Routing Configuration Guide for Cisco 8000 Series Routers, Cisco IOS XR Release

PDF

Understanding RIP

Updated: June 30, 2026

Want to summarize with AI?

Log in

Explains the capabilities, limitations, metrics, version behavior, and common use cases of RIPv2 on Cisco IOS XR.

Provides an overview of RIPv2 capabilities, including support for CIDR, route summarization, VLSM, and multicast advertisements, while detailing its limitations and configuration requirements on Cisco IOS XR software.

Routing Information Protocol (RIP) is a distance-vector routing protocol that exchanges routing information within a small autonomous system.

  • RIP Version 1 supports only contiguous blocks of hosts, subnets, or networks in a single route.

  • RIP Version 2 supports Classless Inter-Domain Routing (CIDR).

  • RIP Version 2 also supports route summarization, variable-length subnet masks (VLSMs), autonomous systems, redistribution, and multicast address 224.0.0.9 for RIP advertisements.

RIP route metric limits

RIP utilizes specific metrics and update intervals to maintain routing information.

  • Hop count: RIP uses hop count to measure route cost.

    • A directly connected network has a metric of zero.

    • An unreachable network has a metric of 16.

    • This limited metric range makes RIP unsuitable for large networks.

  • Update interval: Advertises routing information every 30 seconds by default.

RIPv2 enhancements over RIPv1

RIPv2 provides several enhancements over the legacy RIPv1 protocol to support modern network requirements.

  • Route summarization: Allows aggregation of network routes.

  • Variable-length subnet masks (VLSMs): Supports efficient IP address allocation.

  • Autonomous systems and the use of redistribution: Enables integration with other routing domains.

  • Multicast address 224.0.0.9: Used for efficient RIP advertisements.

Cisco IOS XR supports only RIP Version 2 (RIP v2), as specified in RFC 2453.

  • By default, the software sends and receives only RIP v2 packets.

  • You can configure an interface to send only Version 1 packets, receive only Version 1 packets, use only Version 2 packets, or use both version types.

Note

VRF does not allow configuration of a group applied directly under router RIP. You can configure a group only if it is applied globally or under a VRF.

When to use RIP

RIP is widely used because it is simple to deploy and operate. RIP is a good choice in these situations:

  • When the network must interoperate with diverse network devices.

  • When the network is small and requires little bandwidth, configuration effort, and management overhead.

  • When the network must support legacy host systems.

How RIP selects and advertises routes

Summary

RIP selects routes by using hop count as its metric and advertises routing updates at regular intervals.

Workflow

These stages describe how RIP manages routing information.

  1. Evaluate route cost: RIP assigns a hop count to each route, representing the number of routers that the route traverses. RIP determines the relative cost of each route.
  2. Identify reachable and unreachable routes: RIP treats a directly connected network as metric zero and an unreachable network as metric 16. RIP identifies which routes are usable and which routes are unreachable.
  3. Advertise routing updates: RIP advertises routing information updates every 30 seconds by default. Neighboring routers receive periodic route information.
  4. Store new route information: When RIP discovers new updates from neighbor routers, it stores them in the routing table. The routing table reflects the latest route information that RIP has learned.

Result

RIP selects routes by hop count and maintains route information through periodic advertisements and routing table updates.

How split horizon works in RIP

Summary

Split horizon helps prevent routing loops in RIP on broadcast-type IP networks. It suppresses route advertisements on the interface from which the route information originated.

Workflow

These stages describe how split horizon functions within the RIP domain.

  1. Receive route information: A router receives route information on an interface from another router in the RIP domain. The router identifies the interface on which it learned the route.
  2. Suppress route advertisement on the source interface: Split horizon prevents the router from advertising that route out of the same interface on which it was learned. The router reduces the possibility of routing loops.
  3. Optimize communication after a link failure: This behavior helps optimize communication among multiple routers, especially when a link fails. The network reduces unnecessary route propagation during recovery.
  4. Handle interfaces with secondary IP addresses: If an interface has secondary IP addresses and split horizon is enabled, RIP might not source updates from every secondary address. The router sources one routing update for each network number unless split horizon is disabled. The router controls how it sources updates on interfaces that have multiple addresses.

Result

RIP uses split horizon to reduce routing loops and control how route updates are advertised on broadcast-type IP networks.

Route timers for RIP

You can adjust these timers to tune RIP performance and reduce network disruption during routing changes.

RIP supports these timer settings:

  • Update rate: Specifies the interval, in seconds, between routing updates.

  • Invalid interval: Specifies how long, in seconds, a route remains valid without an update.

  • Suppression interval: Specifies how long, in seconds, RIP suppresses information about better paths.

  • Flush interval: Specifies how long, in seconds, RIP keeps a route before removing it from the RIP topology table.

  • Output delay: Specifies the delay, in seconds, between RIP update packets.

Use the timers basic command to configure the update rate, invalid interval, suppression interval, and flush interval. Use the output-delay command to configure the delay between RIP update packets.

Adjusting these timers can improve convergence and help reduce disruption when the network switches to a redundant path.

Route redistribution for RIP

Use this information to understand how RIP exchanges routing information with other routing protocols.

Route redistribution lets a router inject routes from one routing protocol into another. Routers that exchange routes between different routing domains are boundary routers. Without redistribution, routers in a routing domain know only the routes that belong to that domain.

You might use route redistribution with RIP for these reasons:

  • To advertise routes from other protocols into RIP, such as static, connected, OSPF, and BGP.

  • To migrate from RIP to a new Interior Gateway Protocol (IGP) such as EIGRP.

  • To continue using RIP on some routers that support legacy host systems while you upgrade other routers.

  • To exchange routes in a mixed-vendor network environment.

Route redistribution lets different parts of a network use the routing protocol that best fits their needs. This flexibility can reduce cost and support a wider range of technical requirements.

A simple redistribution case uses the redistribute static command to advertise static routes into RIP. More complex redistribution designs can introduce routing loops, incompatible routing information, or inconsistent convergence times. When multiple routing protocols run on the same router, review route selection behavior and administrative distance carefully.

Default administrative distances for RIP

Use this information to understand the default administrative distance values that apply when you redistribute routes with RIP.

Administrative distance measures how much the router trusts a source of IP routing information. Lower values indicate higher trust. Higher values indicate lower trust. A value of 255 means that the router does not trust the source and ignores the route.

When you use RIP with route redistribution, review the default administrative distances for other route sources so that you can assign an appropriate distance value.

Table 1. Default administrative distances of route sources

Routing protocols

Administrative distance value

Connected interface

0

Static route out an interface

0

Static route to next hop

1

EIGRP Summary Route

5

External BGP

20

Internal EIGRP

90

OSPF

110

IS-IS

115

RIP version 1 and 2

120

External EIGRP

170

Internal BGP

200

Unknown

255

Routing policy options for RIP

Use this information to understand how RIP route policies are structured and formatted.

A route policy is a configuration object that consists of related statements and expressions. The policy begins with the route-policy keyword and ends with the end-policy keyword. The router evaluates the statements in the policy together, not as separate commands.

Each line in a route policy is a logical unit. Use these formatting rules when you define a route policy:

  • Add at least one new line after the then , else , and end-policy keywords.

  • Add a new line after the closing parenthesis of a parameter list.

  • Add a new line after the name string in a reference to an AS path set, community set, extended community set, or prefix set.

  • Add at least one new line before the definition of a route policy, AS path set, community set, extended community set, or prefix set.

  • You can add one or more new lines after an action statement.

  • You can add one or more new lines after a comma separator in a named AS path set, community set, extended community set, or prefix set.

  • End each logical unit of a policy expression with a new line. Do not insert a new line inside a logical unit.

RIP keychain authentication

Use this information to understand how RIP authenticates interface traffic by using the Cisco IOS XR keychain infrastructure.

RIP keychain authentication uses the Cisco IOS XR security keychain infrastructure to store and retrieve secret keys. The router uses these keys to authenticate inbound and outbound RIP traffic on an interface.

Keychain management lets devices share secret keys before they establish trust. Routing protocols and network management applications use this mechanism to improve security when they communicate with peers.

Note

The Cisco IOS XR system security component provides keychain management. For more information about keychain concepts, configuration tasks, examples, and commands, see the keychain management documentation in the System Security Configuration Guide and System Security Command Reference.

Note

A keychain has no effect unless an application uses it for authentication. When you configure a keychain in the IOS XR keychain database and apply it to a RIP interface, the router uses that keychain to authenticate incoming and outgoing RIP traffic on that interface.

If you do not configure an authentication keychain on a RIP interface, the router treats RIP traffic on that interface as authentic and does not apply authentication checks.

RIP supports these authentication modes:

  • keyed message digest mode: Use the authentication keychain keychain-name mode md5 command

  • clear text mode: Use the authentication keychain keychain-name mode text command

If a RIP interface is configured with a keychain, but the keychain does not exist in the keychain database or is not configured with the MD5 cryptographic algorithm, the router drops all inbound RIP packets on that interface. The router sends outbound RIP packets without authentication data.

Inbound RIP traffic on an interface

Use this information to understand how RIP validates inbound packets on an interface that is configured with a keychain.

RIP verifies inbound packets by using these rules:

Table 2. Inbound RIP packet authentication results
If Then
The keychain configured on the RIP interface does not exist in the keychain database. The router drops the packet and logs a RIP component-level debug message with details about the authentication failure.
The keychain is not configured with the MD5 cryptographic algorithm. The router drops the packet and logs a RIP component-level debug message with details about the authentication failure.
The Address Family Identifier of the first entry in the message is not 0xFFFF. The router treats the packet as unauthenticated, drops it, and logs a RIP component-level debug message with details about the authentication failure.
The MD5 digest in the authentication data is invalid. The router drops the packet and logs a RIP component-level debug message with details about the authentication failure.
None of these conditions occurs. The router forwards the packet for further processing.

Outbound RIP traffic on an interface

Use this information to understand how RIP handles outbound packets on an interface that is configured with a keychain.

RIP processes outbound packets by using these rules:

Table 3. Outbound RIP packet authentication results
If Then
The keychain is configured with the MD5 cryptographic algorithm. The remote router can authenticate the RIP packet if it is configured with the same keychain.
The keychain is not configured with the MD5 cryptographic algorithm. RIP packets fail authentication at the remote router.