From: Erick B. (erickbe@xxxxxxxxx)
Date: Thu Jan 18 2001 - 23:56:14 GMT-3
>From reading over the docs (command references) it
didn't say it wasn't possible. What document/page did
you see that on and what release doc CD? I agree that
the documentation writers could be clearer on the
description and how the command works, and the
dangers.
Perhaps it is described in detail in another document
I couldn't locate at the moment.
Let me try to explain how the command works from my
experience. OSPF maintains it's own database that is
shared amongst the OSPF routers. Each database is the
same for a given area. The distribute list in command
has no effect on the OSPF database - just the main
routing table which is built from all the routing
protocols running on the router. Routes from the OSPF
database will be put into the main routing table if
they are the best route. If you are using distribute
list in and deny a route then the routes from the OSPF
database that match the deny statement don't get
considered for the main routing table. The router uses
the main routing table to route/forward packets - not
the OSPF database.
This is similar for other link-state protocols.
I hope this helps.
Erick Bergquist
erick@bergquist.org
--- David FAHED <dfahed@outremer.com> wrote:
> First thanks for your answer.
>
> But I already know the risk of this. I just want to
> know why in the
> cisco cd they say that it isn't possible? For me it
> is possible with
> some care!
>
>
> "Erick B." wrote:
>
> > Hi,
> >
> > The issue with distribute-list in on OSPF is that
> you
> > need to be careful what you filter out else you
> can
> > break your routing. This command filters routes
> that
> > get put into the main routing table.
> >
> > For example:
> >
> > Topology: R1 ---- R2 ---- R3
> >
> > OSPF running on all 3 in area 0 announcing the
> > loopback address.
> >
> > Router 1 loopback: 1.1.1.1
> > Router 2 loopback: 2.2.2.2
> > Router 3 loopback: 3.3.3.3
> > No default routes anywhere.
> >
> > Without a distribute list, router 3 can ping
> 1.1.1.1
> > just fine. All routers have routes to every
> loopback.
> >
> > Now we put a distribute-list in on Router2 denying
> > 1.1.1.1 from being put in router 2's routing
> table.
> > Router 2 has routes to 2 and 3.
> > Router 1 has routes to 1, 2, and 3.
> > Router 3 has routes to 1, 2, and 3.
> >
> > Router 3 can't ping 1.1.1.1 because when the
> packet
> > gets to router 2, router 2 doesn't have a route to
> the
> > 1 network because it was filtered out.
> >
> > HTH, Erick
> >
> > --- David FAHED <dfahed@outremer.com> wrote:
> > > I couldn't understand the doc on the CD about
> > > distribute-list.
> > >
> > > The cd say :
> > > Control the Processing of Routing Updates
> > > You might want to avoid processing certain
> routes
> > > listed in incoming
> > > updates. This feature does not apply to OSPF or
> > > IS-IS. Use the following
> > > command in router
> > > configuration mode:
> > >
> > > distribute-list {access-list-number | name} in
> > > [interface-name]
> > >
> > > But I use in lot of my distribution Lab this
> command
> > > apply to an
> > > interface in a ospf routing process (with a
> ASBR) to
> > > filter external
> > > route. And it works find!
> > > I understand that you can't use a
> distribute-list
> > > out interface with a
> > > link state protocol but not why you can't do
> that
> > > with a distribute-list
> > > in interface....
> > >
> > > Any help will be welcome
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:34 GMT-3