RIP Version 2
Introduction
RIP version 1 suffered from several drawbacks that made it undesirable to implement. RIP version 2 (RFC 1723) addresses some of these concerns and is available in IOS v11.1 and higher.
RIP v2 allows for the use of VLSM, authenticated updates and uses multicast updates. Next hop addressing is carried with each route entry and has route tags for external routes. It also has queries in response to RIPv1 requests.
This lecture will cover the following points:

RIPv2 Operation and Basics
Issues Addressed by RIPv2
Compatibility with RIPv1
Classless Route Lookups - Aggregation and Supernetting
Classless Routing Protocols
Authentication
Limitations of RIPv2
Basic RIPv2 Configuration
Interface Options with RIPv2
Discontiguous Subnets and Classless Routing
Configuring Authentication
Verifying RIPv2
Debug Commands
Summary

RIPv2 Operation and Basics
RIPv2 is classless and uses UDP port 520 as does RIPv1 (classful). It is still distance vector and still uses hop count as the metric with a max hop count of 15.

The ability to multicast saves other devices on the network from wasting time opening broadcast packets.
Issues Addressed by RIPv2
Authentication - this prevents false updates being generated - mainly from naughty networking students! Sadly, by default the authentication password is sent in plain text, so the authentication is poor if a hacker sniffs packets. MD5 must be used if the password is to be kept secret from eavesdroppers - use this feature!
Subnet masks - these are carried around the network and allows routing to specific subnets
Next-hop IP identification field - this prevents unnecessary hops.When using RIPv1, some loops can go undiscovered when there are multiple protocols in use
Multicasting - reduces network traffic and wasted processing time in non-routing nodes. Multicast address is 224.0.0.9.

Despite these updates to RIP, version 2 is still slow to converge.

RIPv2 Message Format
The format of the RIP headers is similar for both versions. They both share an 8 byte header and the overall max size is 512 bytes.
8 bits
 8 bits
 8 bits
 8 bits
Command
 Version
 Unused - set to all zeros
Address Family Identifier
 Route Tag
IP Address
Subnet Mask
Next Hop
Metric
Multiple fields - up to a max of 25
.
.
.
Address Family Identifier
 Route Tag
IP Address
Subnet Mask
Next Hop
Metric

The Command field indicates whether the message is a request or a response.
The Version field indicates whether this is RIP v1 or v2. If this is set to 2, it is a v2 message. If the field is set to 0 or 1 AND it is not a valid RIP v1 format, the packet is discarded.
Address Family Identifier - set to 2 for IP. If this is a request for a full routing table, it is set to 0.
Route Tag - this defines whether the route is internal or external i.e. whether the route has been learnt from RIPv2 or redistributed another routing protocol.
IP Address - Destination
Subnet Mask - obvious
Next Hop - IP address of the next hop listed in the IP address field
Metric - number of hops away. ! - 15 is valid, 16 is unreachable.
Compatibility with RIPv1
When an update arrives, RIPv2 looks at the version field.
If set to RIPv1 AND any  bits in the Unused field are 1, the packet is discarded
If set to the RIP version is greater than 1 - ignore the Unused field bits and process the update

RIP v1 and v2 interoperate in FOUR ways
RIPv1 in which only RIPv1 messages are transmitted
RIPv1 compatibility which makes v2 broadcast messages for v1 use
RIPv2 with multicasts
None - no updates sent (use passive-interface to achieve this)

Also defined in RFC 1723 are measures to control reception of updates. '
  1. RIPv1 only
  2. RIPv2 only
  3. Both
  4. None
These settings should be configurable on a 'per interface' basis

Setting 4 is accomplished by using an access list to filter UDP 520 or not including a network statement for the interface or configuring a route filter.
Classless Route Lookups - Aggregation and Supernetting
Classful route lookups operate by firstly matching the major network address in the address table then matching the subnet of the major network. If  no match is found the packet is dropped.

This behaviour can be changed for classful routing protocols by using the

ip classless global command.

Classless route lookups operate in a different fashion. by making the router ignore the class and perform bit by bit matching of destination address and known routes.
Classless Routing Protocols
Classless routing protocols carry the subnet mask. This allows all 0 and 1 subnets to be used, eliminating confusion between 172.16.255.255 and 172.16.255.255. Here, one is the 'all subnets' broadcast and one is broadcast on the all 1s subnet - but which is which?

If the subnet mask is sent then 172.16.255.255 /16 and 172.16.255.255 /24 can be differentiated.

VLSM and route aggregation are used to summarise a group of major network addresses.
Authentication

RIPv2 authenticates the source of the packets. The source of the update uses the first field of the message that would normally carry IP address, SM, Next Hop, Metric and hijacks these for authentication.  This leaves room for only 24 updates per packet instead of 25 with RIPv1.

8 bits
 8 bits
 8 bits
 8 bits
Command
 Version
 Unused - set to all zeros
0XFFF
 Authentication Type
Password (bytes 0-3)
Password (bytes 4-7)
Password (bytes 8-11)
Password (bytes 12-15)
Address Family Identifier
 Route Tag
IP Address
Subnet Mask
Next Hop
Metric
An additional 23 address field may follow here
.
.
.

A password is indicated if the AFI field is set to 0XFFF. The authentication type for simple authentication is set to 0X002. The password is left justified and unused bits are set to zero.

MD5 authentication may be enabled to overcome plain-text authentication. Use the Authentication Type field to identify the method used. MD5 computes a 128-bit hash value from plain text plus password. This hash is transmitted along with the message and the hash is recalculated at the far end and the received and calculated hash values are checked against each other. If they match, the message is authenticated.
Limitations of RIPv2
RIPv2 converges slowly. It was only updated to allow VLSM and authentication otherwise to all intents and purposes it is still RIPv1.

Drawbacks
Lack of alternative routes. RIPv2 keeps only one route to a destination in routing tables. It has to wait for updates after a failure to assess whether a new (if any) route exists.

Count to infinity - routing loops can exist but count to infinity (16) solves that. Slow convergence means incorrect propagation of obsolete information. 15 hop max count keeps RIPv2 limited to small networks with diameter less than 15 hops.

Static distance vector metrics. The default value is 1 per hop but can be reset by the administrator. RIPv2 is unsuitable for networks where the route needs to be selected on the basis of cost such as delay, traffic load or other dynamic metric.
Basic RIPv2 Configuration
If RIPv1 is enabled, it listens for v1 and v2 updates but sends only v1 updates. Enable v2 with the command

router(config-router)#version 2

RIP will now send v2 updates.

Can be reset using version 1 - forces to send and receive only v1
The default behaviour - no version configured - sends v1 and hears v1 and v2.
Interface Options with RIPv2
The switch options discussed earlier can be implemented on each interface using:

ip rip send version [1 | 2]
ip rip receive version [1 | 2]

This allows interfaces to be set up to send and receive both versions if needed.

If no command is issued, the default is to send and receive v2 only.
Discontiguous Subnets and Classless Routing
Discontiguous subnets occur where a different major network separates 2 subnets from another major network.

Here it is possible to turn automatic summarisation off and allow subnets to be advertised across network boundaries.

router rip
version 2
no auto-summary
Configuring Authentication
This can be plaintext or can use MD5 and multiple keys or passwords on a key chain. This allows different keys at different times.
  1. Define key chain with name
  2. Define the key or keys on the key chain
  3. Enable authentication on an interface and specify the key chain that is to be used
  4. Specify clear text or MD5
  5. Optionally configure key management
router(config)#key chain ROMEO
router(config-keychain)#key 1
router(config-keychain-key)#key-string JULIET
router(config-keychain-key)#int f0/0
router(config-if)#ip rip authentication key-chain ROMEO
router(config-if)#ip rip authentication mode md5

Password JULIET is global and must be configured for all routers. Key chain is of local significance only.
Verifying RIPv2
There are many useful commands to help verify correct operation of RIPv2

show ip protocols - gives a listing of when updates are received and the interface it is configured on
show ip rip database - shows summary address entries in the RIP database
show ip route - gives details of the routes and which protocol supplied the route
show ip route [address [mask] [longer-prefixes]] | [protocol [process id]] | [list access-list number | access-list name]
show ip protocols - will detail protocol(s) in use, when updates are due, invalid, holddown, flush details, routing information sources, gateway, distance, time since last update
show ip ospf database - details of OSPF only
Debug Commands
Note that all of these commands may be turned off with the no form of the command

debug ip rip - displays information on RIP routing transactions
debug ip rip events - gives a shorter display
Useful to find mismatched versions and misconfigured authentication
debug ip routing - displays information on RIP routing table updates and router cache updates
Summary
RIPv2 is mature, stable, widely supported and easy to configure.
It is still limited to 15 hops max, but supports VLSM. Authentication is available, but must be set to MD5 if it is to be secure.
Its convergence time is still slow.

The max number of routes in a RIPv2 update is 24 - one field is taken for authentication
A route filter denies the flow of RIP v1 and v2 updates on a receiving interface.
The passive-interface command prevents a local interface from sending updates.
If a network A.B.C.D is specified and a default route, it is sent to neighbours on the specified interface.
RIPv2 includes a route tag and subnet mask (not in RIPv1).
If RIPv2 is specified, it sends and listens only to RIPv2 messages.