From: Matt Holbert (mholbert@xxxxxxxxxxx)
Date: Sun Jul 02 2000 - 10:33:17 GMT-3
I'd rethink your position. This most certainly can be done. I don't want
to give you the answer. But if you must look, it is provided at the bottom
of this page.
> -----Original Message-----
> From: Tom Winters [mailto:tjwinter@sprintparanet.com]
> Sent: Saturday, July 01, 2000 1:34 PM
> To: William Darkwah; Tom Winters; ccielab@groupstudy.com
> Subject: Re: Block odd # routes w/acl
>
>
> William,
>
> Thanks!!! I had tried and it works....
>
> I also tried;
>
> ip access 1 den 192.168.0.0 0.0.254.255
> ip access 1 per any
>
> and all I could see was the odd # routes, this should have
> been a huge clue.
>
> When I did
>
> ip access 1 per 192.168.0.0 0.0.254.255
>
> The even routes showed up! Obviously the only problem is
> no other eigrp routes would show up in ospf. The question
> stated it should be a 2 line acl, but I don't think its
> possible. The other routes that should be redis into ospf
> are;
>
> 10.1.0.0/16
> 160.10.10/24
> 161.10.10/24
> 192.168.100/24
>
> I'll just chauk it up to a poorly written question.
>
> Thanks for the quick responce!
>
> Tom Winters
>
> >Tom,
> > The only bit you want to care about is the last one
> in the second
> >octect, so configure your access-list
> >mask to put a zero there.
> > The acces-list to permit all odd numbers in the second
> octect is
> >
> > 192.168.1.0 mask 0.0.254.255.
> >
> >If you want to allow specific odd numbers then you need to
> break them up
> >further.
> >
> >William
> >
> >----- Original Message -----
> >From: Tom Winters <tjwinter@sprintparanet.com>
> >To: <ccielab@groupstudy.com>
> >Sent: Saturday, July 01, 2000 5:47 PM
> >Subject: Block odd # routes w/acl
> >
> >
> >> Hi all,
> >>
> >> I'm doing the ccbootcamp lab #3. It says block all the
> odd
> >> routes from eigrp into ospf. Now if I understand this
> >> correctly all I need to do is setup a route-map to block
> >> the odd # routes and use that route-map to redistribute
> >> eigrp into ospf. Looking at the wildcard bits all I
> should
> >> have to is deny the one bit, hence all odd # routes
> >> shouldn't show.
> >>
> >> Block Permit
> >> 192.168.1.0/24 192.168.2.0/24
> >> 192.168.3.0/24 192.168.4.0/24
> >> 192.168.5.0/24 192.168.6.0/24
> >>
> >> ip access 1 den 192.168.0.0 0.0.5.255
> >> ip access 1 per any
> >> This statement will block routes 1,4,&5. This is what I
> >> would expect to see and it works.
> >>
> >> ip access 1 den 192.168.0.0 0.0.1.255
> >> ip access 1 per any
> >> This statement should block all odd # routes, but it
> >> dosen't. The only route blocked is 192.168.1.0/24.
> >>
> >> Here is a copy of the config, version(C2500-JS-L),12.0(8)
> >>
> >> Building configuration...
> >>
> >> Current configuration:
> >> !
> >> version 12.0
> >> service timestamps debug uptime
> >> service timestamps log uptime
> >> no service password-encryption
> >> !
> >> hostname r5
> >> !
> >> no logging console
> >> enable password cisco
> >> !
> >> ip subnet-zero
> >> no ip domain-lookup
> >> ip host r6 2001 137.20.60.1
> >> !
> >> !
> >> !
> >> interface Loopback0
> >> ip address 137.20.60.1 255.255.255.0
> >> no ip directed-broadcast
> >> !
> >> interface Ethernet0
> >> no ip address
> >> no ip directed-broadcast
> >> shutdown
> >> !
> >> interface Serial0
> >> ip address 137.20.101.5 255.255.255.0
> >> no ip directed-broadcast
> >> encapsulation frame-relay
> >> ip ospf priority 0
> >> no ip mroute-cache
> >> no fair-queue
> >> clockrate 72000
> >> frame-relay map ip 137.20.101.1 501 broadcast
> >> frame-relay map ip 137.20.101.3 501 broadcast
> >> frame-relay interface-dlci 501
> >> no frame-relay inverse-arp
> >> frame-relay lmi-type ansi
> >> !
> >> interface Serial1
> >> ip address 137.20.50.1 255.255.255.0
> >> no ip directed-broadcast
> >> !
> >> router eigrp 1
> >> redistribute ospf 1 metric 115 1 255 1 1500 match
> internal
> >> external 1 external
> >> 2
> >> passive-interface Loopback0
> >> passive-interface Serial0
> >> network 137.20.0.0
> >> !
> >> router ospf 1
> >> summary-address 10.1.0.0 255.255.0.0
> >> redistribute eigrp 1 metric 5555 subnets route-map redis
> >> network 137.20.60.0 0.0.0.255 area 60
> >> network 137.20.101.0 0.0.0.255 area 0
> >> !
> >> ip classless
> >> !
> >> access-list 1 deny 192.168.0.0 0.0.1.255
> >> access-list 1 permit any
> >> route-map redis permit 10
> >> match ip address 1
> >> !
> >> !
> >> !
> >> line con 0
> >> exec-timeout 0 0
> >> transport input none
> >> line aux 0
> >> exec-timeout 0 0
> >> transport preferred telnet
> >> transport input telnet
> >> stopbits 1
> >> line vty 0 4
> >> exec-timeout 0 0
> >> no login
> >> !
> >> end
> >>
> >> TAI,
> >>
> >> Tom Winters
> >>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:52 GMT-3