Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
371372373374375376377378379380
357
Upon receiving a message on an Ethernet interface, RIP compares the source IP address of the message
with the IP address of the interface. If they are not in the same network segment, RIP discards the
message.
Upon receiving a message on a serial interface, RIP checks whether the source address of the message
is the IP address of the peer interface. If not, RIP discards the message.
IMPORTANT:
Disable the source IP address check feature if the RIP neighbor is not directly connected.
To enable source IP address check on incoming RIP updates:
Ste
p
Command
Remarks
136. Enter system view. system-view N/A
137. Enter RIP view.
rip [ process-id ] [ vpn-instance
vpn-instance-name ]
N/A
138. Enable source IP address
check on incoming RIP
messages.
validate-source-address
Optional.
By default, this function is enabled.
1365BConfiguring RIPv2 message authentication
Perform this task to enable authentication on RIPv2 messages. This feature does not apply to RIPv1
because RIPv1 does not support authentication. Although you can specify an authentication mode for
RIPv1 in interface view, the configuration does not take effect.
RIPv2 supports two authentication modes: simple authentication and MD5 authentication.
To configure RIPv2 message authentication:
Ste
p
Command
139. Enter system view. system-view
140. Enter interface view.
interface interface-type interface-number
141. Configure RIPv2 authentication.
rip authentication-mode { md5 { rfc2082 [ cipher ] key-string key-id |
rfc2453 [ cipher ] key-string } | simple [ cipher ] password }
1366BSpecifying a RIP neighbor
Usually, RIP sends messages to broadcast or multicast addresses. On non-broadcast or multicast links,
you must manually specify RIP neighbors.
Follow these guidelines when you specify a RIP neighbor:
Do not use the peer ip-address command when the neighbor is directly connected. Otherwise, the
neighbor may receive both the unicast and multicast (or broadcast) of the same routing information.
If a specified neighbor is not directly connected, disable source address check on incoming
updates.
To specify a RIP neighbor:
Ste
p
Command
Remarks
142. Enter system view.
system-view N/A