RE: Route filtering with extended access list

From: Chua, Parry (Parry.Chua@xxxxxxxxxx)
Date: Mon Apr 29 2002 - 06:08:20 GMT-3

• Next message: cyberoy: "Re: Destination NAT"
• Previous message: Chua, Parry: "RE: filtering even subnets"
• Maybe in reply to: Jeff Szeto: "Route filtering with extended access list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I do some tests, the extended access list seen to work with IGP under redistrib
ution but will not work just on distribute-list.

> Parry Chua
>
>

-----Original Message-----
From: Jeff Szeto [mailto:jytszeto@hotmail.com]
Sent: Monday, April 29, 2002 2:08 PM
To: ying chang
Cc: ccielab@groupstudy.com
Subject: Re: Route filtering with extended access list

Hi Chang,

Thank you.
Your list premit all routes with /24. I changed it to
ip prefix p3 permit 172.16.0.0/16 ge 24 le 24 and it will permit only the
172.16.x.x/24.
Just curious, I think the expression "ge 24 le 24" means routes with subnet
mask greater than or equal to 24 bits and also less than or equal to 24
bits.
But, actully, it means equal to 24 bits.

Jeff
----- Original Message -----
From: ying chang <ying_c@hotmail.com>
To: <jytszeto@hotmail.com>; <ccielab@groupstudy.com>
Sent: Monday, April 29, 2002 12:16 PM
Subject: Re: Route filtering with extended access list

> How about ip prefix-list p1 permit 0.0.0.0/0 ge 24 le 24?
>
>
> >From: "Jeff Szeto" <jytszeto@hotmail.com>
> >Reply-To: "Jeff Szeto" <jytszeto@hotmail.com>
> >To: <ccielab@groupstudy.com>
> >Subject: Route filtering with extended access list
> >Date: Mon, 29 Apr 2002 11:33:59 +0800
> >
> >Dear Group,
> >
> >R2-s0--------------------s1-R1
> > RIP-172.16.28.0/24
> >
> >Originally, R1 is learning the following rip routes from R2
> >R1#sh ip ro rip
> > 172.16.0.0/16 is variably subnetted, 20 subnets, 6 masks
> >R 172.16.184.0/22 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.180.0/25 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.181.0/26 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.182.0/27 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.181.64/28 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.60.0/24 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.8.0/24 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.90.0/24 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >R 172.16.70.0/24 [120/1] via 172.16.28.8, 00:00:02, Serial1
> >
> >I only want R1 to learn the routes with /24. I have tried the prefix list
and
> >it works
> >R1#sh ip pre
> >ip prefix-list p1: 2 entries
> > seq 5 deny 172.16.0.0/16 le 23
> > seq 10 permit 172.16.0.0/16 le 24
> >
> >But the extended access-list does not work,
> >R1#sh ip access 104
> >Extended IP access list 104
> > permit ip 172.16.0.0 0.0.255.255 host 255.255.255.0
> >
> >Could anyone help me? Also, is the prefix list I used the shortest one?
> >
> >Thank you in advance.
> >
> >Jeff

• Next message: cyberoy: "Re: Destination NAT"
• Previous message: Chua, Parry: "RE: filtering even subnets"
• Maybe in reply to: Jeff Szeto: "Route filtering with extended access list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:21 GMT-3