From: Joel A. Cochran (joelc@xxxxxxxxxxxxxxxxx)
Date: Sun Mar 05 2000 - 23:53:49 GMT-3
Josh,
If you were to change your distribute command to read: "distribute-list
7 in Serial1" the route would not appear in downstream routers and you
would not need a distribute list in every router.
When you use just distribute-list 7 in, it filters the route for that
router only, the route is still advertised. When you add the interface from
which the route is learned, it blocks it from being advertised back out.
Joel Cochran, CCIE# 5448
----- Original Message -----
From: Joshua W. Watkins <josh@mstates.com>
To: <hemi.blandford@equant.com>
Cc: <ccielab@groupstudy.com>
Sent: Sunday, March 05, 2000 4:59 PM
Subject: Re: OSPF and distribute list
Thanks for the tip. I added distribute list 7 in on my ABR and it
stopped the route from coming in. The route that I am trying to
filter however still shows up downstream in routing tables, but can
not be pinged. Check it out.
R8-------R7-------R5
R8#
!
!
!
interface Loopback0
ip address 10.8.255.1 255.255.255.0
!
!
interface Serial0
ip address 10.7.240.2 255.255.255.252
encapsulation ppp
service-module 56k clock source internal
!
!
router ospf 100
network 10.8.255.0 0.0.0.255 area 1
network 10.7.240.0 0.0.0.3 area 1
!
R7#
!
!
interface Loopback0
ip address 10.7.255.1 255.255.255.0
no ip directed-broadcast
!
interface Loopback1
ip address 10.7.253.1 255.255.255.0
no ip directed-broadcast
!
interface Loopback2
ip address 10.7.254.1 255.255.255.0
no ip directed-broadcast
!
interface Loopback3
ip address 10.7.252.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
ip address 10.5.241.3 255.255.255.0
no ip directed-broadcast
no keepalive
!
interface Serial0
ip address 10.6.240.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
!
interface Serial1
ip address 10.7.240.1 255.255.255.252
no ip directed-broadcast
encapsulation ppp
ppp authentication chap
!
interface BRI0
no ip address
no ip directed-broadcast
shutdown
isdn guard-timer 0 on-expiry accept
!
interface Virtual-TokenRing1
no ip address
no ip directed-broadcast
ring-speed 16
!
interface FR-ATM20
no ip address
no ip directed-broadcast
shutdown
!
router ospf 100
area 1 range 10.7.252.0 255.255.252.0
network 10.5.241.0 0.0.0.255 area 0
network 10.7.240.0 0.0.0.3 area 1
network 10.7.255.0 0.0.0.255 area 1
distribute-list 7 in
!
!
access-list 7 deny 10.8.255.1
access-list 7 permit any
!
R5#
!
interface Loopback0
ip address 10.5.255.1 255.255.255.0
!
interface Ethernet0
ip address 10.5.241.1 255.255.255.0
!
interface Ethernet1
ip address 10.5.240.1 255.255.255.252
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
router ospf 100
network 10.5.241.0 0.0.0.255 area 0
network 10.5.255.0 0.0.0.255 area 0
!
>
>
> Hi
>
> using a distribute-list out to filter outgoing updates dosent work
all that well
> because the LSAs are not considered to be route updates. The only
way to filter
> a route out of a OSPF network is to distribute-list in on every
router for the
> particular route you are filtering. If you "distribute-list in" a
specific
> route, look at the ospf database and you will still see the route
(learned via
> LSA), but the route will not be in the routing table.
>
>
> regards,
> Hemi.
> CCIE# 5585
>
>
>
Joshua W. Watkins
Systems Engineer
Mountain States Networking
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:04 GMT-3