RIP Commands

Fireware uses the Quagga routing software suite v1.2.4, which supports most routing commands available in more recent versions of Quagga. For more information about Quagga commands, see Quagga Routing Suite Documentation.

This list includes the supported routing commands for RIP v1 and RIP v2 that you can use to create or modify a routing configuration file. If you use RIP v2, you must include the subnet mask with any command that uses a network IP address or RIP v2 will not operate. The sections must appear in the configuration file in the same order they appear in this list.

For greater security, we recommend MD5 authentication instead of simple authentication. Simple authentication passes the authentication string in plain text. Commands for both MD5 and simple authentication are shown here.

Section Command Description

Set simple password or MD5 authentication on an interface

  key chain [KEY-CHAIN] Set MD5 key chain name
  key [INTEGER] Set MD5 key number
  key-string [AUTH-KEY] Set MD5 authentication key
  interface eth [N] Begin section to set authentication type for interface
  ip rip authentication mode md5 Use MD5 authentication
  ip rip authentication mode key-chain [KEY-CHAIN] Set MD5 authentication key-chain
  ip rip authentication mode text Use simple authentication
  ip rip authentication string [PASSWORD] Set RIP authentication password
Configure interfaces
  ip rip send version [1/2] Set RIP to send version 1 or 2
  ip rip receive version [1/2] Set RIP to receive version 1 or 2
  no ip rip split-horizon Disable split-horizon; enabled by default
Configure RIP routing daemon

router rip

Enable RIP daemon
  version [1/2] Set RIP version to 1 or 2 (default version 2)
Configure interfaces and networks

no network eth[N]

  passive-interface eth[N]  
  passive-interface default  

network [A.B.C.D/M]

  neighbor [A.B.C.D/M]  
Distribute routes to RIP peers and inject OSPF or BGP routes to RIP routing table
  default-information originate Share route of last resort (default route) with RIP peers. In Fireware v12.5.6 or higher, if the RIP configuration on your Firebox includes this command, and if Link Monitor detects a link failure for all WAN connections, RIP does not announce the default route to neighbors.
  redistribute static Redistribute firewall static routes to RIP peers
  redistribute connected Redistribute routes from all interfaces to RIP peers
  redistribute connected route-map [MAPNAME] Redistribute routes from all interfaces to RIP peers, with a route map filter (mapname)
  redistribute ospf Redistribute routes from OSPF to RIP
  redistribute ospf route-map [MAPNAME] Redistribute routes from OSPF to RIP, with a route map filter (mapname)
  redistribute bgp Redistribute routes from BGP to RIP
  redistribute bgp route-map [MAPNAME] Redistribute routes from BGP to RIP, with a route map filter (mapname)
Configure route redistribution filters with route maps and access lists

access-list [LISTNAME] [PERMIT|DENY] [A,B,C,D/M | ANY]

Create an access list to allow or deny redistribution of only one IP address or for all IP addresses
  route-map [MAPNAME] permit [N] Create a route map with a name and allow with a priority of N
  match ip address [LISTNAME]  

See Also

About Routing Information Protocol (RIP and RIPng)

Configure IPv4 Routing with RIP

Sample RIP Routing Configuration File