce further delays;
- all the routers within the network must use the same timers, otherwise routers may interact in an uncoordinated way.
Routing update timer (default 30 s)
It defines how often gratuitous Response messages containing information about DVs are sent.
- Router synchronization
It is tried to be avoided by not resetting the routing update timer on sending a triggered update and by sending gratuitous Response messages with a variable delay between 25 and 35 seconds.
Route invalid timer (default 180 s)
It defines how long an entry can keep being valid in the routing table without being refreshed. When the router invalid timer expires, the hop count of the entry is set to cost infinity (16), marking the destination as unreachable.
- Fault detection
The router invalid timer is useful especially to detect a missing connectivity toward a neighbor when the 'link down' signal is not available.
Route flush timer (default 240 s)
It defines how long an entry can stay in the routing table without being refreshed. When the route flush timer expires, the entry is deleted from the routing table.
- Route poisoning
When the route invalid timer expires and the entry is marked as invalid, 60 s (with default values) are left when the router can announce the destination at cost infinity, to inform the other routers before the entry is deleted.
Hold down timer (default 180 s)
It defines how long an entry is not subject to changes following a suspected start of count of infinity. The hold down timer is a proprietary feature by Cisco.
- Path hold down
The hold down timer starts when the hop count is rising to a higher value, to avoid triggering a count to infinity and allow the route to get stable.
- Route poisoning
Also a destination blocked by the path hold down algorithm can be propagated at cost infinity.
The first version of RIP was defined when classful addressing, where the subnet mask can be automatically obtained from the network address itself, was still in use → network addresses announced in DVs lack information about their netmasks → version 1 of RIP can be used only in networks where each address belongs to an address class according to the old classful addressing rules.
A stratagem can be adopted to make version 1 of RIP work in networks with variable-length netmask addresses: given an announced network address, the router scans the network addresses assigned to its connected interfaces:
- if at least an interface is assigned an address having a subnet mask equal to the subnet mask of the announced address, the router assumes the netmask from the address of the interface as a netmask for the announced address;
- if no interface is assigned an address having a subnet mask equal to the subnet mask of the announced address, the router assumes its subnet mask as a netmask for the announced address.
A wrong netmask could be assumed if:
- no one of the interfaces of the router has the subnet mask being searched for;
- the announced address really has a netmark other than the one of the address of the selected interface.
Hop count limit
RIP defines the hop count limit equal to 16 → destinations whose distance is larger than 15 are considered unreachable.
Such a low maximum value was chosen to limit the well-known problem of count to infinity of DV-based algorithms: when a route cost reaches value 16, the route is considered unreachable and its cost can not rise even more.
This does not mean that the network can not have more than 15 routers in a cascade: the only effect is that two routers too far away can not communicate directly one with each other. This problem can be solved by partitioning the network into two routing domains, handled by two different RIP protocol instances, and by enabling the redistribution process between them so as to 'falsify' costs for external routes.
Lack of 'age' field
RIP does not associate an 'age' field to routes in DVs → the announced information could be old, but the receiving router assumes it as new and resets its timers to zero → the more one is far from the status change, the more the transient duration increases.
In a network with topology A—B—C:
- time 0 s: a failure on link A—B occurs → node A is no longer reachable;
- time 179 s: node B announces to node C its DV, the last one including destination A;
- time 180 s: node B marks destination A as unreachable;
- time 359 s: node C marks destination A as unreachable.
RIP version 2
RIP version 2 extends the first version of RIP by exploiting some fields which were unused in messages:
|Command||Version (2)||Routing Domain|
|Address Family Identifier||Route Tag|
where the new fields are:
- Routing Domain field (2 bytes): it specifies the routing domain for which this RIP message is intended to handle multiple routing domain on the same border router:
- Route Tag field (2 bytes): it specifies if the announced address is an external route, that is it was learnt through a redistribution process from another routing domain;
- Subnet Mask field (4 bytes): it contains the netmask associated to the announced network address to support classless addressing;
- Next Hop field (4 bytes): it optimizes routing when multiple RIP routers belong to the same LAN but to two different RIP domains, and therefore traffic from a domain to another one would always cross the border router → the border router can announce to send traffic to the next hop router in the other domain:
RIP version 2 introduces a password-based authentication mechanism: a router must be authenticated in order to be able to announce its DV to its neighbors.
If the first entry in the RIP packet has the 'Address Family Identifier' field equal to value 0xFFFF, then the remainder of the entry contains authentication information:
where fields are:
- Authentication Type field (2 bytes): any type 'simple password' has been defined (value 2);
- Authentication field (16 bytes): it contains the password in clear text.
This authentication mechanism is quite weak because the password can be easily sniffed → it is rarely used. More complex authentication mechanisms are not possible because of the lack of space in the RIP message.
RIP version 1 sends DV in broadcast → all entities, including hosts, have to process RIP messages.
RIP version 2 defines a destination multicast IP address (126.96.36.199), so that the RIP packet is received only by entities which have subscribed to the multicast group → hosts and routers not using the RIP protocol can discard the packet at the data-link layer.
- it is suitable for small, stable and homogeneous networks;
- it requires few processing resources;
- it is simple to implement;
- it is simple to configure (there are no subdomains like in OSPF);
- it is available on a wide range of devices, even on cheap routers.
- It is assumed: default timer values, no triggered updates, no route poisoning.