Routing Information Protocol (RIP)
The Routing Information Protocol (RIP) is one of the most commonly used interior gateway protocol (IGP) routing protocols on internal networks (and to a lesser extent, networks connected to the Internet), which helps routers dynamically adapt to changes of network connections by communicating information about which networks each router can reach and how far away those networks are.
The routing algorithm used in RIP, the Bellman-Ford algorithm, was first deployed in a computer network in 1969, as the initial routing algorithm of the ARPANET.
The earliest version of the specific protocol that became RIP was the Gateway Information Protocol, part of Xerox Parc's PARC Universal Packet internetworking protocol suite. A later version, named the Routing Information Protocol, was part of Xerox Network Services.
A version of RIP which supported the Internet Protocol (IP) was later included in the Berkeley Software Distribution (BSD) of the Unix operating system as the routed daemon, and various other vendors would implement their own implementations of the routing protocol. Eventually RFC 1058 was issued to unify the various implementations under a single standard.
- ["UDP"]: Typically, RIP uses ["UDP"] as its transport protocol. The well known UDP port for RIP traffic is 520.
XXX - Add example traffic here (as plain text or Wireshark screenshot).
The RIP dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.
(XXX add links to preference settings affecting how RIP is dissected).
Example capture file
XXX - Add a simple example capture file to the SampleCaptures page and link from here. Keep it short, it's also a good idea to gzip it to make it even smaller, as Wireshark can open gzipped files automatically.
A complete list of RIP display filter fields can be found in the [http://www.wireshark.org/docs/dfref/r/rip.html display filter reference]
- Show only the RIP based traffic:
You cannot directly filter RIP protocols while capturing. However, if you know the ["UDP"] port used (see above), you can filter on that one.
- Capture RIP traffic over the default port (520):
udp port 520
[http://www.ietf.org/rfc/rfc1058.txt RFC 1058] Routing Information Protocol
[http://www.ietf.org/rfc/rfc2453.txt RFD 2453] RIP Version 2
[http://www.ietf.org/rfc/rfc2082.txt RFC 2082] RIP-2 MD5 Authentication