From: Jason Gardiner (gardiner@xxxxxxxxxx)
Date: Fri Aug 17 2001 - 12:24:51 GMT-3
Yeah, I had failed to read that only the aggregate was permitted. Of
course, I am not sure that it would necessarily work in the case you
pose, either. If the router received announcements for the four /24s
only, how can an access-list that filters aggregate those into a /22? I
believe that you would also need to hear the /22 for the scenario to be
valid.
At any rate, both Russell's and your comments have given me something to
explore further. And I thank you both for that.
Paul Crist wrote:
>
> The example that Russell gave does actually work if you wish to filter and
> only get the /22 address. I have used it with distribute list in on inbound
> rip. Let's clear the air and pose this question:
> You are receiving the following networks on your router, 194.201.48.0,
> 194.201.49.0, 194.201.50.0 and 194.201.51.0. Given these networks your
> supervior wants you to configure your router so only one routing entry, a
> summary of the networks is in your router. If you fail to do so you will be
> terminated (AKA you won't make it to day 2). Will the example you gave:
> access-list 103 permit ip 194.201.48.0 0.0.3.255 any
> Do this?
>
> Paul
> ----- Original Message -----
> From: "Jason Gardiner" <gardiner@sprint.net>
> To: "Fear, Russell H" <Russell.Fear@capgemini.co.uk>
> Cc: <ccielab@groupstudy.com>
> Sent: Friday, August 17, 2001 9:35 AM
> Subject: Re: BGP filter
>
> > Okay,
> >
> > First off, is there an international version of IOS? I've never seen
> > "neighbour" but rather "neighbor" :)
> >
> > I've never setup a dist list with an extended access-list , but it
> > appears that you are permitting from 194.201.48.0 with a mask of
> > 255.255.255.255 to host 255.255.252.0 with a mask of 255.255.255.255.
> >
> > Try this:
> >
> > access-list 103 permit ip 194.201.48.0 0.0.3.255 any
> >
> >
> >
> > "Fear, Russell H" wrote:
> > >
> > > Can someone in the group tell me where I'm going wrong here ?
> > >
> > > I have networks 194.201.48.0/24 - 194.201.51.0/24 plus the aggregate of
> > > 194.201.48.0/22 being advertised by a BGP speaker. I am trying various
> kinds
> > > of filters and the one I cannot get to work is the following.
> > >
> > > neighbour 172.168.16.1 distribute-list 103 out
> > >
> > > access-list 103 permit ip host 194.201.48.0 host 255.255.252.0
> > >
> > > The aggregate does not even reach the BGP table in the second
> router.I've
> > > checked the syntax and I think that this should let the aggregate only
> > > through.
> > >
> > > Any obvious mistakes ?
> > >
> > > Russell
> > >
> > >
> ****************************************************************************
> ****************
> > > " This message contains information that may be privileged or
> confidential and
> > > is the property of the Cap Gemini Ernst & Young Group. It is intended
> only for
> > > the person to whom it is addressed. If you are not the intended
> recipient, you
> > > are not authorized to read, print, retain, copy, disseminate,
> distribute, or use
> > > this message or any part thereof. If you receive this message in error,
> please
> > > notify the sender immediately and delete all copies of this message ".
> > >
> ****************************************************************************
> ****************
> > > **Please read:http://www.groupstudy.com/list/posting.html
> > --
> > Thanks,
> >
> > Jason Gardiner
> > Supervisor, Engineering Services
> > Sprint E|Solutions
> >
> > "You can swim all day in the Sea of Knowledge and
> > still come out completely dry. Most people do."
> >
> > - Norton Juster
> > **Please read:http://www.groupstudy.com/list/posting.html
> **Please read:http://www.groupstudy.com/list/posting.html
-- Thanks,Jason Gardiner Supervisor, Engineering Services Sprint E|Solutions
"You can swim all day in the Sea of Knowledge and still come out completely dry. Most people do."
- Norton Juster **Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:52 GMT-3