RE: Authentication for RIP updates - IE workbook

From: Marvin Greenlee (marvin@ipexpert.com)
Date: Wed Feb 21 2007 - 01:22:43 ART

03:25:11.228: RIP: ignored v2 update from bad source 150.50.7.5 on
> FastEthernet0/0
.584:
> RIP: ignored v2 update from bad source 150.50.7.7

You're showing bad update addresses, from .7.5 and .7.7 on the fa0/0
interface. Is there a typo in your address, your fa0/0 shows .17.2 for the
last two octets?

I would guess the invalid address is preventing the auth failure message.
Try either changing the address of the interface or adding no validate
update-source, and see if you see the authentication failure then.

Marvin Greenlee, CCIE #12237 (R&S, SP, Sec)
Senior Technical Instructor - IPexpert, Inc.
"When Will You Be an IP Expert?"
 marvin@ipexpert.com
http://www.IPexpert.com

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
jennytan
Sent: Tuesday, February 20, 2007 10:57 PM
To: Victor Cappuccio
Cc: Cisco certification
Subject: Re: Authentication for RIP updates - IE workbook

R2#sho ip int brief
Interface IP-Address OK? Method Status
Protocol
FastEthernet0/0 150.50.17.2 YES manual up
up
FastEthernet0/1 unassigned YES unset administratively down
down
Serial0/0/0 unassigned YES unset up
up
Serial0/0/0.24 150.50.24.2 YES manual up
up
Serial0/0/0.256 150.50.100.2 YES manual up
up
Serial0/0/1 150.50.9.2 YES manual up
up
Serial0/1/0 unassigned YES unset administratively down
down
Serial0/1/1 unassigned YES unset administratively down
down
Loopback0 200.0.0.2 YES manual up
up
R2#sho ip proto
Routing Protocol is "rip"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Sending updates every 30 seconds, next due in 24 seconds
  Invalid after 180 seconds, hold down 0, flushed after 240
  Redistributing: rip
  Default version control: send version 2, receive version 2
    Interface Send Recv Triggered RIP Key-chain
    FastEthernet0/0 2 2
    Serial0/0/0.24 2 2 Yes R2toR4
    Serial0/0/0.256 2 2 R2toR5R6
    Serial0/0/1 2 2
    Loopback0 2 2
  Automatic network summarization is not in effect
  Maximum path: 4
  Routing for Networks:
    150.50.0.0
    200.0.0.0
  Routing Information Sources:
    Gateway Distance Last Update
    150.50.9.5 120 00:00:11
    150.50.17.1 120 00:00:17
    150.50.24.4 120 00:03:02
  Distance: (default is 120)

R2#

R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static
route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     200.0.0.0/32 is subnetted, 6 subnets
R 200.0.0.8 [120/8] via 150.50.24.2, 00:01:59, Serial0/0/0.24
R 200.0.0.1 [120/2] via 150.50.24.2, 00:01:59, Serial0/0/0.24
R 200.0.0.2 [120/1] via 150.50.24.2, 00:01:59, Serial0/0/0.24
C 200.0.0.4 is directly connected, Loopback0
R 200.0.0.5 [120/2] via 150.50.24.2, 00:01:59, Serial0/0/0.24
R 200.0.0.7 [120/3] via 150.50.24.2, 00:01:59, Serial0/0/0.24
R 172.1.0.0/16 [120/2] via 150.50.24.2, 00:01:59, Serial0/0/0.24
     10.0.0.0/24 is subnetted, 1 subnets
C 10.10.1.0 is directly connected, FastEthernet0/0
     150.50.0.0/16 is variably subnetted, 10 subnets, 4 masks
R 150.50.6.128/25 [120/4] via 150.50.24.2, 00:02:00, Serial0/0/0.24
R 150.50.200.0/24 [120/2] via 150.50.24.2, 00:02:00, Serial0/0/0.24
R 150.50.4.0/24 [120/4] via 150.50.24.2, 00:02:01, Serial0/0/0.24
R 150.50.6.0/25 [120/3] via 150.50.24.2, 00:02:01, Serial0/0/0.24
R 150.50.7.0/25 [120/2] via 150.50.24.2, 00:02:01, Serial0/0/0.24
R 150.50.9.0/25 [120/1] via 150.50.24.2, 00:02:01, Serial0/0/0.24
R 150.50.17.0/24 [120/1] via 150.50.24.2, 00:02:01, Serial0/0/0.24
C 150.50.24.0/24 is directly connected, Serial0/0/0.24
R 150.50.100.0/26 [120/1] via 150.50.24.2, 00:02:01, Serial0/0/0.24
R 150.50.5.64/27 [120/3] via 150.50.24.2, 00:02:01, Serial0/0/0.24
R4#sh ip proto
Routing Protocol is "rip"
  Outgoing update filter list for all interfaces is not set
  Incoming update filter list for all interfaces is not set
  Sending updates every 30 seconds, next due in 26 seconds
  Invalid after 180 seconds, hold down 0, flushed after 240
  Redistributing: rip
  Default version control: send version 2, receive version 2
    Interface Send Recv Triggered RIP Key-chain
    Serial0/0/0.24 2 2 Yes R2toR4
    Loopback0 2 2
  Automatic network summarization is in effect
  Maximum path: 4
  Routing for Networks:
    10.0.0.0
    150.50.0.0
    200.0.0.0
  Passive Interface(s):
    FastEthernet0/0
  Routing Information Sources:
    Gateway Distance Last Update
    150.50.24.2 120 00:02:07
  Distance: (default is 120)

R4#sh ip int brief
Interface IP-Address OK? Method Status
Protocol
FastEthernet0/0 10.10.1.4 YES manual up
up
FastEthernet0/1 unassigned YES unset administratively down
down
Serial0/0/0 unassigned YES manual up
up
Serial0/0/0.24 150.50.24.4 YES manual up
up
Serial0/0/1 unassigned YES unset administratively down
down
Loopback0 200.0.0.4 YES manual up
up
R4#

On 2/20/07, Victor Cappuccio <victor@ccbootcamp.com> wrote:
>
>
> Hi, seems to me that you have other problem different than Authentication
> My betis is that you musts configure
>
>
http://www.cisco-gu.com/univercd/cc/td/doc/product/software/ios113ed/cs/cspr
tn1/csrip.htm#xtocid2534115
>
> please show us your configurations, in order to avoid the guessing
>
> specifically:
> show ip route rip
> show ip proto
> show ip int brief
>
>
> thanks,
> Victor Cappuccio.-
> Network Learning Inc - A Cisco Sponsored Organization (SO) YES! We take
> Cisco Learning credits!
> victor@ccbootcamp.com
> http://www.ccbootcamp.com (Cisco Training and Rental Racks)
> http://www.ccbootcamp.com/groupstudy.html (groupstudy member discounts!)
> Voice: 702-968-5100
> FAX: 702-446-8012
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com on behalf of jennytan
> Sent: Tue 2/20/2007 19:14
> To: Cisco certification
> Subject: Authentication for RIP updates - IE workbook
>
> I am working on IPExpert workbook. R2 and R4 are enabled for RIP
> authentication. Below shows the debug ip rip event. Do you see
> authentication error? According to the proctor guide, I should be seeing
> invalid authentication.
>
> R2#
> *Feb 21 03:25:04.708: RIP: received v2 update from 150.50.24.4 on
> Serial0/0/0.24
> *Feb 21 03:25:04.712: RIP: Update contains 4 routes
> *Feb 21 03:25:04.712: RIP: received v2 update from 150.50.24.4 on
> Serial0/0/0.24
> *Feb 21 03:25:04.712: RIP: Update contains 4 routes
> *Feb 21 03:25:06.460: RIP: sending v2 update to 255.255.255.255 via
> FastEthernet0/0 (150.50.17.2)
> *Feb 21 03:25:06.460: RIP: Update contains 14 routes
> *Feb 21 03:25:06.460: RIP: Update queued
> *Feb 21 03:25:06.460: RIP: Update sent via FastEthernet0/0
> *Feb 21 03:25:11.228: RIP: ignored v2 update from bad source 150.50.7.5 on
> FastEthernet0/0
> *Feb 21 03:25:17.456: RIP: received v2 update from 150.50.9.5 on
> Serial0/0/1
> *Feb 21 03:25:17.456: RIP: Update contains 10 routes
> *Feb 21 03:25:18.332: RIP: sending v2 update to 224.0.0.9 via Loopback0 (
> 200.0.0.2)
> *Feb 21 03:25:18.332: RIP: Update contains 17 routes
> *Feb 21 03:25:18.332: RIP: Update queued
> *Feb 21 03:25:18.332: RIP: Update sent via Loopback0
> *Feb 21 03:25:18.332: RIP: ignored v2 packet from 200.0.0.2 (sourced from
> one of our addresses)
> *Feb 21 03:25:20.584: RIP: ignored v2 update from bad source 150.50.7.7 on
> FastEthernet0/0
> *Feb 21 03:25:20.612: RIP: sending v2 update to 224.0.0.9 via Serial0/0/1
> (
> 150.50.9.2)
> *Feb 21 03:25:20.612: RIP: Update contains 9 routes
> *Feb 21 03:25:20.612: RIP: Update queued
> *Feb 21 03:25:20.612: RIP: Update sent via Serial0/0/1u all
> All possible debugging has been turned off
>
>
> R4#
> *Feb 21 03:26:01.272: RIP: ignored v2 update from bad source 150.50.17.1on
> FastEthernet0/0
> *Feb 21 03:26:03.568: RIP: ignored v2 update from bad source 150.50.7.6 on
> FastEthernet0/0
> *Feb 21 03:26:05.240: RIP: received v2 update from 150.50.24.2 on
> Serial0/0/0
> *Feb 21 03:26:05.240: RIP: Update contains 15 routes
> *Feb 21 03:26:08.424: RIP: ignored v2 update from bad source 150.50.17.2on
> FastEthernet0/0
> *Feb 21 03:26:11.800: RIP: sending v2 update to 224.0.0.9 via Serial0/0/0
> (
> 150.50.24.4)
> *Feb 21 03:26:11.800: RIP: Update contains 13 routes
> *Feb 21 03:26:11.800: RIP: Update queued
> *Feb 21 03:26:11.800: RIP: Update sent via Serial0/0/0
> *Feb 21 03:26:15.876: RIP: ignored v2 update from bad source 150.50.7.5 on
> FastEthernet0/0
> *Feb 21 03:26:19.028: RIP: ignored v2 update from bad source 150.50.7.7 on
> FastEthernet0/0
> *Feb 21 03:26:19.372: RIP: sending v2 update to 224.0.0.9 via Loopback0 (
> 200.0.0.4)
> *Feb 21 03:26:19.372: RIP: Update contains 8 routes
> *Feb 21 03:26:19.372: RIP: Update queued
> *Feb 21 03:26:19.372: RIP: Update sent via Loopback0
> *Feb 21 03:26:19.372: RIP: ignored v2 packet from 200.0.0.4 (sourced from
> one of our addresses)u all
> All possible debugging has been turned off
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART