Command
Validate-Update-Source
Use
This command is enabled by default. When enabled, RIP will only allow routes received on the same subnet.
Syntax
Router(config-router)#validate-update-source
Example
In this example, here’s what happens when no validate-update-source is enabled on R2. First, the IP of int fa0/0 on R2 is changed to 10.5.5.2, which is on a different subnet.
R2(config)#int-fa0/0 R2(config-if)#ip address 10.5.5.2 255.255.255.0 R2(config-if)#ip address 10.1.1.2 255.255.255.0 sec
With the default validate-update-source enabled for RIP, R1 rejects the updated from 10.5.5.2.
R1(config-router)#do show ip route ripR1(config-router)#R1(config)#do debug ip rip RIP protocol debugging is on R1(config)# *Mar 1 01:37:16.503: RIP: ignored v2 update from bad source 10.5.5.2 on FastEthernet0/0
After setting RIP to no validate-update-source, the router grabs the 10.5.5.2 route even though it is not on the same subnet.
R1(config-router)#no validate-update-source R1(config-router)#do show ip route rip 2.0.0.0/32 is subnetted, 1 subnets R 2.2.2.2 [120/1] via 10.5.5.2, 00:00:06 3.0.0.0/32 is subnetted, 1 subnets R 3.3.3.3 [120/2] via 10.5.5.2, 00:00:06 10.0.0.0/24 is subnetted, 2 subnets R 10.2.2.0 [120/1] via 10.5.5.2, 00:00:06