Re: distribute-list under router eigrp (long)

From: Ahmed Mamoor Amimi (mamoor@xxxxxxxx)
Date: Sun Mar 17 2002 - 00:44:51 GMT-3

• Next message: Bernard Omrani: "RE: ATM SVC"
• Previous message: RSiddappa@xxxxxxxxxx: "RE: r routes in BGP table"
• Maybe in reply to: ying chang: "distribute-list under router eigrp (long)"
• Next in thread: ying chang: "Re: distribute-list under router eigrp (long)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Chang,
Distibution list is not used to block hello packets but are used block
routing updates.
neigbours will still be formed. this is the normal behavoiur

-Mamoor

----- Original Message -----
From: ying chang <ying_c@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Saturday, March 16, 2002 11:04 PM
Subject: distribute-list under router eigrp (long)

> I'm doing an excercise from
>
> http://www.cisco.com/warp/public/103/16.html
>
> which basically said passive-interface will prevent eigrp
> routers to form neighbors, in order to get the same effect from
> "passive-interface", use the "distribute-list out". Everything works as it
> said, but here are a few things I don't understand:
>
> Below is my topology, everything is applied to R2
>
> R2<------eigrp----->R6
>
> I use "access-list 22 deny any" on R2 which would deny everything.
>
> 1. R2's distribute-list out will preventing hello to R6, since R6 could
not
> receive the hello packets, isn't R6 not be able to form neighbor with R6?
> What I saw is R6 still form neighbors with R2.
>
> 2. I added distribute-list in on R2, which I was hoping to achive the same
> result as passive-interface. The result is the distribute-list block the
> hello, but R2 and R6 form neighbors.
>
> 3. I then have both distribute-list in and distribute-list out on R2 to
> block everything. Well, I still got the samething. They formed neighbors
> even I could not see any hello packets from "debug eigrp packet hello".
>
> 4. I then have distribute-list on both R2 and R6 but got the same result
as
> above. At this point, I'm compltely lost.
>
> Configs and output are at the end of the message.
>
> Thanks,
> Chang
> ----------------------------------------------------
> No passive interface, no distribute-list => neighbors OK
>
> R2:
> interface Serial1
> ip address 10.1.1.2 255.255.255.0
> clockrate 2000000
>
> router eigrp 100
> network 10.0.0.0
> auto-summary
> no eigrp log-neighbor-changes
> !
>
> R6:
>
> interface Serial1
> ip address 10.1.1.6 255.255.255.0
> router eigrp 100
> network 10.0.0.0
> auto-summary
> no eigrp log-neighbor-changes
> !
>
> r6#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> H Address Interface Hold Uptime SRTT RTO Q Seq
> Type
> (sec) (ms) Cnt Num
> 0 10.1.1.2 Se1 13 00:03:06 536 3216 0 1
>
> ---------------------------------------------------
> Passive interface => no neighbors as expected
> r2#ct
> Enter configuration commands, one per line. End with CNTL/Z.
> r2(config)#router eigrp 100
> r2(config-router)#passive s1
> r2(config-router)#^Z
> r2#
> 01:19:25: %SYS-5-CONFIG_I: Configured from console by console
> r2#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> r6#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> r6#
>
> ---------------------------------------------------
> No passive interface, access-list out, neighbors OK as expected on r2 but
I
> don't understand why r6 can form neighbor with r2.
>
> r2(config)#router eigrp 100
> r2(config-router)#no passive s1
> r2(config-router)#distribute-list 22 out s1
> r2(config-router)#exit
> r2(config)#access-list 22 deny any
> r2(config)#^Z
> r2#
> 01:24:03: %SYS-5-CONFIG_I: Configured from console by console
> r2#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> H Address Interface Hold Uptime SRTT RTO Q Seq
> Type
> (sec) (ms) Cnt Num
> 0 10.1.1.6 Se1 11 00:00:03 1 3000 1 0
> r2#
>
> r6#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> H Address Interface Hold Uptime SRTT RTO Q Seq
> Type
> (sec) (ms) Cnt Num
> 0 10.1.1.2 Se1 13 00:03:54 1440 5000 0 4
> ---------------------------------------------------------
> No passive interface, apply access-list in and access-list out. completely
> lost why it did not stop neighboring as there are no hello packets coming
in
> or going out.
>
> r2(config)#router eigrp 100
> r2(config-router)#distribute-list 22 in s1
> r2(config-router)#^Z
> r2#
> r2#clear ip eigrp nei 10.1.1.6
> r2#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> H Address Interface Hold Uptime SRTT RTO Q Seq
> Type
> (sec) (ms) Cnt Num
> 0 10.1.1.6 Se1 14 00:00:00 1 2000 1 0
>
> r2#debug eigrp packet hello
> EIGRP Packets debugging is on
> (HELLO)
> r2#clear ip eigrp nei
> r2#sh ip eigrp nei
> IP-EIGRP neighbors for process 100
> H Address Interface Hold Uptime SRTT RTO Q Seq
> Type
> (sec) (ms) Cnt Num
> 0 10.1.1.6 Se1 12 00:00:10 1 4500 0 7
> r2#
>
>
>
>

• Next message: Bernard Omrani: "RE: ATM SVC"
• Previous message: RSiddappa@xxxxxxxxxx: "RE: r routes in BGP table"
• Maybe in reply to: ying chang: "distribute-list under router eigrp (long)"
• Next in thread: ying chang: "Re: distribute-list under router eigrp (long)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:11 GMT-3