arip command
Last updated
Last updated
ARIP module is a standard routing RIP protocol realization, which supports two RIP versions - RIP-1 and RIP-2. Module configuration is performed by "arip" command.
ARIP has its own command shell (CS). CS is available only when ARIP daemon is started. To enter ARIP CS use the "arip" command. Commands in CS are not case-sensitive and can be shortened until ambiguity appears. To get a quick hint you can press "?" at any time.
The command shell has a number of modes:
Basic mode;
RIP configure;
RIP config-if;
RIP config-router;
RIP config-route-map.
The current mode is displayed along with the command prefix in the form "RIP(mode)#". Initially, the CS is in the basic mode, which parameters are only for viewing the router current state. In order to switch the configuration mode you should have superuser rights. After entering a configuration mode, the configuration is being blocked and entering in this mode from other terminal (e.g. other telnet session) is prohibited. In order to avoid a "dead" block of the session, CS automatically quits the configuration mode after two minutes of no activity. The "end" command allows to exit any mode.
The transition scheme between different modes of CS:
Commands may have different arguments, which are specified in several formats. Arguments format is described in the context help ("?") or in the list of commands ("help") in the following way:
"A.B.C.D" – IP address (ex, 192.168.0.15).
"WORD" – a set of characters with no spaces.
"<1-N>" – a decimal number in a range from 1 to N.
"A.B.C.D/M" – a parameter is set in a format IP address/subnet mask length – an integer in range 0...32 (ex. 192.168.0.0/24).
"IFNAME" – name of a physical network interface (ex. eth0).
If an argument can be written in different formats, it will be displayed in round brackets, options are separated by "|" character. Example: "(A.B.C.D|<0-4294967295>)". If an argument is optional, it is put into square brackets: "[]". Any parameter may have "no" prefix, it will remove a corresponding parameter from the configuration.
Syntax:
start
Starts ARIP daemon.
help
Displays the whole command list for the current mode.
end
Goes back from the current mode to the basic RIP mode, keyboard shortcut Ctrl+C can also be used.
exit
Exit from ARIP CS, keyboard shortcut Ctrl+D can also be used.
show
Allows to review current running RIP router configuration.
"access-list" – displays access lists content.
"[(<1-99>|<100-199>|<1300-1999>|<2000-2699>|WORD)]" - the list identifier, if not specified then a content of all lists is displayed.
"memory" – a memory statistic.
"all", "lib", "ospf" and "rip" – specify values types to be shown. If not specified, data will be displayed for all types, same as the "all" parameter.
"prefix-list" – displays prefix-lists content (for more information about the prefix lists configuration see subsection "Filtration objects").
"rip" – displays RIP protocol summary information. Displays an information about timers, filters, versions, interfaces on which RIP is enabled.
"route" – displays a routing table. For more information about table content see the "Example" subsection.
"running-config" – shows a current router’s configuration, available in any mode.
"show thread cpu" – shows current cpu load. Filters can be used to display specific data (rwtex).
"version" – shows ARDA version.
debug level N
Adds RIP debug information to the system log.
"N" – possible log levels are from "0" (no information logged) to "255" (the most verbose logging).
configure
Allows to enter the "RIP configure" mode.
stop (daemon|clear)
Stops the RIP daemon:
"daemon" – stops the RIP router
"clear" – the router will clear its system configuration part before quitting ARIP CS.
access-list
Access lists are used in the router's configuration as filters, in addition, they are also used to set the matching conditions in the route map configuration. Access lists consist of an operators set. Each operator consists of a IP addresses range (matching conditions) and resulting action: "deny" or "permit". The IP addresses range is set in "<value> <mask>" form. The object to be filtrated has its basic parameter in the same format (IP address, subnet etc). To make a decision whether the object corresponds with a list, each operator from the list is consequently applied to the object basic parameter until this parameter satisfies the condition. When a right condition is met, the decision is made according to the record in the operator command.
While configuring, the operators are added to the end of the list. Thus, when filtering, the sequence of viewing access list operators is determined only by the sequence of their addition.
There are three access lists type in the RIP router.
Standard – is identified in ranges 1-99 and 1300-1999 and is used to evaluate one filtration objects parameter.
Extended – is identified in ranges 100-199 and 2000-2699 and is used to evaluate one filtration objects parameter (ex. source IP address and destination IP address).
Nominate – is similar to the standard, but is identified by a name. In addition, operators are configured in a "<value>/<mask length>" format.
For more information about managing access lists parameters see the "Filtration objects" subsection.
prefix-list
Prefix-lists, same as access lists, are used as filters in a router configuration and works on the same principles, however, they have a number of differences in the operators. First, besides the range and solution each operator can have also a sequential number (1-4294967295), which are used to sort the lists. It allows to manage the operators view sequence when filtering objects. If a sequential number is not specified the router sets it up automatically by adding 5 to the last operator number in a list. Thus, the operator will have the biggest number and will be placed in the end of the list. Secondly, the length mask can be used as the filtering condition.
"ge <0-32>" – sets the minimum mask length in range 0...32.
"le <0-32>" – sets the maximum mask length in range 0...32.
"ge <0-32> le <0-32>" – sets the allowed values range.
For more information about managing prefix-lists parameters see the "Filtration objects" subsection.
clear prefix-list WORD
Clear prefix-list with the "WORD" name.
key chain WORD
Allows to set a key that will be used for authentication. "WORD" – key chain name. After applying this parameter, CS will switch to the "RIP(config-keychain)#" mode, where it is possible to set the key identifier in the 0...2147483647 range. Following parameters can be also specified in the "RIP(config-keychain-key)#" mode:
"accept-lifetime" – sets the time period during which the authentication key in the key-chain is considered valid. Time is displayed in format: <HH:MM:SS>, <day(1-31)>, <month>, <year (1993-2035)>.
"key-string LINE" – sets md5 secret key, where "LINE" – text key.
"send-lifetime" – sets the sending valid key time period.
For more information see the "authentication" parameter of the "RIP config-if mode" subsection.
router
Allows to enter the "RIP config-router" mode. For more information see the "RIP config-router mode" subsection.
route-map WORD (deny|permit) <1-65535>
Allows to create the road-map. The ARIP command shell is switching to route-map configuration mode.
"WORD" – route-map identifier.
"deny|permit" – a record resulting action.
"<1-65535>" – record number.
Route-map is a conditional records set. Records are viewed in order from first to last. Each record is decribed by following parameters:
It number in the map.
Resulting action:
"deny" – the route is denied, map’s records review is aborted and a resulting object is cancelled (link is not advertised);
"permit" – all actions specified in the record are performed for a resulting object. Further, records viewing is stopped or, if specified in the scenario, it is resumed depending on the option specified in the scenario.
Actions to be done with a resulting object in case of its correspondence (assignments of the metric type and / or value to the link).
There are two versions of records review can be set in a scenario:
"on-match next";
"on-match goto <N>.
For more information about this mode see the "RIP config-route-map mode" subsection.
interface IFNAME
Entering the "config-if" mode. For more information about this mode see the "RIP config-if mode" subsection.
"IFNAME" – an interface to configure.
network (A.B.C.D/M|WORD)
Enables RIP on the network interface.
"A.B.C.D/M" – network IP address with the subnet mask length. RIP will be enabled on the interface with network address matching with the specified network.
"WORD" – an interface name.
neighbor A.B.C.D
Allows to establish a direct link between routers, in cases if not all routers understand multiсast requests.
"A.B.C.D" – neighbor router IP address.
redistribute (kernel|connected|static|ospf) [metric <0-16777214>] [route-map WORD]
Allows router to advertise external links. Redistributed routes are classified by:
Specific protocol:
"ospf".
Type:
"kernel" – routes created by the kernel, except for the default route.
"connected" – directly connected routes.
"static" – static routes.
"metric <0-16777214>" – a link metric value.
"route-map WORD" – external routes can also be filtered using the route-map, for more information see "RIP config-route-map mode", "WORD" – the route-map identifier.
distribute-list (WORD|prefix) (in|out) [WORD]
Allows to define criteria a router will use to advertise the link.
"WORD" – the access list identifier to which the destination of the system routing table record must match.
"prefix" – the prefix-list identifier to which the destination of the system routing table record must match.
"in|out" – if "in" value is specified, list is applied to incoming packets, if "out" – to outgoing.
"[WORD]" – a network interface name.
default-metric <1-16>
Allows to set the default metric value for all external channels. If default metric is not defined, it equals 1.
default-information originate
By default, in the "redistribute kernel" mode the router will not make an advertisement into system about having as a link to default gateway, even if it is clearly written in the routing table by the administrator. This parameter allows the default route advertisement.
route-map WORD (in|out) IFNAME
Enables a route map using on a specific interface.
"WORD" – previously created road-map name.
"in|out" – if "in" value is specified, list is applied to incoming packets, if "out" – to outgoing.
"IFNAME" – a network interface name.
timers basic update timeout garbage
Changes timers values.
"update" – sets the complete routing table distribution periodicity to all neighboring RIP routers. The value is in seconds in range 5...2147483647, by default is 30.
"timeout" – sets the time period after which the route is no longer considered valid. It remains in the routing table for some time to make neighboring routers understand that the route is no longer used. The value is in seconds in range 5...2147483647, by default is 180.
"garbage" – sets the time period after which the outdated routing information is removed from the routing table.
distance <1-255> [A.B.C.D/M]
Sets an administrative distance value in range 1...255 for routes from the specified source.
"A.B.C.D/M" – source IP address, if not specified, the value is set for all sources.
offset-list WORD (in|out) [IFNAME]
Allows to change the incoming / outgoing routes metric.
"WORD" – the access list identifier.
"in|out" – if "in" value is specified, list is applied to incoming packets, if "out" – to outgoing.
"IFNAME" – a network interface name, if not specified, the value is applied to the whole router.
passive-interface (IFNAME|default)
Allows to manage a routing information updates. Suppresses the routing updates over some interfaces, but allows to exchange updates through other interfaces in normal mode.
"IFNAME" – interfaces that will not be used to establish neighbor relationships or to send out routing updates.
"default" – the parameter will be applied to all router network interfaces.
route A.B.C.D/M
Allows to configure static routes within the RIP module.
"A.B.C.D/M" – the source IP address.
version <1-2>
Sets the RIP protocol version.
tagged
Enables the tag assignment mode.
split-horizon [poisoned-reverse]
Enables "split horizon" algorithm at the device network interface. When the "split horizon" algorithm is enabled device doesn’t announce routes through an interface from which they were obtained, thus reducing the local routing cycles probability. "Split horizon" algorithm without "poisoned-reverse" parameter is enabled by default.
"poisoned-reverse" – if specified, device when removing the route, keep it for some time in the routing table and include in the standard distribution announcement with special reference so that neighboring routers realize that the route is no longer used. Route metric has the value 16 in this case.
authentication (key-chain LINE|mode (md5|text)|string LINE)
Sets authentication for the current interface, it allows to prevent an unauthorized routers connection to RIP system, the system has an identity check for protocol’s packets. By default, the router does not have any authentication (null-authentication).
"authentication mode (md5|text)" – allows to select authentication mode. "text" – simple password authentication. "md5" – authentication with using of message-digest signatures check.
"string LINE" – sets password for simple authentication. "LINE" – password, less than 16 symbols.
description
Adds interface description.
send version (1|2|1 2)
Sets the RIP protocol version, which is used by current interface to send packets. This setting will work despite the global RIP settings ("version" parameter). Following values can be set: RIP-1/RIP-2/RIP-1 and RIP-2. By default, sends packets according to global settings (RIP-2).
receive version (1|2|1 2)
Sets the RIP protocol version, for packets which are received by current interface. This setting will work despite the global RIP settings ("version" parameter). Following values can be set: RIP-1/RIP-2/RIP-1 and RIP-2. By default, receives packets according to global settings (RIP-1 and RIP-2).
match address[(<1-199>|<1300-2699>|WORD)]|prefix-list WORD]|interface WORD|next-hop[(<1-199>|<1300-2699>|WORD)|prefix-list WORD]|metric <0-4294967295>|tag <0-65535>
Sets matching conditions for the imported route. For each record several conditions can be set. If several conditions are specified they are applied according to the "and" rule.
"address" – destination address matching, the condition will be fulfilled if the corresponding route parameter belongs to the specified filter list. Following filter lists can be specified:
"<1-199>|<1300-2699>|WORD" – access list name;
"prefix-list WORD" – prefix-list name.
"interface WORD" – matching of the network interface to which the route belongs, "WORD" – interface name.
"next-hop" – next-hop IP address matching, filter lists are specified same way as for destination address matching.
"metric" – matching of the metric value in range 0...4294967295, note, in RIP zone only values in range 0...16 is taken into account.
"tag" – matching of the tag value in range 0...65535.
set metric <0-4294967295>|next-hop A.B.C.D|tag <0-65535>
Sets link metric, next-hop and link tag values, If a route matches to all record’s rules.
"metric <0-4294967295>" – metric value in range 0...4294967295, note, in RIP zone only values in range 0...16 is taken into account.
"next-hop A.B.C.D" – next-hop IP address, only for RIP-2.
"tag" – tag value in range 0...65535. The label is assigned to the link in order to avoid cyclic route announcement from one zone to another.
on-match (goto <1-65535>)|next
Sets behavior scenario, if the route matches all conditions.
"on-match next" – reviewing continues from the next record to the current one;
"on-match goto <N>" – reviewing continues from the record with "N" number, it can never be before the current one.
CAUTION
In order for the route map to be used by current interface, the "route-map" parameter must be applied in the "RIP config-router" mode.
The following "config" mode parameters are used to create or modify access lists for a RIP router.
Standard list:
"(<1-99>|<1300-1999>)" – list identifier.
"(deny|permit)" – resulting action.
"A.B.C.D A.B.C.D" – IP address range in "<value> <mask>" form.
This parameter creates an operator in a standard access list. Value and mask define a range (criteria) for the operator. The mask defines those bits of the value which form the range. For example, in order to specify the range of IP address from 192.168.12.0 to 192.168.255, the "192.168.12.0" value and the "0.0.0.255" mask should be specified. For value and mask of 0.0.0.0 255.255.255.255 there is a key word "any". Commands below are equal.
For the range which consists of only one address, the key word "host" is used. Commands below are equal.
Extended list:
"(<100-199>|<2000-2699>)" – list identifier.
"(deny|permit)" – resulting action.
"A.B.C.D A.B.C.D" – source IP address range.
"A.B.C.D A.B.C.D" – destination IP address range.
Nominate list:
"WORD" – list identifier.
"(deny|permit)" – resulting action.
"A.B.C.D/M" – IP address range.
"exact-match" – is used for the exact match of a parameter to the range.
"WORD" – list identifier.
"seq <1-4294967295>" – sequential number.
"(deny|permit)" – resulting action.
"A.B.C.D/M" – IP address range.
"exact-match" – is used for the exact match of a parameter to the range.
"ge <0-32> le <0-32>" – allowed mask values range.
Enable RIP on the interface with network IP address matching "4.7.8.0/24".
Set authentication using a secret key. By using "key chain" parameter create the "TEST" key-chain with key identifier "123" and set the secret key value "TESTTEST".
Enable MD5 authentication mode and select secret key with "TESTTEST" name.
The "no" prefix is used to disable authentication.
Create such configuration for the "eth0" interface to allow packets which are routed in "10.0.0.0/8" network only. In the "config" mode create "private" nominate access list which allow "10.0.0.0/8" network IP addresses and deny all others. After that in "config-router" mode apply this list to the "eth0" interface.
In the following configuration, the router advertises external links created from the system routing table "connected" routes. If a destination for this route is a "192.168.200.0/24" subnetwork, the formed link will have metric 7, any other destination will not lead to route advertising it.
"key-chain LINE" – sets md5 secret key. "LINE" – the secret MD5 key name, the key can be specified in the "" parameter of the "ARIP config" mode.
