Re: ip prefix-list ....

From: Anthony Pace (anthonypace@xxxxxxxxxxx)
Date: Sat Jul 13 2002 - 21:03:14 GMT-3

• Next message: Tim Ross: "Re: PC for Reverse Telnetting"
• Previous message: Rob Hopkins: "Re: OT isdn testing"
• Maybe in reply to: Hunt Lee: "ip prefix-list ...."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
SO does only BGP use the Extended ACL to match masks? If RIP and OSPF
use it for Neigbor/route then what about IGRP and EIGRP? Which format
do they support on the Extended ACL?

Anthony Pace

On Thu, 04 Jul 2002 09:46:45 +0200, "Oliver Boehmer"
<oboehmer@cisco.com> said:
> The bad thing about extended acls in distribute-list is the different
> semantic they have within different protocols (which is, IIRC, not
> documented anywhere, hence unsupported). With OSPF and RIP, source =
> neighbor, dest = prefix, so no way of matching the prefix length.
>
> So prefix lists are recommended, they have a documented behaviour.
>
> oli
>
> At 19:46 03.07.2002 -0300, Carlos G Mendioroz wrote:
> >Gabor,
> >extended ACLs in distribute lists are supported (AFAIK) only in BGP.
> >
> >Gyuri Gabor wrote:
> > >
> > > Dear Oliver !
> > >
> > > You wrote:
> > >
> > > access-list 100 permit ip 172.16.0.0 0.0.3.255 255.255.255.0 0.0.0.0
> > > is semantically equal to
> > > ip prefix-list ... permit 172.16.0.0/22 ge 24 le 24
> > >
> > > I have tried this with the the following routes:
> > >
> > > R1#sh ip route rip | inc Ethernet0
> > > R 172.16.0.0/24 [120/1] via 150.100.1.101, 00:00:11, Ethernet0
> > > R 172.16.0.0/26 [120/1] via 150.100.1.101, 00:00:11, Ethernet0
> > > R 172.16.0.0/22 [120/1] via 150.100.1.101, 00:00:11, Ethernet0
> > > R 172.16.1.0/24 [120/1] via 150.100.1.101, 00:00:11, Ethernet0
> > > R 172.16.3.0/25 [120/1] via 150.100.1.101, 00:00:11, Ethernet0
> > >
> > > When I implent the distribute-list (the begin of the access-list line
> > is wrapped by router):
> > >
> > > R1#conf t
> > > Enter configuration commands, one per line. End with CNTL/Z.
> > > R1(config)#no access-list 100
> > > R1(config)#$ 100 permit ip 172.16.0.0 0.0.3.255 255.255.255.0 0.0.0.0
> > > R1(config)#router rip
> > > R1(config-router)#distribute-list 100 in e 0
> > > R1(config-router)#end
> > > R1#
> > > *Mar 3 07:19:49: %SYS-5-CONFIG_I: Configured from console by console
> > > R1#sh ip route rip | inc Ethernet0
> > > R 172.16.0.0/24 [120/1] via 150.100.1.101, 00:01:04, Ethernet0
> > > R 172.16.0.0/26 [120/1] via 150.100.1.101, 00:01:04, Ethernet0
> > > R 172.16.0.0/22 [120/1] via 150.100.1.101, 00:01:04, Ethernet0
> > > R 172.16.1.0/24 [120/1] via 150.100.1.101, 00:01:04, Ethernet0
> > > R 172.16.3.0/25 [120/1] via 150.100.1.101, 00:01:04, Ethernet0
> > >
> > > As You can see, all the routes are refused (the update timer is 30 sec).
> > > I use IOS 12.1.14.
> > >
> > > What is the problem ?
> > >
> > > Gabor

• Next message: Tim Ross: "Re: PC for Reverse Telnetting"
• Previous message: Rob Hopkins: "Re: OT isdn testing"
• Maybe in reply to: Hunt Lee: "ip prefix-list ...."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:29 GMT-3