Routed - ripv2 configure
-
Hi,
I installed package routed and configured RIPv2. Its works but Pfsense send rip messages with information about all subnetwork. Is there any way to manually defined rip advertisements, which is send by pfsense?
For example i have subnetwork:
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24Now i can see:
RIPv2, Response, length: 124, routes: 3
AFI IPv4, 192.168.1.0/32, tag 0x0000, metric: 1, next-hop: self
AFI IPv4, 192.168.2.0/32, tag 0x0000, metric: 1, next-hop: self
AFI IPv4, 192.168.3.0/32, tag 0x0000, metric: 1, next-hop: selfbut i want hide information about one subnetwork and see following messages:
RIPv2, Response, length: 124, routes: 2
AFI IPv4, 192.168.1.0/32, tag 0x0000, metric: 1, next-hop: self
AFI IPv4, 192.168.2.0/32, tag 0x0000, metric: 1, next-hop: self -
What scenario are you needing to use rip??
You have 3 networks, why not just manually create the routes? For the ones you want to be able to get to?
-
My pfsense is connected with other routers(cisco). Its part of company network, i am responsible only for pfsense's subnetworks. Pfsense advertise route to OpenVpn subnetwork and also no private network. I want to to avoid it so i am interesting if is it possible to configure rip advertisment send from pfsense.
I tried login to shell and run process routed from console but its not work or i don't know how to set properly parameters. -
What scenario are you needing to use rip??
You have 3 networks, why not just manually create the routes? For the ones you want to be able to get to?
I'm with John here.
On the Cisco :-
ip route 192.168.1.0 255.255.255.0 pfsense-gw-ip-address
ip route 192.168.2.0 255.255.255.0 pfsense-gw-ip-addressAlso get them to redistribute static routes into what ever routing protocol they use, if you require the routes to go off site.
What routing protocol do they use on the Cisco equipment ?
As a network admin there's no way I'd let anyone run a routing protocol to advertise routes without doing any sort of route filtering my end.
-
"As a network admin there's no way I'd let anyone run a routing protocol to advertise routes without doing any sort of route filtering my end."
Exactly!!! What keeps you from bringing up a network that steps on an existing network and then advertising it - while you might run a routing protocol between locations if you control both sides and you bring up new networks all the time all over the place according to your ip management, etc..
If you do not control the other site routing or IP overall for the company, it would need to be filtered by them. And since it seems they only need or want to be able to get to 2 of your networks just have them create a static route. And depending on these networks they could even summarize it so its only 1 route (depend on your networks your using).
For 2 static networks is also not very efficient to run a routing protocol unless they are going to change all the time, or your using it for some sort of failover feature where if you loose routes from one path, you take a different path to get to that network, etc. Is your router a path to other networks where you need to announce these downstream networks from you, etc. And these networks change? If not its easier to just do simple static routing.
On another note - rip even v2 ;) is quite OLD, if your a cisco shop highly unlikely they would be running it.. Guess it could be used as your common routing protocol if needed, but as mentioned they would most likely just redistribute these into their network via some more current or useful protocol. eigrp, ibgp, etc.
-
Thank you for help. We use static routing earlier but from time to time something is change so we want enable any routing protocol. Cisco routers also use ripv2. I resolved my problem. I added parameter "passive" in /etc/gateways to interface which i don't want advertise.