From: Lupi, Guy (Guy.Lupi@xxxxxxxxxxxxx)
Date: Mon Apr 22 2002 - 13:05:50 GMT-3
Which is perfect, because I must have spent about 9 hours one day trying
different methods with every protocol but BGP. Story of my life, but thank
you for that, I will have to practice that with bgp to make sure I
understand it. Thanks again.
~-----Original Message-----
~From: Brian McGahan [mailto:brian@cyscoexpert.com]
~Sent: Monday, April 22, 2002 12:02 PM
~To: Lupi, Guy; 'Sukhjit Singh'; ccielab@groupstudy.com
~Subject: RE: ACL question
~
~
~Guy,
~
~ Route filtering using extended access-list syntax can only be
~applied with BGP. The routes mentioned were as follows:
~
~10.1.120.0 /24
~10.1.120.0 /22
~
~If you are trying to filter these routes in the context of BGP, the
~following access-list would work:
~
~Access-list 100 permit host 10.1.120.0 host 255.255.252.0
~
~Instead of source destination pairs, this list (only in the context of
~BGP remember) reads as a prefix & prefix-length pair. This access-list
~translates to the following prefix-list:
~
~Ip prefix-list 1 permit 10.1.120.0/22
~
~If you want to do exact prefix & prefix-length matches with other
~protocols besides BGP, then you have to use the prefix-list. And yes,
~you can apply the prefix to a distribute-list with the 'distribute-list
~prefix' command. To match it in a route-map, use the syntax 'match ip
~address prefix-list'. A prefix-list can also be applied to a BGP
~neighbor directly with the command 'neighbor x.x.x.x prefix-list
~[in/out]'.
~
~HTH
~
~Brian McGahan
~CCIE #8593
~brian@cyscoexpert.com
~
~CyscoExpert Corporation
~Internetwork Consulting & Training
~http://www.cyscoexpert.com
~Voice: 847.674.3392
~Fax: 847.674.2625
~
~
~-----Original Message-----
~From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
~Lupi, Guy
~Sent: Monday, April 22, 2002 10:36 AM
~To: 'Sukhjit Singh'; ccielab@groupstudy.com
~Subject: RE: ACL question
~
~I would like to know another way also, but I have yet to find solid
~documentation on complex route filtering using extended access
~lists. I
~have seen an example here and there, and I have made it work
~before, but
~it
~doesn't work all the time. I am sure I am doing something wrong, but I
~can't find a good documentation piece that explains the process in
~detail.
~Anyone have a link or some other resource for this?
~
~~-----Original Message-----
~~From: Sukhjit Singh [mailto:ssukhjit@yahoo.com]
~~Sent: Monday, April 22, 2002 11:40 AM
~~To: Lupi, Guy; ccielab@groupstudy.com
~~Subject: RE: ACL question
~~
~~
~~Lupi,
~~
~~You are right, prefix-list worked,
~~
~~ip prefix-list 34 seq 5 deny 10.1.120.0/24
~~ip prefix-list 34 seq 15 permit 10.0.0.0/8 le 23
~~ip prefix-list 34 seq 20 permit 10.1.124.0/24
~~
~~However still i am keen to know another way, if
~~possible using acl, Thanks,
~~Sukhs,
~~
~~--- "Lupi, Guy" <Guy.Lupi@eurekaggn.com> wrote:
~~> I don't know what it would be as far as an extended
~~> access list, but you
~~> could use a "distribute-list prefix" to call a
~~> prefix list instead of an
~~> access list, that way you could define exactly what
~~> you want to be
~~> redistributed.
~~>
~~> ~-----Original Message-----
~~> ~From: Sukhjit Singh [mailto:ssukhjit@yahoo.com]
~~> ~Sent: Monday, April 22, 2002 10:22 AM
~~> ~To: ccielab@groupstudy.com
~~> ~Subject: ACL question
~~> ~
~~> ~
~~> ~ACL Experts,
~~> ~
~~> ~I have two routes in my R1 routing table,
~~> ~10.1.120.0 /24
~~> ~And 10.1.120.0 /22 (Summary route)
~~> ~
~~> ~I want to filter the /24 route & want to only pass
~~> /22
~~> ~summary route to other routers. I am using
~~> ~distribute-list command with route-map.
~~> ~
~~> ~It passes both of these routes, I am not sure what
~~> ~will be the right wildcard combination which can
~~> ~differnciate b/w these 2 routes.
~~> ~
~~> ~Any suggestions please,
~~> ~
~~> ~regards,
~~> ~Sukhs,
~~> ~
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:16 GMT-3