From: Pamela Forsyth (pforsyth@xxxxxxxxx)
Date: Mon Feb 26 2001 - 10:46:31 GMT-3
Michel, Stanford:
Recall that NLSP is a link-state routing protocol. The defining feature of
a link-state routing protocol is that all routers (at least all routers in
an area) maintain identical link-state databases. So you are never going to
be able to filter successfully in NLSP except at area borders and on
redistribution, just as in OSPF.
The key to success is to define your NLSP area borders in routers where you
want to do your filtering. NLSP areas are defined with different processes
in the same router, so you have to use the tag feature to identify them
uniquely. Filtering is done with a route-aggregation access list in
conjunction with explicit manual redistribution between areas as described
in the configuration guide. Study ALL the examples given for NLSP route
aggregation and try different things with the access lists. Pay particular
attention to the meanings of the "permit" and "deny" keywords, as they
don't necessarily do what you are used to with other IP or IPX access lists
when used in the context of NLSP route aggregation.
Hope this is enough to point you in the right direction.
Pamela
At 11:34 AM 2/26/01 +0100, you wrote:
>Dear Stanford,
>
>According to:
>
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios111/supdocs/sbo
>ok/sipx.htm
>
>you should use ACL in the range 1200-1299 for the NLSP "in" filtering.
>
>I will try that tonight.
>
>Regards,
>
>Michel
>
>
>
>
>Stanford Wong - CNS wrote:
> >
> > Hi Gang,
> > I have been working on NLSP. In particular trying to filter NLSP routes
> > from making it into my routing table.
> > All I am trying to do is filter out networks 30 and 31 with a distribute
> > list on router rd and it is not working. I need a sanity check that what I
> > am doing is okay and I don't have a bug in the IOS. The distribute list
> > command works great on eigrp but not on NLSP.
> >
> > the routers are all in a straight line..
> >
> > rc---rd
> >
> > Here is a sample of the router config -
> >
> > ----------router rc--------
> > ipx routing 3000.3000.3000
> > ipx internal-network 3000
> >
> > interface Loopback10
> > ipx network 30
> > !
> > interface Loopback11
> > ipx network 31
> > !
> > interface Loopback12
> > ipx network 32
> > !
> > interface Loopback13
> > ipx network 33
> > !
> > interface Serial 0
> > encapsulation ppp
> > ipx network 20
> > ipx nlsp enable
> > clockrate 125000
> > !
> > ipx router nlsp
> > area-address 20 FFFFFFF0
> > !
> > ipx router rip
> > no network 3000
> > no network 20
> > ----------router rd config ----------------
> > !
> > ipx routing 4000.4000.4000
> > ipx internal-network 4000
> > !
> > interface Serial0
> > encapsulation ppp
> > ipx network 20
> > ipx nlsp enable
> > !
> > access-list 801 deny 30
> > access-list 801 deny 31
> > access-list 801 permit FFFFFFFF
> > !
> > ipx router nlsp
> > area-address 20 FFFFFFF0
> > distribute-list 801 in Serial0
> > !
> > ipx router rip
> > no network all
> > !
> >
> > I do a clear ipx route * but the route keeps reappearing.
> > rd#sho ipx route
> > Codes: C - Connected primary network, c - Connected secondary network
> > S - Static, F - Floating static, L - Local (internal), W - IPXWAN
> > R - RIP, E - EIGRP, N - NLSP, X - External, A - Aggregate
> > s - seconds, u - uses, U - Per-user static
> >
> > No default route known.
> > L 4000 is the internal network
> > N 30 [45][05/01] via 3000.0000.0000.0001, 742s, Se0
> > N 31 [45][05/01] via 3000.0000.0000.0001, 742s, Se0
> > N 32 [45][05/01] via 3000.0000.0000.0001, 742s, Se0
> > N 33 [45][05/01] via 3000.0000.0000.0001, 742s, Se0
> >
> > Appreciate any pointers/comments...
> >
> > stanford
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:02 GMT-3