From: CCIE1DAY (ccie1day@totalise.co.uk)
Date: Wed Feb 12 2003 - 07:56:51 GMT-3
THis is because you are using your extended access list incorrectly.
should be as follows
access-list 101 permit ip <source address of RIP speaker > < inv-mask> <
routes_allowable> < inv mask>
so, in your example
router rip
net xxx
distribute-list 101 in E0 !or whatever!
access-list 101 permit ip any 198.5.0.0 0.0.254.255
!
NOW, if you wanted to resrict not only the accepted routes, but from WHO you
received them from you could:
access-list 101 pemit ip host 135.1.2.2 198.5.0.0 0.0.254.255
access-list 101 pemit ip host 135.1.2.3 198.5.1.0 0.0.254.255
would accept even subnets from 135.1.2.2 and odds from 135.1.2.3
cheers
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Sage Vadi
Sent: 12 February 2003 10:23
To: ccielab@groupstudy.com
Subject: RE: ACL's: Even/Odd -- allow EVEN
All,
Receive the following RIPv1 routes (ingress).
198.5.51.0 in 1 hops
198.5.52.0 in 1 hops
198.5.53.0 in 1 hops
198.5.54.0 in 1 hops
Want to permit only the EVEN networks. My calculation
as follows:
52 = 00110100
54 = 00110110
Accordingly we have to do an inverse mask that matches
on the LAST bit (even numbers). That is what I have
done and tested on a subnet calculator (it seems to
bring out the correct addresses).
Hence -
permit ip 198.5.0.0 0.0.254.255 any
Would permit ALL even networks (til 254). Which is
fine, I don't care how speficic.
Q) When I apply this inbound on my egress interface
where I'm receiving this routes - it just doesn't
work?!?!
What stupid thing am I doing? I feel like bashing this
monitor...
rgds,
Sage
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:19 GMT-3