From: JOSE ANGEL MARTINEZ DE LA VARA (jamartinez@xxxxxxxxxxxxxxxx)
Date: Mon Feb 18 2002 - 09:08:43 GMT-3
I can tell you what I think I know, but of course any comment or suggestion
would be very wellcomed.
Distribute-list in behaves in different ways in distance vector and link
state protocols. In dv protocols such as RIP that command filters out the
routes and makes the protocol not to advertise the routes filtered. It can
be said that in that process the route is completely removed. For example:
int e0
description In RIP and learning 1.0.0.0/8 nets
ip add 10.0.0.1 255.255.255.0
int e1
description In RIP and learning 2.0.0.0/8 nets
ip add 11.0.0.1 255.255.255.0
int e2
description In RIP and learning 3.0.0.0/8 nets
ip add 12.0.0.1 255.255.255.0
int e3
description In IGRP and learning 4.0.0.0/8 nets
ip add 13.0.0.1 255.255.255.0
router rip
network 10.0.0.0
network 11.0.0.0
network 12.0.0.0
redistribute igrp 200 metric 4
distribute-list 1 in eth 0
distribute-list 3 in
router igrp 200
network 13.0.0.0
access-list 1 deny 1.0.0.0 0.255.255.255
access-list 1 permit any
access-list 2 deny 4.0.0.0 0.255.255.255
access-list 2 permit any
As you can see there are only distance vector protocols.
The first distribute-list statement filters out networks coming from
interface e0, that is 1.0.0.0/8 networks. So there will be no 1.0.0.0/8
routes in the routing table, rip database or rip advertisements. Well, at
least there will be no routes to taht network through e0!!!!
The third is applied always after any other distribute list executed over an
interface. The one we have will filter out routes to 4.0.0.0/8 network
coming from any RIP interface. Here comes one of my questions: Does that
distribute-list command apply to the 4.0.0.0/8 network coming redistributed
from RIP? Would it be applied if that network comes redistributed from IGRP
pointing to e0 so the 1st statement applies?
You can look at http://www.cisco.com/warp/public/105/34.html for further
details.
About distribute-list out you can guess easily if understood the previous
paragraphs. You have to add the distribute-lisy put applied to
redistribution created to filter in origin the routes you allow other
protocols to get from the first one.
This changes a lot when you talk about link state protocols. I'm not
completely sure (that is way I explain it all so you can correct my
mistakes, and please, do it) but I'll try to do my best.
A distribute-list in command in ospf router configuration applied to an
interface or none of them (what means in fact ALL of them), you have all lsa
in your database, but you make those "filtered" routes to appear in the
routing table (the local one). As far as the lsa are there in your database
you will advertise them to the others so that command will only take effect
in the router you are entering the command. It says in this link that this
command (not exactly, it is talking about the 'out' one) applies only to
external routes (that makes sense).
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c
/ipcprt2/1cdindep.htm#xtocid2568613
A distribute-list out command in OSPF does not support the interface
attribute (the doc says that). But I wonder why? I think that filtering the
external routes coming an interface would be usefull. Again it says it
applies to external routes only and behaves as described in distance vector.
Buff, congrats if you got here. Plese, if you have any comment I would
appreciate very much your help.
Thanks
Jose Angel
-----Mensaje original-----
De: RSiddappa@NECBNS.com [mailto:RSiddappa@NECBNS.com]
Enviado el: lunes, 18 de febrero de 2002 12:05
Para: sandyccie@yahoo.com
Cc: ccielab@groupstudy.com
Asunto: distribute-list ( Nth time)
Hi,
I am trying to understand the Distribute-list again, (nth time)
I.
Distribute-list 1 in serial 0
Under any routing process will work ( Regardless of link state or
Distance vector).
Provided that routing protocol is running on that interface.
II.
Distribute-list 1 out (RIP/OSPF/IGRP...)
Example :
Router OSPF 10
redistribute RIP
netwrok .....
Distribute-list 1 out rip
This is telling that give out the routes learned by RIP process, if
they permitted by access-list 1.
It is not saying that give out the routes if it learned from RIP
through redistribution and permitted access-list.
The redistribution statement under OSPF should not make any
difference.
I am asking very one pls verify and correct me if I am wrong.
Rajeev.
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:26 GMT-3