From: Charles (mfortune@xxxxxxxx)
Date: Sat Jul 01 2000 - 19:07:18 GMT-3
Try,
ip access 1 den 192.168.0.0 0.0.254.255
ip access 1 per any
----- Original Message -----
From: Tom Winters <tjwinter@sprintparanet.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, July 01, 2000 4:47 PM
Subject: Block odd # routes w/acl
> Hi all,
>
> I'm doing the ccbootcamp lab #3. It says block all the odd
> routes from eigrp into ospf. Now if I understand this
> correctly all I need to do is setup a route-map to block
> the odd # routes and use that route-map to redistribute
> eigrp into ospf. Looking at the wildcard bits all I should
> have to is deny the one bit, hence all odd # routes
> shouldn't show.
>
> Block Permit
> 192.168.1.0/24 192.168.2.0/24
> 192.168.3.0/24 192.168.4.0/24
> 192.168.5.0/24 192.168.6.0/24
>
> ip access 1 den 192.168.0.0 0.0.5.255
> ip access 1 per any
> This statement will block routes 1,4,&5. This is what I
> would expect to see and it works.
>
> ip access 1 den 192.168.0.0 0.0.1.255
> ip access 1 per any
> This statement should block all odd # routes, but it
> dosen't. The only route blocked is 192.168.1.0/24.
>
> Here is a copy of the config, version(C2500-JS-L),12.0(8)
>
> Building configuration...
>
> Current configuration:
> !
> version 12.0
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname r5
> !
> no logging console
> enable password cisco
> !
> ip subnet-zero
> no ip domain-lookup
> ip host r6 2001 137.20.60.1
> !
> !
> !
> interface Loopback0
> ip address 137.20.60.1 255.255.255.0
> no ip directed-broadcast
> !
> interface Ethernet0
> no ip address
> no ip directed-broadcast
> shutdown
> !
> interface Serial0
> ip address 137.20.101.5 255.255.255.0
> no ip directed-broadcast
> encapsulation frame-relay
> ip ospf priority 0
> no ip mroute-cache
> no fair-queue
> clockrate 72000
> frame-relay map ip 137.20.101.1 501 broadcast
> frame-relay map ip 137.20.101.3 501 broadcast
> frame-relay interface-dlci 501
> no frame-relay inverse-arp
> frame-relay lmi-type ansi
> !
> interface Serial1
> ip address 137.20.50.1 255.255.255.0
> no ip directed-broadcast
> !
> router eigrp 1
> redistribute ospf 1 metric 115 1 255 1 1500 match internal
> external 1 external
> 2
> passive-interface Loopback0
> passive-interface Serial0
> network 137.20.0.0
> !
> router ospf 1
> summary-address 10.1.0.0 255.255.0.0
> redistribute eigrp 1 metric 5555 subnets route-map redis
> network 137.20.60.0 0.0.0.255 area 60
> network 137.20.101.0 0.0.0.255 area 0
> !
> ip classless
> !
> access-list 1 deny 192.168.0.0 0.0.1.255
> access-list 1 permit any
> route-map redis permit 10
> match ip address 1
> !
> !
> !
> line con 0
> exec-timeout 0 0
> transport input none
> line aux 0
> exec-timeout 0 0
> transport preferred telnet
> transport input telnet
> stopbits 1
> line vty 0 4
> exec-timeout 0 0
> no login
> !
> end
>
> TAI,
>
> Tom Winters
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:52 GMT-3