RIP (Routing Information Protocol)

TL;DR (Quick Start)

For the impatient: basic RIP setup in RouterOS v7.

# Create RIP instance with redistribution
/routing/rip/instance/add name=rip1 redistribute=connected,static

# Add interfaces to RIP
/routing/rip/interface-template/add instance=rip1 interfaces=ether2,ether3

Verify with:

/routing/rip/neighbor/print

Overview

What this does: RIP (Routing Information Protocol) is a distance-vector routing protocol that automatically shares routing information between routers. It uses hop count as its metric, selecting routes with the fewest hops.

When to use this:

Small networks (15 hops or fewer between any routers)
Simple dynamic routing requirements
Legacy environments requiring RIP compatibility
Learning dynamic routing concepts

Prerequisites:

IP addresses configured on participating interfaces
Firewall allowing UDP port 520
Multicast 224.0.0.9 reachable (or use static neighbors)

15 Hop Limit

RIP has a maximum metric of 15 hops. Routes requiring 16+ hops are considered unreachable. For larger networks, use OSPF instead.

Configuration Steps

Step 1: Create RIP Instance

Create an instance with route redistribution:

/routing/rip/instance/add name=rip1 redistribute=connected,static

The redistribute setting determines which routes RIP advertises:

connected: Directly connected networks
static: Static routes
ospf: Routes from OSPF
bgp: Routes from BGP

Step 2: Add Interface Template

Define which interfaces participate in RIP:

/routing/rip/interface-template/add instance=rip1 interfaces=ether2,ether3

You can use wildcards: interfaces=ether* or interfaces=bridge1,vlan*

Step 3: Verify Neighbors

Check that RIP neighbors are discovered:

/routing/rip/neighbor/print

Expected output:

Columns: INSTANCE, ADDRESS, PACKETS-RX, PACKETS-TX, ENTRIES
# INSTANCE  ADDRESS         PACKETS-RX  PACKETS-TX  ENTRIES
0 rip1      192.168.1.2           125         130       12

Step 4: Verify Routes

Check that RIP routes are in the routing table:

/ip/route/print where routing-table=main protocol=rip

Common Scenarios

Scenario: RIP with MD5 Authentication (v7.10+)

Secure RIP with MD5 authentication:

Step 1: Create key chain

/routing/rip/keys/add chain=rip-auth key=secretkey123 key-id=1

Step 2: Apply to interface template

/routing/rip/interface-template/add instance=rip1 interfaces=ether2 key-chain=rip-auth

Both routers must have identical key configuration.

Scenario: Plain-Text Authentication

For environments not requiring strong security:

/routing/rip/interface-template/add instance=rip1 interfaces=ether2 password=simplepass

Scenario: Passive Interface (Receive Only)

Receive RIP routes without advertising:

/routing/rip/interface-template/add instance=rip1 interfaces=ether1 mode=passive

Use case: Receiving routes from an upstream ISP without advertising your networks.

Scenario: Advertise Default Route

Advertise a default route to RIP neighbors:

/routing/rip/instance/set rip1 originate-default=always

Options:

never: Don’t originate default (default)
always: Always advertise default
if-installed: Only if default route exists in routing table

Scenario: Filter Advertised Routes

Control which routes are advertised:

Step 1: Create output filter

/routing/filter/rule/add chain=rip-out rule="if (dst in 192.168.0.0/16 && dst-len>=16 && dst-len<=24) { accept }"
/routing/filter/rule/add chain=rip-out rule="reject"

Step 2: Apply to instance

/routing/rip/instance/set rip1 out-filter-chain=rip-out

Do not use protocol rip in filter rules when filtering redistributed connected/static routes. This only matches routes learned from other RIP speakers.

Scenario: Static Neighbor (Unicast)

When multicast doesn’t work (filtered switches, tunnels):

/routing/rip/static-neighbor/add instance=rip1 address=192.168.1.2

Scenario: IPv6 RIPng

Configure RIP for IPv6:

/routing/rip/instance/add name=ripng afi=ipv6 redistribute=connected
/routing/rip/interface-template/add instance=ripng interfaces=ether2

Scenario: Adjust RIP Timers

Customize update and timeout intervals:

/routing/rip/instance/set rip1 update-interval=15s route-timeout=90s route-gc-timeout=60s

Default timers:

update-interval: 30s (sends updates)
route-timeout: 180s (marks route invalid)
route-gc-timeout: 120s (removes invalid route)

Scenario: Enable Split-Horizon with Poison-Reverse

For better loop prevention:

/routing/rip/interface-template/set [find instance=rip1] split-horizon=yes poison-reverse=yes

Split-horizon: Don’t advertise routes back to the learning interface
Poison-reverse: Advertise learned routes back with metric 16 (unreachable)

Scenario: Adjust Interface Cost

Add metric to routes learned on an interface:

/routing/rip/interface-template/set [find interfaces=ether3] cost=5

Routes learned via ether3 will have 5 added to their metric.

Verification

Confirm RIP is working correctly:

Check 1: Verify Instance

/routing/rip/instance/print

Expected: Instance with redistribute settings.

Check 2: Verify Interface Templates

/routing/rip/interface-template/print

Expected: Templates with interfaces defined.

Check 3: View Active Interfaces

/routing/rip/interface/print

Expected: Interfaces running RIP.

Check 4: Check Neighbors

/routing/rip/neighbor/print

Expected: Neighbor addresses with packet counts.

Check 5: View RIP Routes

/ip/route/print where protocol=rip

Expected: Routes with rip protocol.

Check 6: Check for Errors

/routing/rip/neighbor/print

Look at packets-bad and entries-bad columns for authentication issues.

Troubleshooting

Symptom	Cause	Solution
No routes advertised	`redistribute` not set	Add `redistribute=connected,static` to instance
Routes received but inactive	Firmware bug or gateway unreachable	Reboot router; verify gateway connectivity
No neighbors discovered	Firewall blocking UDP 520 or multicast	Allow UDP 520; check multicast 224.0.0.9
Routes exceed 15 hops	Network too large for RIP	Use OSPF instead; reduce network diameter
Output filter blocking routes	Using `protocol rip` in filter	Remove protocol matcher; filter by destination only
Authentication failures	Key mismatch	Verify identical key-chain on both routers
Passive mode not receiving	Interface not in template	Add interface to template with `mode=passive`
v7 neighbor not showing	Neighbors show only when exchanging routes	Wait for updates; check interface templates

Debug: Enable RIP Logging

/system/logging/add topics=rip,!raw action=memory
/log/print where topics~"rip"

Debug: Check Bad Packets

/routing/rip/neighbor/print

Increasing packets-bad indicates authentication or protocol issues.

Debug: Verify Multicast Reachability

/tool/ping 224.0.0.9 interface=ether2 count=3

If multicast fails, use static neighbors.

Common Mistakes

Forgetting redistribute - v7 requires explicit redistribution; adding interfaces alone isn’t enough
Using protocol rip in filters - This only matches RIP-learned routes, not redistributed connected/static
Subnet mismatch - Both routers must have interfaces in the same subnet for RIP to work
Missing interface-template - Without it, the interface doesn’t join multicast group 224.0.0.9
Network too large - RIP cannot handle networks with more than 15 hops; use OSPF

v6 to v7 Migration: v7 uses instance + interface-template instead of v6’s network statements:

# v6 (old)
/routing rip network add network=192.168.10.0/24

# v7 (new)
/routing/rip/interface-template add instance=rip1 interfaces=ether2

When to Use RIP vs OSPF:

RIP: Small networks, simple setup, legacy compatibility
OSPF: Larger networks, faster convergence, route summarization

No Route Summarization: RIP doesn’t support aggregating routes (e.g., combining /24s into /16). For this, use OSPF with area summarization or architectural workarounds.

Authentication in Early v7: Versions before v7.10 lacked authentication. Upgrade or use IPSec as a workaround.

RIP Timers Explained

Timer	Default	Purpose
`update-interval`	30s	Send routing updates
`route-timeout`	180s	Mark route invalid if no updates
`route-gc-timeout`	120s	Remove invalid route from table

Convergence time = route-timeout + route-gc-timeout = 5 minutes by default.

Routing Alternatives

OSPF - preferred for larger networks
BGP - external routing protocol
Static Routes - can be redistributed into RIP

Route Management

Routing Filters - filter RIP routes
Routing Tables - multiple routing tables

Infrastructure

Firewall Basics - allow UDP 520 for RIP
IP Addresses - interface addressing

Reference

MikroTik RIP Documentation
RFC 2453 - RIPv2

Key Commands Reference

Command	Description
`/routing/rip/instance/add`	Create RIP instance
`/routing/rip/instance/print`	View instances
`/routing/rip/interface-template/add`	Add interfaces to RIP
`/routing/rip/interface/print`	View active interfaces
`/routing/rip/neighbor/print`	View discovered neighbors
`/routing/rip/static-neighbor/add`	Add unicast neighbor
`/routing/rip/keys/add`	Create authentication key

Instance Properties

Property	Type	Default	Description
`name`	string	-	Instance identifier
`vrf`	string	main	VRF for this instance
`afi`	ipv4/ipv6	ipv4	Address family
`redistribute`	list	-	Sources: connected, static, ospf, bgp
`originate-default`	enum	never	Advertise default route
`update-interval`	time	30s	Route update interval
`route-timeout`	time	180s	Route invalidation timeout
`route-gc-timeout`	time	120s	Garbage collection timeout
`in-filter-chain`	string	-	Input routing filter
`out-filter-chain`	string	-	Output routing filter

Interface Template Properties

Property	Type	Default	Description
`instance`	string	-	Associated RIP instance
`interfaces`	string	-	Interface patterns
`cost`	integer	1	Metric added to routes (1-15)
`split-horizon`	yes/no	yes	Enable split-horizon
`poison-reverse`	yes/no	no	Enable poison-reverse
`mode`	enum	-	passive = receive only
`key-chain`	string	-	MD5 authentication key chain
`password`	string	-	Plain-text authentication

Authentication Keys Properties

Property	Type	Default	Description
`chain`	string	-	Key chain name
`key`	string	-	MD5 secret (max 16 chars)
`key-id`	integer	-	Key identifier (0-255)
`valid-from`	datetime	-	Key activation time
`valid-till`	datetime	-	Key expiration time

Protocol Limitations

Limitation	Value
Maximum hop count	15
Unreachable metric	16 (infinity)
RIPv1 support	Not supported
Route summarization	Not supported
Default update interval	30 seconds
Typical convergence	3-5 minutes

RIP (Routing Information Protocol)

RIP (Routing Information Protocol)

TL;DR (Quick Start)

Overview

Configuration Steps

Step 1: Create RIP Instance

Step 2: Add Interface Template

Step 3: Verify Neighbors

Step 4: Verify Routes

Common Scenarios

Scenario: RIP with MD5 Authentication (v7.10+)

Scenario: Plain-Text Authentication

Scenario: Passive Interface (Receive Only)

Scenario: Advertise Default Route

Scenario: Filter Advertised Routes

Scenario: Static Neighbor (Unicast)

Scenario: IPv6 RIPng

Scenario: Adjust RIP Timers

Scenario: Enable Split-Horizon with Poison-Reverse

Scenario: Adjust Interface Cost

Verification

Check 1: Verify Instance

Check 2: Verify Interface Templates

Check 3: View Active Interfaces

Check 4: Check Neighbors

Check 5: View RIP Routes

Check 6: Check for Errors

Troubleshooting

Debug: Enable RIP Logging

Debug: Check Bad Packets

Debug: Verify Multicast Reachability

RIP Timers Explained

Related Topics

Routing Alternatives

Route Management

Infrastructure

Reference

Key Commands Reference

Instance Properties

Interface Template Properties

Authentication Keys Properties

Protocol Limitations