From: Craig Smith (inswnd@yahoo.com)
Date: Thu Dec 09 2004 - 22:49:11 GMT-3
The reason why it does not work the first time is
because you are applying the default_route access list
to the distance command, but it is EMPTY.
when you enter an standard named access-list you can
not type access-list 1 permit - after you name the
access list you simply add permit statements...
so in fact although you thought you entered the
default_route acl you were matching on ACL 1 which was
not at the end of the distance statement..
I hope I explained this correctly
thanks
--- Rasal Abdul Kader <rassal.rm@gmail.com> wrote:
> I'm working on Doit scenario -1. I'm facing a
> strange problem with named ACLs.
>
> R1 ----- R2 ----- R3
>
> R1 and R2 is level 2
> R2 and R3 is level 1
>
> In order to reach the outside domains R2 injects a
> default route to
> R3. But since your not allowed to have any default
> routes, i used the
> below on R3;
>
> router isis
> distance 255 0.0.0.0 255.255.255.255 default_route
>
> ip access-list standard default_route
> access-list 1 permit 0.0.0.0
>
> as soon as i entered the above, i don't see any
> routes on R3. But when
> i changed the above config to the following ;
>
> router isis
> distance 255 0.0.0.0 255.255.255.255 1
>
> ip access-list standard default_route
> access-list 1 permit 0.0.0.0
>
> everything works fine. I don't see the default route
> anymore. I could
> only get the L1 and L2 routes from R2 through
> redistribution. Any idea
> why i could not use a named ACL. Any help would be
> appreciated.
>
> thanks.
> rasal.
>
>
This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:26 GMT-3