Configuring ripv2 message authentication, Specifying a rip neighbor – H3C Technologies H3C WX6000 Series Access Controllers User Manual

24-13

To do…

Use the command…

Remarks

Enter system view

system-view

––

Enter RIP view

rip

[ process-id ]

––

Enable source IP address check on
incoming RIP messages

validate-source-address

Optional
Enabled by default

The source IP address check feature should be disabled if a RIP neighbor is not directly connected.

Configuring RIPv2 Message Authentication

RIPv2 supports two authentication modes: plain text and MD5.

In plain text authentication, the authentication information is sent with the RIP message, which however
cannot meet high security needs.

Follow these steps to configure RIPv2 message authentication:

To do…

Use the command…

Remarks

Enter system view

system-view

––

Enter interface view

interface

interface-type interface-number

––

Configure RIPv2
authentication

rip authentication-mode

{ md5 { rfc2082 key-string key-id

| rfc2453 key-string } | simple password }

Required

Specifying a RIP Neighbor

Usually, RIP sends messages to broadcast or multicast addresses. On non broadcast or multicast links,
you need to manually specify RIP neighbors. If a specified neighbor is not directly connected, you must
disable source address check on incoming updates.

Follow these steps to specify a RIP neighbor:

To do…

Use the command…

Remarks

Enter system view

system-view

––

Enter RIP view

rip

[ process-id ]

––

Specify a RIP neighbor

peer

ip-address

Required
By default, RIP sends no updates
to any IP address.

Disable source address check on
incoming RIP updates

undo validate-source-address

Required
Not disabled by default