RIPv2

The RIP version 2 protocol adds capabilities to RIP. Some of the most notable RIPv2 enhancements follow.

Network Mask

The RIPv1 protocol assumes that all sub-networks of a given network have the same network mask.

It uses this assumption to calculate the network masks for all routes received.

This assumption prevents subnets with different network masks from being included in RIP packets.

RIPv2 adds the ability to specify explicitly the network mask for each network in a packet.

Authentication

RIPv2 packets also can contain one of two types of authentication methods that can be used to verify the validity of the supplied routing data.

The first method is a simple password in which an authentication key of up to 16 characters is included in the packet.

If this password does not match what is expected, the packet is discarded.

This method provides very little security, as it is possible to learn the authentication key by watching RIP packets.

The second method uses the MD5 algorithm to create a crypto checksum of a RIP packet and an authentication key of up to 16 characters.

The transmitted packet does not contain the authentication key itself; instead, it contains a crypto checksum called the digest.

The receiving router performs a calculation using the correct authentication key and discards the packet if the digest does not match.

In addition, a sequence number is maintained to prevent the replay of older packets.

This method provides stronger assurance that routing data originated from a router with a valid authentication key.