From: George Spahl (g.spahl@xxxxxxxxxxxxx)
Date: Mon May 20 2002 - 15:03:33 GMT-3
Serguei,
If this were IP the command "distribute-list 10 out eigrp 99" it could
accurately be interpreted as
"distribute-list 10 (for routes coming) out (of) eigrp 99"
so when you're using the routing protocol argument the syntax seems kind
of backwards. Here's an example:
router ospf 11
redistribute rip metric 5 subnets
network 172.16.134.13 0.0.0.0 area 2
distribute-list 13 out rip
Here the distribute-list statement controls the routes that are being
distributed into OSPF from RIP
I've done a little testing and it seems that this is also the case with
IPX (sort of).
The example below seemed to work: (blocks IPX net 813 from being
redistributed into EIGRP from NLSP):
access-list 813 deny 113
access-list 813 permit FFFFFFFF
ipx router eigrp 14356
redistribute nlsp
distribute-list 813 out nlsp
network 356
However, using this same method while redistributing into NLSP from
EIGRP did not work. I don't understand why it shouldn't at all.
Perhaps, my results aren't correct.
Also, with respect to the "distribute-sap-list 1001 out EIGRP(or NLSP)"
I couldn't get it to work at all; in either direction. The functionality
just doesn't seem to be there.
All I can say is that those were my results. My testing wasn't
extensive so I hereby throw down the gauntlet to all the IPX aficionados
out there to prove otherwise, thereby setting the record straight!
As for your specific case I think you could go to your downstream NLSP
routers and use a simple "distribute-list 800 in" to block FS1. Hope
this helps!
George
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Bezverkhi, Serguei
Sent: Sunday, May 19, 2002 8:26 PM
To: ccielab@groupstudy.com; Kato Jr, Masao G
Subject: RIP NLSP and SAP filtering
Hello gentlemen,
I have a strange SAP filtering problem, here is the scenario. On one
router's loopback and Ethernet interfaces are IPX RIP, there are 2
static SAP (FS1 and FS2 type 4) defined on the loopback's network, and
two serial interfaces are NLSP with downstream neighbors.Everything
seems O.k..
When I try to filter outgoing sap advertisement (I want just FS2 to be
visible to the rest of the network), sometimes both SAP disappear
sometimes no changes at all. Appreciate any ideas or guidelines for best
practices on IPX redistribution.
Here is the config:
version 12.2
!
ipx routing 0000.0000.0021
ipx internal-network 210021
!
!
!
!
interface Loopback0
ipx network 21
!
interface Ethernet0
ipx network 50
!
interface Serial0
ipx network 122
ipx nlsp 212210 enable
!
interface Serial1
ipx network 121
ipx nlsp 212210 enable
!
!
ipx router nlsp 212210
distribute-sap-list Filter-Out out rip
area-address 0 0
!
!
ipx router rip
no network 122
no network 121
!
!
ipx sap 4 FS1 21.0000.0001.0021 451 2
ipx sap 4 FS2 21.0000.0002.0021 451 2
!
!
ipx access-list sap Filter-Out
deny 21 4 FS1
permit FFFFFFFF
!
end
Serguei Bezverkhi
Technical Consultant
HP Services
Hewlett-Packard (Canada) Ltd.
514.856.6347 phone
514.856.6333 fax
514.9278254 mobile
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:02 GMT-3