When running RIP and DDR, define an access list for interesting traffic. In Example 3-118, the access list is denying only the TCP traffic and permitting all the IP traffic. RIP uses an IP broadcast address of to send the routing updates. This address must be denied in the access list so that RIP doesn't bring up the link every 30 seconds. Denying as a desti-nation will block all broadcast traffic from bringing up the link. Blocking UDP port 520 will block RIP-1 and RIP-2 updates specifically. When the link is up, RIP can flow freely across the link. However, it will not keep the link up because it's not part of the interesting traffic definition.

Example 3-120 shows the correct configuration change in Router R1. In this configuration, all traffic destined to address is denied. This covers all broadcast traffic, so RIP-1 will not bring up the link after this configuration change.

One important thing to know here is that RIP-1 uses the address for sending RIP updates. RIP-2, on the other hand, uses So, when dealing with RIP-2, you need to deny traffic from the multicast address of as interesting traffic, as demonstrated in Example 121.

Was this article helpful?

0 0

Post a comment