RE: distribute-list under router eigrp (long)

From: RSiddappa@xxxxxxxxxx
Date: Sat Mar 16 2002 - 15:50:15 GMT-3

• Next message: Jeff Kesemeyer: "RE: CCIE Practical Studies Volume 1"
• Previous message: Lupi, Guy: "RE: distribute-list under router eigrp (long)"
• Maybe in reply to: ying chang: "distribute-list under router eigrp (long)"
• Next in thread: Erick B.: "RE: distribute-list under router eigrp (long)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Distribute-list will deny routing updates not the eigrp packets.

Passive interface will dney your EIGRP packes.

hope this helps.

R.

-----Original Message-----
From: ying chang [mailto:ying_c@hotmail.com]
Sent: Saturday, March 16, 2002 12:05 PM
To: ccielab@groupstudy.com
Subject: distribute-list under router eigrp (long)

I'm doing an excercise from

http://www.cisco.com/warp/public/103/16.html

which basically said passive-interface will prevent eigrp
routers to form neighbors, in order to get the same effect from
"passive-interface", use the "distribute-list out". Everything works as it
said, but here are a few things I don't understand:

Below is my topology, everything is applied to R2

R2<------eigrp----->R6

I use "access-list 22 deny any" on R2 which would deny everything.

1. R2's distribute-list out will preventing hello to R6, since R6 could not
receive the hello packets, isn't R6 not be able to form neighbor with R6?
What I saw is R6 still form neighbors with R2.

2. I added distribute-list in on R2, which I was hoping to achive the same
result as passive-interface. The result is the distribute-list block the
hello, but R2 and R6 form neighbors.

3. I then have both distribute-list in and distribute-list out on R2 to
block everything. Well, I still got the samething. They formed neighbors
even I could not see any hello packets from "debug eigrp packet hello".

4. I then have distribute-list on both R2 and R6 but got the same result as

above. At this point, I'm compltely lost.

Configs and output are at the end of the message.

Thanks,
Chang
----------------------------------------------------
No passive interface, no distribute-list => neighbors OK

R2:
interface Serial1
ip address 10.1.1.2 255.255.255.0
clockrate 2000000

router eigrp 100
network 10.0.0.0
auto-summary
no eigrp log-neighbor-changes
!

R6:

interface Serial1
ip address 10.1.1.6 255.255.255.0
router eigrp 100
network 10.0.0.0
auto-summary
no eigrp log-neighbor-changes
!

r6#sh ip eigrp nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
Type
                                        (sec) (ms) Cnt Num
0 10.1.1.2 Se1 13 00:03:06 536 3216 0 1

---------------------------------------------------
Passive interface => no neighbors as expected
r2#ct
Enter configuration commands, one per line. End with CNTL/Z.
r2(config)#router eigrp 100
r2(config-router)#passive s1
r2(config-router)#^Z
r2#
01:19:25: %SYS-5-CONFIG_I: Configured from console by console
r2#sh ip eigrp nei
IP-EIGRP neighbors for process 100
r6#sh ip eigrp nei
IP-EIGRP neighbors for process 100
r6#

---------------------------------------------------
No passive interface, access-list out, neighbors OK as expected on r2 but I
don't understand why r6 can form neighbor with r2.

r2(config)#router eigrp 100
r2(config-router)#no passive s1
r2(config-router)#distribute-list 22 out s1
r2(config-router)#exit
r2(config)#access-list 22 deny any
r2(config)#^Z
r2#
01:24:03: %SYS-5-CONFIG_I: Configured from console by console
r2#sh ip eigrp nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
Type
                                        (sec) (ms) Cnt Num
0 10.1.1.6 Se1 11 00:00:03 1 3000 1 0
r2#

r6#sh ip eigrp nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
Type
                                        (sec) (ms) Cnt Num
0 10.1.1.2 Se1 13 00:03:54 1440 5000 0 4
---------------------------------------------------------
No passive interface, apply access-list in and access-list out. completely
lost why it did not stop neighboring as there are no hello packets coming in

or going out.

r2(config)#router eigrp 100
r2(config-router)#distribute-list 22 in s1
r2(config-router)#^Z
r2#
r2#clear ip eigrp nei 10.1.1.6
r2#sh ip eigrp nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
Type
                                        (sec) (ms) Cnt Num
0 10.1.1.6 Se1 14 00:00:00 1 2000 1 0

r2#debug eigrp packet hello
EIGRP Packets debugging is on
    (HELLO)
r2#clear ip eigrp nei
r2#sh ip eigrp nei
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
Type
                                        (sec) (ms) Cnt Num
0 10.1.1.6 Se1 12 00:00:10 1 4500 0 7
r2#

• Next message: Jeff Kesemeyer: "RE: CCIE Practical Studies Volume 1"
• Previous message: Lupi, Guy: "RE: distribute-list under router eigrp (long)"
• Maybe in reply to: ying chang: "distribute-list under router eigrp (long)"
• Next in thread: Erick B.: "RE: distribute-list under router eigrp (long)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:11 GMT-3