From: David Wolsefer (dwolsefer@xxxxxxxx)
Date: Tue Feb 20 2001 - 16:21:27 GMT-3
Look at the access-list. You specified:
access-list 100 deny ip host 201.112.97.192 host 255.255.255.224
access-list 100 permit ip any any
201.112.97.192 is the network. You can't use the host keyword because there
is no host 201.112.97.192. Look at it in binary.
192 = 1100 0000, the first three bits are network as seen by the
255.255.255.224 mask. Redo your access-list to deny that network subnet. Why
not redo the access-list to permit only the network you want, this way you
can do it in a single line instead of two. Remember the implicit deny. You
also need to use inverse masks with access-lists, not regular subnet masks.
You should be using 0.0.0.31, not 255.255.255.224.
Regards,
David Wolsefer, CCIE #5858
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Hebert, Cory J (cory.hebert@wcom.com)
Sent: Tuesday, February 20, 2001 11:00 AM
To: 'Tracy Blackmore'
Cc: 'ccielab@groupstudy.com'
Subject: RE: how do I stop connected routes from being injected?
Here's my config. Any clues why I can't stop S0's subnet from being
advertised to downstream neighbors?
interface Serial0
ip address 201.112.97.194 255.255.255.224
no fair-queue
!
interface TokenRing0
ip address 201.112.97.17 255.255.255.248
ring-speed 16
!
router eigrp 1
passive-interface Serial0
network 201.112.97.0
distribute-list 100 out connected
no auto-summary
!
access-list 100 deny ip host 201.112.97.192 host 255.255.255.224
access-list 100 permit ip any any
!
-----Original Message-----
From: Tracy Blackmore [mailto:TracyB@TSLAD.com]
Sent: Tuesday, February 20, 2001 12:49 PM
To: Hebert, Cory J (cory.hebert@wcom.com)
Subject: RE: how do I stop connected routes from being injected?
Try removing the connected from the distribute-list out command. A general
distribute-list out should keep EIGRP from advertising the routes specified
in the list.
Tracy W. Blackmore
T.S. Lad Consulting
1026 E Stanford Ave.
Gilbert, AZ., 85234
(480)558-0472
-----Original Message-----
From: Hebert, Cory J (cory.hebert@wcom.com)
[mailto:cory.hebert-eds@eds.com]
Sent: Tuesday, February 20, 2001 11:42 AM
To: 'Amyn Naran'; Pablo Thoma; 'ccielab@groupstudy.com'
Subject: RE: how do I stop connected routes from being injected?
Thanks for the help guys. But, I guess I should have mentioned that I
already have passive-interfaces defined, and that still does not help. I
thought that 'distriblute-list x out conneected' would have done it, but
that didn't help either.
Cory
-----Original Message-----
From: Amyn Naran [mailto:amyn_naran@yahoo.com]
Sent: Tuesday, February 20, 2001 12:14 PM
To: Pablo Thoma; Hebert, Cory J (cory.hebert@wcom.com)
Subject: Re: how do I stop connected routes from being injected?
remember the intent of the passive intf - to NOT advertise but listen.
--- Pablo Thoma <pthoma@employees.org> wrote:
> try
>
> passive-interface
>
> for those that you wish not to be included.
>
> Cheers,
>
> Pablo
>
> "Hebert, Cory J (cory.hebert@wcom.com)" wrote:
>
> > Hi all,
> >
> > I have simple question for you guys. I have a router running
> eigrp, and all
> > interfaces on the router have subnets of the same major classful
> network.
> > Well, obviously, I put the classful network statement under eigrp.
> Well, as
> > soon as eigrp sees that it has an interface belonging to the same
> classful
> > network defined under the eigrp process, it injects the connected
> route into
> > the process.
> >
> > I've tried 'no redistribute connected', 'distribute-list x out
> connected',
> > nothing works. Can someone help me to stop this connected route
> from being
> > injected into eigrp, so that the downstream router doesn't learn
> it?
> >
> > Thanks!
> >
> > Cory
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:54 GMT-3