Contents

Overview 1

Introducing Routing 2

Designing a Functional Routing Solution 7

Discussion: Designing Routing Solutions 20

Securing Private Network Connections 22

Enhancing a Routing Design for
Availability and Performance 30

Discussion: Enhancing Routing Solutions 31

Lab A: Designing a Routing Solution 33

Review 42


Module 8: Routing as a
Solution for Private
Network Connectivity

Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.

 2000 Microsoft Corporation. All rights reserved.

Microsoft, Active Directory, ActiveX, BackOffice, FrontPage, JScript, MS-DOS, NetMeeting,
PowerPoint, Visual Basic, Visual C++, Visual Studio, Win32, Windows, Windows Media,
Windows NT, are either registered trademarks or trademarks of Microsoft Corporation in the
U.S.A. and/or other countries/regions.

Project Lead: Don Thompson (Volt Technical)
Instructional Designers: Patrice Lewis (S&T OnSite), Renu Bhatt NIIT (USA) Inc.
Instructional Design Consultants: Paul Howard, Susan Greenberg
Program Managers: Jack Creasey, Doug Steen (Independent Contractor)
Technical Contributors: Thomas Lee, Bernie Kilshaw, Joe Davies
Graphic Artist: Kirsten Larson (S&T OnSite)
Editing Manager: Lynette Skinner
Editor: Kristen Heller (Wasser)
Copy Editor: Kaarin Dolliver (S&T Consulting)
Online Program Manager: Debbi Conger

Online Publications Manager: Arlo Emerson (Aditi)
Online Support: Eric Brandt (S&T Consulting)
Multimedia Development: Kelly Renner (Entex)
Test Leads: Sid Benevente, Keith Cotton
Test Developer: Greg Stemp (S&T OnSite)
Production Support: Lori Walker (S&T Consulting)
Manufacturing Manager: Rick Terek (S&T OnSite)
Manufacturing Support: Laura King (S&T OnSite)
Lead Product Manager, Development Services: Bo Galford
Lead Product Manager: Ken Rosen
Group Product Manager: Robert Stewart

Other product and company names mentioned herein may be the trademarks of their respective
owners.



Module 8: Routing as a Solution for Private Network Connectivity iii


Instructor Notes
This module provides students with the information and decision-making
experiences needed to design connectivity solutions between private networks
by using Routing and Remote Access. Students will evaluate and create routing
solutions to support the private network connectivity requirements of an
organization.
At the end of this module, students will be able to:

Recognize routing as a solution for connectivity between private networks.


Evaluate and create a functional routing design.

Select appropriate strategies to secure a private network connection.

Select appropriate strategies to enhance the availability and performance of
a routing solution.

Upon completion of the lab, students will be able to design a routing solution
that supports the private network connectivity requirements of an organization.
Course Materials and Preparation
This section provides you with the materials and preparation needed to teach
this module.
Required Materials
To teach this module, you need the following materials:

Microsoft
®
PowerPoint
®
file 1562B_08.ppt

Preparation Tasks
To prepare for this module:

Review the contents of this module.

Read any relevant information in the Microsoft Windows
®
2000 Help files,
Windows 2000 Resource Kit, or in documents provided on the Instructor

CD.

Read the relevant RFCs in the Windows 2000 Help files.

Review the discussion material and be prepared to lead class discussions on
the topics.

Complete the lab and be prepared to elaborate beyond the solutions found
there.

Read the review questions and be prepared to elaborate beyond the answers
provided in the text.

Presentation:
90 Minutes

Lab:
60 Minutes
iv Module 8: Routing as a Solution for Private Network Connectivity


Module Strategy
Use the following strategy to present this module.

Introducing Routing
Routing, as provided by the Routing and Remote Access feature of
Windows 2000, supports secured communication over private and public
networks.
In this section:
• Emphasize that the network designer needs to determine the number of

locations and hosts, the routing protocols supported by the design, and
the security requirements of the network. This information provides the
basic decisions for designing a routing solution.
• Explain that isolating a secure and private network, restricting Internet
and private network traffic, supporting multiple protocols, and
integrating with existing network designs are some of the main features
of Routing and Remote Access.
• Point out that, to provide Resource Reservation Protocol (RSVP)
support, reduce undesired traffic, and provide router authentication and
encryption of data, the router integrates with other Windows 2000
networking services.

Designing a Functional Routing Solution
Designing a functional routing solution includes selecting and placing the
routers within a network, and including various protocols in the design.
In this section:
• Emphasize that the routers must be placed within the private network or
at the edge of the private network to localize traffic and maintain
security.
• Emphasize that the selection of interface address and subnet mask,
interface data rate and persistence, and interface security is essential to
integrating the router into the existing network.
• Point out that static routing is included in the Routing and Remote
Access design so that routers can forward packets to their respective
destinations.
• Point out that Routing Information Protocol (RIP)-for-Internet Protocol
(IP) is included in the design so that routers can automatically update
routing table information. This is done to automatically update the
routing table information.
• Point out that Open Shortest Path First (OSPF) routing protocol must be

included in the network design so that routers can automatically update
routing information for unicast packets.
• Explain that Internet Group Management Protocol (IGMP) is added to
the routing design so that the router can pass IGMP Membership Report
packets from a single-router private network to a multicast-capable
portion of the Internet.
Module 8: Routing as a Solution for Private Network Connectivity v


• Explain that the DHCP Relay Agent must be included in the design so
that routers can forward DHCP traffic from DHCP clients to DHCP
servers.
• Ensure that students understand the scenario description and directions
for the Discussion. Direct them to read through the scenario and answer
the questions. Be prepared to clarify if necessary. Lead a class
discussion on the students’ responses.

Securing Private Network Connections
The security of an IP routing design is measured by the ability of the design
to prevent unauthorized access to data transmissions. Routing and Remote
Access enhances IP routing security by encrypting data and mutual
authentication of remote routers.
In this section:
• Emphasize that, to ensure a secure network, undesired network traffic
must be restricted by using Routing and Remote Access filters, and all
traffic must be filtered based on the IP address and the protocol number
of the packets to be filtered.
• Explain that Internet Protocol Security (IPSec) offers a variety of
authentication and data encryption algorithms. Selecting IPSec tunnel
mode, and specifying the IPSec authentication protocol and encryption

algorithm, are a few of the authentication methods.
• Point out that virtual private network (VPN) tunnels can also be used to
encrypt data and prevent the unauthorized viewing of confidential data
that is transmitted across public networks.
• Explain that RIP-for-IP or OSPF passwords, demand-dial authentication,
and IPSec machine certificates are a few methods of authenticating
routers to prevent the unauthorized viewing of confidential data.
• Explain that routers can be placed within the private network to create
screened subnets or to integrate into existing screened subnets. Screened
subnets isolate the private network from the Internet while allowing
private network traffic to be routed between locations.

Enhancing a Routing Design for Availability and Performance
By dedicating a computer to routing, selecting persistent wide area network
(WAN) connections, and providing multiple routers or multiple WAN
connections, the availability and performance of routing solutions can be
enhanced.

Make sure students understand the scenario description and directions for
the Discussion. Direct them to read through the scenario and answer the
questions. Be prepared to clarify if necessary. Lead a class discussion on the
students’ responses.

vi Module 8: Routing as a Solution for Private Network Connectivity


Lab Strategy
Use the following strategy to present this lab.
Lab A: Designing a Routing Solution
In the design lab, students will design a routing solution based on the specific

requirements outlined in the given scenario.
Students will review the scenario and the design requirements and read any
supporting materials. They will use this information, and the knowledge gained
from the module, to develop a detailed design that uses routing as a solution.
To conduct the lab:

Read through the lab carefully, paying close attention to the instructions and
to the details of the scenario.

Consider dividing the class into teams of two or more students.

Present the lab, and make sure students understand the instructions and the
purpose of the lab.

Remind students to consider any functionality, security, availability, and
performance criteria provided in the scenario, and how they will incorporate
strategies to meet these criteria in their design.

Allow some time to discuss the solutions after the lab is completed. A
solution is provided in your materials to assist you in reviewing the lab
results. Use the worksheet provided in the Instructors Handbook to record
inputs for the possible solutions. Encourage students to critique each other’s
solutions and to discuss any ideas for improving their designs.


Module 8: Routing as a Solution for Private Network Connectivity 1


Overview


Introducing Routing

Designing a Functional Routing Solution

Discussion: Designing Routing Solutions

Securing Private Network Connections

Enhancing a Routing Design for Availability and
Performance

Discussion: Enhancing Routing Solutions


To share data and resources, geographically distributed private networks require
connectivity between multiple locations. These locations can be connected by
using dedicated, private connections, or over shared, public networks such as
the Internet.
Routing, as provided by the Routing and Remote Access feature of Microsoft
®
Windows
®
2000, supports secured communication over private and public
networks.
At the end of this module, you will be able to:

Recognize routing as a solution for connectivity between private networks.

Evaluate and create a functional routing design.


Select appropriate strategies to secure a private network connection.

Select appropriate strategies to enhance the availability and performance of
a routing solution.

Slide Objective
To provide an overview of
the module topics and
objectives.
Lead-in
In this module, you will
evaluate and design
connectivity solutions
between private networks by
using Routing and Remote
Access.
Explain to the students that
in this module, routing
always refers to the routing
provided by Routing and
Remote Access and that
router always refers to a
Routing and Remote
Access–based router,
unless otherwise specified.
2 Module 8: Routing as a Solution for Private Network Connectivity







Introducing Routing

Design Decisions for a Routing Solution

Routing and Remote Access Features

Integration Benefits


Routing is provided by the Routing and Remote Access feature of
Windows 2000. Routing and Remote Access supports multiple protocols and
connects private networks while protecting the private network resources.
Routing and Remote Access addresses the essential requirements of any
solution for connectivity between private networks.
To design a routing solution based on Routing and Remote Access, you must:

Identify the design decisions that influence a routing solution.

Identify how the features provided by Routing and Remote Access support
the design requirements for connectivity between private locations.

Identify the benefits of integrating Routing and Remote Access with other
networking services.

Slide Objective
To introduce routing as a
solution for private network
connectivity in a

Windows 2000 network.
Lead-in
Routing and Remote Access
is a Windows 2000 feature
that connects private
networks while protecting
the private network
resources.
Module 8: Routing as a Solution for Private Network Connectivity 3


Design Decisions for a Routing Solution

Number of Locations?

Number of Hosts at Each Location?

Routing Protocols Supported?

Secured Connectivity Between Private Networks?
Internet
Web
Server
Demand-Dial
Screened
Subnet
Screened
Subnet
Central
Office

Branch
Office
Branch
Office
Router
Router
Router


Routing designs that connect private networks are based on a number of design
decisions like the number of locations to be connected, the number of hosts at
each location, the routing protocols supported, and the security requirements.
Routing is an appropriate solution if the private network:

Is spread across multiple geographic locations.

Includes any number of users.

Supports industry standard routing protocols, such as Routing Information
Protocol (RIP), Open Shortest Path First (OSPF), or Internet Group
Management Protocol (IGMP).

Connects networks requiring router authentication and data encryption.

Slide Objective
To describe the design
decisions that influence the
design of a Routing and
Remote Access solution.
Lead-in

While designing a network
that connects private
networks, you need to
consider the number of
locations to be connected,
the number of hosts at each
location, the routing
protocols supported, and the
security requirements.
Discuss the bulleted points
with students. Tell them that
these are the questions they
need to answer before
designing a routing solution.
Explain the relevance of
these decisions with
reference to the illustration.
4 Module 8: Routing as a Solution for Private Network Connectivity


Routing and Remote Access Features

Isolating and Securing the Private Network

Integrating with Existing Network Designs

Restricting Internet and Private Network Traffic

Supporting Multiple Protocols



When designing a routing solution, you need to identify the features of Routing
and Remote Access that fulfill the design requirements. Typically, these
features enhance the security, availability, or performance of your routing
solution.
Isolating and Securing the Private Network
Routing and Remote Access enhances the security of a network design by:

Isolating the private network from the Internet.

Acting as an intermediary in the exchange of traffic between the Internet
and the private network.

Providing data encryption if the data transferred between locations is
confidential.

Supporting mutual authentication of routers to prevent an unauthorized
router from receiving confidential data.

Integrating with Existing Network Designs
After integrating with the existing network designs, Routing and Remote
Access supports:

Internet Protocol (IP) and Internetwork Packet Exchange/Sequenced Packet
Exchange (IPX/SPX) routing protocols, thereby allowing the Routing and
Remote Access-based routers to exchange routing table information with the
existing routers.

IP and IPX/SPX transport protocols on private networks, thereby allowing
IP and IPX/SPX-based clients to access the private network through the

remote access server.

Various interface types, such as dial-up modems, Integrated Services Digital
Network (ISDN), asymmetric digital subscriber line (ADSL), T1, T3, or
Synchronous Optical Network (SONET).

Slide Objective
To describe the features of
Routing and Remote
Access.
Lead-in
When designing a Routing
and Remote Access
solution, you must
understand the features that
are available to support
connectivity between private
networks.
Module 8: Routing as a Solution for Private Network Connectivity 5


Restricting Internet and Private Network Traffic
Routing and Remote Access allows you to restrict the traffic between private
network segments, the Internet, and other private network locations. Restricting
the traffic enables you to limit user access between private network segments,
and limit Internet user access to private network segments.
Supporting Multiple Protocols
Routing and Remote Access supports various transport and routing protocols.
The following table lists the transport protocols supported by Routing and
Remote Access, and the reason to include the protocols in your network design.

Select For connectivity to private networks that support

Transmission Control
Protocol/Internet Protocol
(TCP/IP)
A variety of operating systems (such as UNIX and
Macintosh) and the Internet.
IPX/SPX NetWare-based clients and servers.
AppleTalk Macintosh-based clients and servers.

The following table lists the routing protocols supported by Routing and
Remote Access, and the reason to include the protocols in your network design.

Select
To automatically update routing table information
by using the

RIP for IP RIP routing protocol on IP routed networks.
OSPF OSPF routing protocol on IP routed networks.
IGMP IGMP routing on IP routed networks.
RIP for IPX RIP routing protocol on IPX routed networks.
SAP Service Advertising Protocol (SAP) on IPX-routed
networks.
6 Module 8: Routing as a Solution for Private Network Connectivity


Integration Benefits
Authentication
and IPSec Tunnels
Machine Certificates and

User Account Authentication
Demand-Dial Connections,
IP Filters, and VPN Tunnels
Routing and Remote
Access–based Router
Active
Directory
IPSec
Routing and
Remote Access


The router integrates with other networking services to take advantage of their
features. These features require you to include additional specifications in the
design, such as virtual private network (VPN) tunnels that are used for
authentication and data encryption.
The following table describes the benefits of integrating the router with other
networking services.
The router integrates with To

Internet Protocol Security
(IPSec)
Provide router authentication and encryption of data
transmitted between routers when specified.
Routing and Remote Access Provide support for nonpersistent connections by using
specified demand-dial connections.
Reduce undesired traffic by using specified IP Filters.
Provide router authentication and encryption of data
transmitted between routers.
Active Directory

™
directory
service
Provide Kerberos version 5 protocol certificates and
user accounts so that router authentication occurs when
specified.
Slide Objective
To describe the benefits of
integrating the router with
other networking services.
Lead-in
The router integrates with
other networking services
such as QoS, IPSec, and
Active Directory.
Remind the students that in
this module, routing always
refers to the routing
provided by Routing and
Remote Access and that
router always refers to a
Routing and Remote
Access–based router,
unless otherwise specified.
Module 8: Routing as a Solution for Private Network Connectivity 7







Designing a Functional Routing Solution

Placing Routers Within a Network

Integrating the Router into the Existing Network

Including Static Routing

Including the RIP-for-IP Routing Protocol

Including the OSPF Routing Protocol

Including the IGMP Routing Protocol

Including the DHCP Relay Agent


There are a few essential decisions that you need to make for a routing solution
to derive the specifications for the routing design. After you establish these
essential decisions, you can optimize the routing solution by adding security,
availability, and performance enhancements to your design.
The essential decisions for your routing design include:

Where to place the router within a network so that network traffic is
localized without compromising on security.

What IP address, persistence, data rate, and security router interface
characteristics affect the integration of the router into the existing network.


When to include static routing, and the static routing options that would
affect the routing design.

When to include the RIP-for-IP routing protocol, and the RIP-for-IP routing
protocol options that affect the routing design.

When to include the OSPF routing protocol, and the OSPF routing protocol
options that affect the routing design.

When to include the IGMP routing protocol, and the IGMP routing protocol
options that affect the routing design.

When to include the forwarding of Dynamic Host Configuration Protocol
(DHCP) packets through the router, and the DHCP Relay Agent options that
affect the routing design.


For more information on routing protocols, see the Unicast Routing
white paper on the Student CD.

Slide Objective
To introduce the decisions
involved in designing a
functional routing solution
when connecting private
networks.
Lead-in
You can set the foundation
for your routing solution by
establishing the essential

requirements for connecting
private networks.
Focus on high-level design
decisions and do not spend
time explaining the routing
protocols. Students will
already be familiar with the
routing protocols.
Note
8 Module 8: Routing as a Solution for Private Network Connectivity


Placing Routers Within a Network

Placing Routers Within the Private Network

Placing Routers at the Edge of the Private Network
Internet
Web
Server
Demand-Dial
Screened
Subnet
Screened
Subnet
Central
Office
Branch
Office
Branch

Office
Router
Router
Router


You need to place routers between the network segments so that network traffic
is localized and security maintained. The routing provided by Windows 2000 is
appropriate for providing routing between private network segments or between
the private network and public networks.
Placing Routers Within the Private Network
You need to place routers within the private network so that:

The network traffic is isolated to the source, destination, and intermediary
network segments.

Screened subnets are created within the private network, thereby protecting
confidential data.

Network packets can be exchanged between dissimilar network segments,
such as between an Ethernet network segment and an asynchronous transfer
mode (ATM) network segment.

Placing Routers at the Edge of the Private Network
You need to place routers at the edge of the private network so that:

Remote locations within an organization can exchange network packets by
using a public network.

The private network is isolated from the public network, thereby protecting

confidential data.

Network packets can be exchanged between the private network segments
and public network segments, such as between an Ethernet private network
segment and an ISDN public network segment.

Slide Objective
To introduce the decisions
involved in the placement of
routers within a network.
Lead-in
You need to place routers
between the network
segments so that network
traffic is localized and
security maintained.
Point out the placement of
the routers on the slide. Ask
the students for suggestions
on where else the routers
can be placed.
Module 8: Routing as a Solution for Private Network Connectivity 9


Integrating the Router into the Existing Network

Interface Address and Subnet Mask

Interface Data Rate and the Persistence


Interface Security
Internet
Web
Server
Demand-Dial
Screened
Subnet
Screened
Subnet
Central
Office
Branch
Office
Branch
Office
Router
Router
Router


Depending on the size of the network, your network design can include a
number of routers. Each router in the network design must have at least one
interface, although most routers have more than one. For each router interface,
you must describe the interface characteristics so that the router can be
integrated into the existing network.
Selecting the Interface Address and Subnet Mask
When selecting the router interface address and subnet mask, remember that:

Each router interface requires an IP address and subnet mask.


The IP address assigned to the router interface must be within the range of
addresses that are assigned to the network segment that is directly connected
to the interface.

The subnet mask assigned to the router interface must match the subnet
mask that is assigned to the network segment that is directly connected to
the interface.

Selecting the Interface Data Rate and the Persistence
Each router interface connects to a private or public network segment. These
network segments can be persistent or non-persistent. In addition, the data rates
for these network segments can vary considerably. You need to specify the data
rate and persistence for router interfaces so that the router can connect to private
and public network segments.
Interfaces that connect to private network segments
Private network segments are based on local area network (LAN) technologies
that are persistent interface connections. The data rate of the private network
segment is determined by the LAN technology, such as 100 megabits per
second (Mbps) data transfer rate for 100 Mbps Ethernet.
Slide Objective
To describe how to select
the router interface
characteristics that affect
the integration of the router
into the existing network.
Lead-in
You must select the router
interface characteristics so
that you can integrate the
router into the existing

network.
10 Module 8: Routing as a Solution for Private Network Connectivity


Interfaces that connect to public network segments
Public network segments are based on LAN and demand-dial technologies that
can be persistent or nonpersistent. Public network segments that appear to the
router as LAN interfaces are persistent, and the data rate is determined by the
LAN technology.
Public network segments that appear as demand-dial interfaces are
nonpersistent, and the data rate is determined by the underlying technology. An
example of this would be a 56 Kbps dial-up modem connection that supports a
maximum data rate of 56 Kbps.
There are situations in which you will include demand-dial interfaces in your
routing solutions when the public network segments are based on LAN
technologies. For example, you can include a demand-dial VPN connection
over a DSL connection. Include a demand-dial interface in your design if:

An exchange of credentials is required to perform authentication, such as
VPN tunnel authentication.

Charges, such as ISDN connection charges, are accumulated if the public
network segment is active.

For example, to connect to another location across the Internet, one solution is
to specify a VPN tunnel over a DSL network segment. In this example, you
need to include the following interfaces in your design:

A LAN interface that supports the persistent DSL network segment.


A demand-dial interface to perform the authentication required by the VPN
tunnel.

Selecting the Interface Security
Within a private network or over public network segments, you can protect
confidential data by authenticating routers and encrypting the confidential data
transferred between routers.
When selecting the router interface security, remember that:

Each router interface can support a different level of security.

The level of authentication and encryption assigned to the router interface
must adhere to the authentication and encryption assigned to the network
segment that is directly connected to the interface.

Some private network segments may require encryption within the private
network to further protect confidential data.

Government regulations may restrict the data encryption standards that you
may include in your design.


As a best practice, you must authenticate all routers that communicate
over public networks, and encrypt all data transmitted between these routers.

Note
Module 8: Routing as a Solution for Private Network Connectivity 11


Including Static Routing


Default Route Entry

Auto-Static Route Entries
Routing Table
0.0.0.0 1 0.0.0.0
10.0.0.0 1 172.168.3.1
192.168.0.0 1 172.168.3.1
0.0.0.0 1 0.0.0.0
10.0.0.0 1 172.168.3.1
192.168.0.0 1 172.168.3.1
Internet
Web
Server
Demand-Dial
Screened
Subnet
Screened
Subnet
Central
Office
Branch
Office
Branch
Office
Router
Router
Router



You need to include static routing in the Routing and Remote Access design so
that routers can forward packets to their respective destinations. Static route
entries are manually added to the routing table. You can include static and
dynamic routing in the same design so that you can control the amount of
routing information transmitted between routers.
Include static routing in your design:

To reduce the network traffic generated by dynamic routing protocols.

To secure the network by preventing the transmission of routing table
information.

If the time spent in manually updating the routing tables is acceptable.

If there is little or no change to the routing table information.

To add a default route to the demand-dial interface if your network design
includes a demand-dial interface.

After you decide to include static routing, you need to specify default route
entry, auto-static route entry, or both as the entries in your design.
Default Route Entry
You can specify a default route entry for remote locations that connect to the
private network by using demand-dial connections. A default route entry
specifies that all IP packets with destinations outside the private network be
forwarded through the demand-dial connection.
The advantage of a default route entry is that a single static route entry needs to
be added only once, thereby reducing the manual modification to the routing
table. The disadvantage of a default route entry is that any traffic, including
traffic for unreachable destinations (not on the remote network) is forwarded

through the demand-dial connection.
Slide Objective
To describe the decisions
involved when including
static routing in a Routing
and Remote Access design.
Lead-in
You need to include static
routing in the Routing and
Remote Access design so
that routers can forward
packets to destinations.
12 Module 8: Routing as a Solution for Private Network Connectivity


Auto-Static Route Entries
Auto-static route entries are a hybrid of static route entries and RIP-for-IP
dynamic routing table entries. Auto-static routes are static routes that are
automatically added, at scheduled intervals, to the routing table by using the
RIP-for-IP routing protocol across a demand-dial connection. You can specify
auto-static route entries for remote locations that connect to the private network
by using demand-dial connections.
For a better understanding of auto-static route entries, consider a design that
specifies that auto-static route entries be updated once every day at 12:00
midnight. The following sequence illustrates the use of auto-static route entries:
1. The router initiates the demand-dial connection to other locations at 12:00
midnight.
2. The router deletes any existing auto-static route entries that match the
updates received by using RIP-for-IP.
3. The router adds auto-static route entries for the updates received by using

RIP-for-IP.
4. The router initiates the demand-dial connection throughout the day for any
IP traffic destined for other locations. The routing table information is not
updated throughout the day.
5. The cycle continues again at 12:00 midnight the following day.

The advantage of auto-static routes is that unreachable destinations do not cause
the router to initiate the demand-dial connection. The disadvantage of auto-
static routes is that the auto-static route entries must be periodically updated to
reflect the subnets that are at other private network locations.
For example, if a new subnet is added to another location and the local private
network has not performed an auto-static update, all destinations on the new
subnet are unreachable.

Auto-static route entries are supported for RIP-for-IP, RIP-for-IPX, and
SAP-for-IPX, but not OSPF.

Note
Module 8: Routing as a Solution for Private Network Connectivity 13


Including the RIP-for-IP Routing Protocol

RIP Version Support

RIP Version 2 Options
Password: xYZzY-02
Multicast: Enabled
Password: xYZzY-02
Multicast: Enabled

Web
Server
Demand-Dial
Screened
Subnet
Screened
Subnet
Central
Office
Branch
Office
Branch
Office
= Multicast Traffic
Internet
Router
Router
Router


You can include RIP-for-IP in the design so that routers can automatically
update the routing table information. Routing and Remote Access supports RIP
versions 1 and 2.
Include RIP in your routing design:

To automatically update routing table information.

If the time spent in manually updating the routing tables is unacceptable.

If there is constant change to the routing table information.


If existing routers use RIP.

If the design includes a demand-dial interface so that you can use RIP to
create auto-static route entries.

If the maximum number of routers that any IP packet must cross is less
than 14.


Routing and Remote Access considers all non-RIP learned routes, such
as static route entries, to be at a fixed hop count of two instead of one. As a
result, the normal maximum number of hops that any IP packet can cross is
reduced from 15 to 14.

Slide Objective
To describe the decisions
involved when including the
RIP routing protocol in a
routing design.
Lead-in
You can include RIP-for-IP
in the design so that routers
can automatically update
routing table information.
Note
14 Module 8: Routing as a Solution for Private Network Connectivity


Selecting the RIP Version Support

You can specify the RIP versions to include in the design based on the existing
RIP version that is supportive of the network. You can specify RIP version 2
support in your design by default, because RIP version 2 is a superset of the
RIP version 1. RIP version 2 is required if your design includes:

Classless Inter-Domain Routing (CIDR).

Variable length subnet masks.

Routing table updates by using multicast traffic.

Simple password authentication between routers.

Selecting the RIP Version 2 Options
If you want to include routing table updates by using multicast traffic or simple
password authentication between routers, you must specify the RIP version 2
options that need to be included in the design.
The following table lists the RIP version 2 options and why you would include
either specific option in your design.
Select this option If you want to

Routing table updates by using
multicast
Reduce network traffic received by all
computers on the network.
Password authentication Prevent unauthorized routers from receiving
routing table updates.


The RIP version 2 password authentication is used in addition to any

authentication credentials exchanged during the initiation of a demand-dial
connection.

Note