RIP

The Routing Information Protocol (RIP), is based on a set of algorithms that use distance vectors to mathematically compare routes to identify the best path to any given destination address. RIP will send routing update messages to its peers over a multicast address of 224.0.0.9 at regular intervals or when routing changes occur. For IPv6, RIPng is used to advertise the local IPv6 routes and routing updates are sent to a multicast IPv6 address of FF02::9.

Valid Environments for RIP

Local RIP Routing

The VPN Gateway can listen for and to RIP updates out on the local LAN/VLAN interfaces. By default, this feature is disabled, but it can be enabled in the VPN Gateway profile stored in the AT&T Administration Server.

If local RIP is enabled, it will always be active and it is independent of the VPN tunnel and the tunnel endpoint. The local routes learned through RIP will never be forwarded down an IPSec tunnel. AT&T Administration Server can define three RIP timers:

1. Update Timer (Defaults to 30 Seconds)

At every update timer interval, the RIP process sends an unsolicited Response message containing the complete routing table to all neighboring RIP routers.

2. Timeout Timer (Defaults to 180 Seconds)

Upon expiration of the timeout timer, the route is no longer valid; however, it is retained in the routing table for a short time so that neighbors can be notified that the route has been dropped.

3. Garbage Collection Timer (Defaults to 120 Seconds)

Upon expiration of the garbage collection timer, the route is finally removed from the routing table.

The AT&T Administration Server also adds the ability to define filter lists which can be set-up to allow or deny the advertisement or reception of RIP routes. The filters can be configured per VLAN for specific subnets.

IPSec Tunnel RIP Routing

Depending on the tunnel endpoint, the VPN Gateway will use RIP to exchange local routes for Remote Office connections. If RIP is being used, the VPN Gateway will advertise all local subnets, VLANs, cascaded networks and aliases. The list below describes the tunnel end points and when RIP is used to advertise the local routes:

AT&T SIG

The VPN Gateway will perform RIP for No-NAT, Source NAT, or 1-1 NAT connections.

Cisco

RIP is not used for Cisco Remote Office connections.

RIP Delete when VLAN is Disconnected

By default, the VPN Gateway will send a RIP delete message and stop advertising routes associated with a local interface or VLAN which is not active. In the case of a VLAN, it is considered active if at least one port associated with the VLAN is active. The VPN Gateway can be configured in the AT&T Administration Server to always send RIP routes regardless of any ports being active. This method is typically used by the enablement group to test the VPN Gateway before any of the customer’s equipment has been attached.