Configuring ripv2 message authentication – H3C Technologies H3C S7500E Series Switches User Manual

3-16

To do…

Use the command…

Remarks

Enable zero field check on

received RIPv1 messages

checkzero

Optional

Enabled by default

Enabling Source IP Address Check on Incoming RIP Updates

You can enable source IP address check on incoming RIP updates.

For a message received on an Ethernet interface, RIP compares the source IP address of the

message with the IP address of the interface. If they are not in the same network segment, RIP

discards the message.

Follow these steps to enable source IP address check on incoming RIP updates:

To do…

Use the command…

Remarks

Enter system view

system-view

––

Enter RIP view

rip [ process-id ] [ vpn-instance

vpn-instance-name ]

––

Enable source IP address check

on incoming RIP messages

validate-source-address

Optional

Enabled by default

The source IP address check feature should be disabled if the RIP neighbor is not directly connected.

Configuring RIPv2 Message Authentication

In a network requiring high security, you can configure this task to implement RIPv2 message validity

check and authentication.

RIPv2 supports two authentication modes: plain text and MD5.

In plain text authentication, the authentication information is sent with the RIP message, which

however cannot meet high security needs.

Follow these steps to configure RIPv2 message authentication:

To do…

Use the command…

Remarks

Enter system view

system-view

––

Enter interface view

interface interface-type

interface-number

––