| From: "Kelly E. Gibbs" <kgibbs @
| Subject: RIP vs. OSPF
| Mime-Version: 1.0
| Sender: firewalls-owner @
| Would it be a fair statement that OSPF is now the chosen protocol over RIP?
| If so, could someone offer any comment on why and which do you think will
| be the more dominate protocol in the future?
Enough problems with RIP caused people to create RIP-2.
To quote from RFC 2200,the INTERNET OFFICIAL PROTOCOL STANDARDS:
RIP -- The Routing Information Protocol (RIP) is widely implemented
and used in the Internet. However, both implementors and users
should be aware that RIP has some serious technical limitations as a
routing protocol. The IETF is currently devpeloping several
candidates for a new standard "open" routing protocol with better
properties than RIP. The IAB urges the Internet community to track
these developments, and to implement the new protocol when it is
standardized; improved Internet service will result for many users.
The worst thing about RIP is the large number of host computers configured
to listen to RIP rather than use an appropriate router discovery protocol
This is relevant to firewalls (it needed a hook, didn't it? :-)
because of the obvious threat to the security of a host if a bad-guy
sends it false route information that gets the packet stream sent to
a host involved in spoofing.
The best solution for security purposes is to (hard) configure the default
router into your host computers. Unfortunately, this is not the most robust
configuration against network failure because it locks the host into a single
path when multiple (valid) routers may be available.