From: Paul (p_chopin@xxxxxxxxx)
Date: Tue Jun 04 2002 - 03:55:49 GMT-3
That would be great if we can find some answers. I've
been strugling with this for a week now.
You are the first guy who validated my results.
Thanks John
--- John Maliakal <john.maliakal@cwgoindia.com> wrote:
> Hi Paul,
> You are right, I just checked it up in the lab
> ...when you use the extended access list all routes
> vanish.
>
> I also tried using the extended access-list to
> perform the equivalent of the standard by trying
>
> permit 200.200.1.0 0.0.254.0 any
> deny any any
>
> but that also didnt work ...
> so that clearly means that the way how the extended
> accesslist is implemeted with rip is different or
> that it doesnt work.
>
> lets check it up with cisco and find out how it is
> done.
>
> > Regards
> > John F Maliakal
>
>
> -----Original Message-----
> From: Paul [mailto:p_chopin@yahoo.com]
> Sent: Tuesday, June 04, 2002 10:48 AM
> To: John Maliakal
> Cc: ccielab@groupstudy.com
> Subject: RE: Route filtering
>
>
> Hi John,
> You right , this is exactly what I want to do.But...
> when I use the access list you just point to, I get
> everything block. I tried rip ver 2 and eigrp
> already
> and the outcome is the same.
> I'm puzzled myself. This list works like a charm in
> BGP
> Thanks.
> Paul
> --- John Maliakal <john.maliakal@cwgoindia.com>
> wrote:
> > Hi Paul,
> > let me first understand your requirement.
> >
> > You want to only allow 200.200.x.0/24 networks
> where
> > x is an odd number , and the mask should allows
> > remain 24.
> > rest of the networks you wand to deny.
> >
> > I guess for this you should use the extended
> > access-list along with the distribute list..
> >
> > The access-list would look like this
> >
> > permit 200.200.1.0 0.0.254.0 255.255.255.0 0.0.0.0
> > deny any any
> >
> >
> > I guess you did right when you used standard
> > access-lists but since you want a perfect mask of
> > /24 only to be allowed you should use extended
> > access-lists.
> >
> > try this a let me know too
> >
> > Regards
> > John F Maliakal
> >
> > -----Original Message-----
> > From: Dustin.Yates@ercgroup.com
> > [mailto:Dustin.Yates@ercgroup.com]
> > Sent: Tuesday, June 04, 2002 7:11 AM
> > To: p_chopin@yahoo.com; ccielab@groupstudy.com
> > Subject: RE: Route filtering
> >
> >
> > Paul, I sent this one the other day, but maybe you
> > didn't see it:
> >
> > deny 200.200.0.0 0.0.254.0
> > perm any
> >
> > Now, here's the distribute list in action:
> >
> > r4:
> > router rip
> > version 2
> > network 155.10.0.0
> > network 200.200.0.0
> > network 200.200.1.0
> > network 200.200.2.0
> > network 200.200.3.0
> > network 200.200.4.0
> > network 200.200.5.0
> >
> > R4#siib
> > Interface IP-Address OK?
> > Method Status
> > Prot
> > ocol
> > FastEthernet0/0 155.10.44.4 YES
> NVRAM
> > up
> > up
> >
> > Serial0/0 155.10.45.4 YES
> NVRAM
> > up
> > up
> >
> > Loopback0 155.10.4.4 YES
> NVRAM
> > up
> > up
> >
> > Loopback1 200.200.1.1 YES
> > manual up
> > up
> >
> > Loopback2 200.200.2.1 YES
> > manual up
> > up
> >
> > Loopback3 200.200.3.1 YES
> > manual up
> > up
> >
> > Loopback4 200.200.4.1 YES
> > manual up
> > up
> >
> > Loopback5 200.200.5.1 YES
> > manual up
> > up
> >
> > R5#sir
> > Codes: C - connected, S - static, I - IGRP, R -
> RIP,
> > M - mobile, B - BGP
> > D - EIGRP, EX - EIGRP external, O - OSPF,
> IA
> > - OSPF inter area
> > N1 - OSPF NSSA external type 1, N2 - OSPF
> > NSSA external type 2
> > E1 - OSPF external type 1, E2 - OSPF
> external
> > type 2, E - EGP
> > i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS
> > level-2, ia - IS-IS inter
> > area
> > * - candidate default, U - per-user static
> > route, o - ODR
> > P - periodic downloaded static route
> >
> > Gateway of last resort is not set
> >
> > R 200.200.4.0/24 [120/1] via 155.10.45.4,
> > 00:00:22, Serial0/0.45
> > R 200.200.5.0/24 [120/1] via 155.10.45.4,
> > 00:00:22, Serial0/0.45
> > 155.10.0.0/16 is variably subnetted, 16
> > subnets, 3 masks
> > R 155.10.4.0/24 [120/1] via 155.10.45.4,
> > 00:00:12, Serial0/0.45
> > R 155.10.44.0/24 [120/1] via 155.10.45.4,
> > 00:00:13, Serial0/0.45
> > R 200.200.1.0/24 [120/1] via 155.10.45.4,
> > 00:00:25, Serial0/0.45
> > R 200.200.2.0/24 [120/1] via 155.10.45.4,
> > 00:00:25, Serial0/0.45
> > R 200.200.3.0/24 [120/1] via 155.10.45.4,
> > 00:00:25, Serial0/0.45
> > R5#conf t
> > Enter configuration commands, one per line. End
> > with CNTL/Z.
> > R5(config)#access-list 77 deny 200.200.0.0
> 0.0.254.0
> > R5(config)#access-list 77 perm any
> > R5(config)#router rip
> > R5(config-router)#distr
> > R5(config-router)#distribute-list 77 in s0/0.45
> > R5(config-router)#end
> > R5#clear ip route
> > 04:20:36: %SYS-5-CONFIG_I: Configured from console
> > by console
> > R5#clear ip route *
> > R5#sir
> > Codes: C - connected, S - static, I - IGRP, R -
> RIP,
> > M - mobile, B - BGP
> > D - EIGRP, EX - EIGRP external, O - OSPF,
> IA
> > - OSPF inter area
> > N1 - OSPF NSSA external type 1, N2 - OSPF
> > NSSA external type 2
> > E1 - OSPF external type 1, E2 - OSPF
> external
> > type 2, E - EGP
>
=== message truncated ===
This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:23 GMT-3