From: Tom Winters (tjwinter@xxxxxxxxxxxxxxxxx)
Date: Sat Jul 01 2000 - 20:34:17 GMT-3
William,
Thanks!!! I had tried and it works....
I also tried;
ip access 1 den 192.168.0.0 0.0.254.255
ip access 1 per any
and all I could see was the odd # routes, this should have
been a huge clue.
When I did
ip access 1 per 192.168.0.0 0.0.254.255
The even routes showed up! Obviously the only problem is
no other eigrp routes would show up in ospf. The question
stated it should be a 2 line acl, but I don't think its
possible. The other routes that should be redis into ospf
are;
10.1.0.0/16
160.10.10/24
161.10.10/24
192.168.100/24
I'll just chauk it up to a poorly written question.
Thanks for the quick responce!
Tom Winters
>Tom,
> The only bit you want to care about is the last one
in the second
>octect, so configure your access-list
>mask to put a zero there.
> The acces-list to permit all odd numbers in the second
octect is
>
> 192.168.1.0 mask 0.0.254.255.
>
>If you want to allow specific odd numbers then you need to
break them up
>further.
>
>William
>
>----- Original Message -----
>From: Tom Winters <tjwinter@sprintparanet.com>
>To: <ccielab@groupstudy.com>
>Sent: Saturday, July 01, 2000 5:47 PM
>Subject: Block odd # routes w/acl
>
>
>> Hi all,
>>
>> I'm doing the ccbootcamp lab #3. It says block all the
odd
>> routes from eigrp into ospf. Now if I understand this
>> correctly all I need to do is setup a route-map to block
>> the odd # routes and use that route-map to redistribute
>> eigrp into ospf. Looking at the wildcard bits all I
should
>> have to is deny the one bit, hence all odd # routes
>> shouldn't show.
>>
>> Block Permit
>> 192.168.1.0/24 192.168.2.0/24
>> 192.168.3.0/24 192.168.4.0/24
>> 192.168.5.0/24 192.168.6.0/24
>>
>> ip access 1 den 192.168.0.0 0.0.5.255
>> ip access 1 per any
>> This statement will block routes 1,4,&5. This is what I
>> would expect to see and it works.
>>
>> ip access 1 den 192.168.0.0 0.0.1.255
>> ip access 1 per any
>> This statement should block all odd # routes, but it
>> dosen't. The only route blocked is 192.168.1.0/24.
>>
>> Here is a copy of the config, version(C2500-JS-L),12.0(8)
>>
>> Building configuration...
>>
>> Current configuration:
>> !
>> version 12.0
>> service timestamps debug uptime
>> service timestamps log uptime
>> no service password-encryption
>> !
>> hostname r5
>> !
>> no logging console
>> enable password cisco
>> !
>> ip subnet-zero
>> no ip domain-lookup
>> ip host r6 2001 137.20.60.1
>> !
>> !
>> !
>> interface Loopback0
>> ip address 137.20.60.1 255.255.255.0
>> no ip directed-broadcast
>> !
>> interface Ethernet0
>> no ip address
>> no ip directed-broadcast
>> shutdown
>> !
>> interface Serial0
>> ip address 137.20.101.5 255.255.255.0
>> no ip directed-broadcast
>> encapsulation frame-relay
>> ip ospf priority 0
>> no ip mroute-cache
>> no fair-queue
>> clockrate 72000
>> frame-relay map ip 137.20.101.1 501 broadcast
>> frame-relay map ip 137.20.101.3 501 broadcast
>> frame-relay interface-dlci 501
>> no frame-relay inverse-arp
>> frame-relay lmi-type ansi
>> !
>> interface Serial1
>> ip address 137.20.50.1 255.255.255.0
>> no ip directed-broadcast
>> !
>> router eigrp 1
>> redistribute ospf 1 metric 115 1 255 1 1500 match
internal
>> external 1 external
>> 2
>> passive-interface Loopback0
>> passive-interface Serial0
>> network 137.20.0.0
>> !
>> router ospf 1
>> summary-address 10.1.0.0 255.255.0.0
>> redistribute eigrp 1 metric 5555 subnets route-map redis
>> network 137.20.60.0 0.0.0.255 area 60
>> network 137.20.101.0 0.0.0.255 area 0
>> !
>> ip classless
>> !
>> access-list 1 deny 192.168.0.0 0.0.1.255
>> access-list 1 permit any
>> route-map redis permit 10
>> match ip address 1
>> !
>> !
>> !
>> line con 0
>> exec-timeout 0 0
>> transport input none
>> line aux 0
>> exec-timeout 0 0
>> transport preferred telnet
>> transport input telnet
>> stopbits 1
>> line vty 0 4
>> exec-timeout 0 0
>> no login
>> !
>> end
>>
>> TAI,
>>
>> Tom Winters
>>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:52 GMT-3