Re: distribute-list problem

From: Bob Sinclair (bsinclair@netmasterclass.net)
Date: Tue May 17 2005 - 16:40:37 GMT-3

• Next message: sumit.kumar@comcast.net: "EIGRP Varience"
• Previous message: hktco: "Re: distribute-list problem"
• Maybe in reply to: hktco: "distribute-list problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

htco,

Not sure why your example is not working. Below I apply a distribute-list in
to OSPF and get the expected result:

R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     157.10.0.0/28 is subnetted, 1 subnets
O E2 157.10.1.208 [110/1] via 172.16.14.4, 21:20:23, Serial0/0.14
     172.16.0.0/24 is subnetted, 4 subnets
O 172.16.43.0 [110/65] via 172.16.14.4, 21:20:23, Serial0/0.14
C 172.16.14.0 is directly connected, Serial0/0.14
C 172.16.123.0 is directly connected, Serial0/0.123
C 172.16.101.0 is directly connected, Loopback101
     147.10.0.0/27 is subnetted, 1 subnets
B 147.10.1.128 [20/0] via 172.16.123.2, 21:26:37

Note two OSPF routes: 157.10.1.208/28 and 172.16.43.0/24

R1(config)#ip prefix-list ONLY157 permit 157.10.1.208/28
R1(config)#router ospf 1
R1(config-router)#distribute-list prefix ONLY157 in
R1(config-router)#end
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

     157.10.0.0/28 is subnetted, 1 subnets
O E2 157.10.1.208 [110/1] via 172.16.14.4, 00:00:02, Serial0/0.14
     172.16.0.0/24 is subnetted, 3 subnets
C 172.16.14.0 is directly connected, Serial0/0.14
C 172.16.123.0 is directly connected, Serial0/0.123
C 172.16.101.0 is directly connected, Loopback101
     147.10.0.0/27 is subnetted, 1 subnets
B 147.10.1.128 [20/0] via 172.16.123.2, 21:27:35
R1#

After the distribute-list, only the permitted prefix exists in the table.

Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net

  ----- Original Message -----
  From: hktco
  To: cisco@groupstudy.com ; ccielab@groupstudy.com
  Sent: Tuesday, May 17, 2005 8:33 AM
  Subject: distribute-list problem

  Hi all,

  I don't understand why the following prefix list returns no result. When no
  prefix list is configured, the route exists in the route table. Someone
  please help and many thanks!!!

  ip prefix-list Nontrading seq 2 permit 192.168.21.0/24

  hktco

  ==========

  r2#sh ip os ne

  Neighbor ID Pri State Dead Time Address Interface
  1.1.1.1 1 FULL/BDR 00:00:35 192.168.1.1
  FastEthernet0.1
  r2#sh run
  Building configuration...

  interface Loopback0
   ip address 2.2.2.2 255.255.255.255
  !
  interface FastEthernet0
   no ip address
   no ip redirects
   no ip proxy-arp
   speed auto
   no cdp enable
  !
  interface FastEthernet0.1
   encapsulation dot1Q 2 native
   ip address 192.168.1.2 255.255.255.0
   no ip redirects
   no ip proxy-arp
   standby 11 ip 192.168.1.253
   standby 11 priority 95
   standby 11 preempt
   standby 12 ip 192.168.1.254
   standby 12 preempt
  !
  !
  interface Async5
   ip address 10.2.2.2 255.255.255.0
   no ip redirects
   no ip proxy-arp
   encapsulation ppp
   ip ospf cost 10000
   async dynamic routing
   async mode dedicated
   no peer neighbor-route
   no keepalive
   cdp enable
  !
  router ospf 100
   router-id 2.2.2.2
   log-adjacency-changes
   redistribute static metric-type 1 subnets
   network 0.0.0.0 255.255.255.255 area 0
   distribute-list prefix Nontrading in
  !
  ip classless
  ip route 192.168.11.0 255.255.255.0 192.168.1.100
  ip route 192.168.12.0 255.255.255.0 192.168.1.100
  no ip http server
  no ip http secure-server
  !
  !
  !
  ip prefix-list Nontrading seq 10 permit 0.0.0.0/0 le 32
  r2#sh ip ro os
       1.0.0.0/32 is subnetted, 1 subnets
  O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:20, FastEthernet0.1
       3.0.0.0/32 is subnetted, 1 subnets
  O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:20, FastEthernet0.1
       4.0.0.0/32 is subnetted, 1 subnets
  O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:20, FastEthernet0.1
  O E1 192.168.21.0/24 [110/10022] via 192.168.1.1, 00:00:20, FastEthernet0.1
       10.0.0.0/24 is subnetted, 2 subnets
  O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:20, FastEthernet0.1
  O E1 192.168.22.0/24 [110/10022] via 192.168.1.1, 00:00:20, FastEthernet0.1
  O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:20, FastEthernet0.1
  r2#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  r2(config)#ip pre
  r2(config)#ip prefix-list Nontrading seq 1 deny 192.168.22.0/24
  r2(config)#^Z
  r2#sh run | in ip pref
  ip prefix-list Nontrading seq 1 deny 192.168.22.0/24
  ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32
  r2#sh ip ro os
       1.0.0.0/32 is subnetted, 1 subnets
  O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:24, FastEthernet0.1
       3.0.0.0/32 is subnetted, 1 subnets
  O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:24, FastEthernet0.1
       4.0.0.0/32 is subnetted, 1 subnets
  O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:24, FastEthernet0.1
  O E1 192.168.21.0/24 [110/10022] via 192.168.1.1, 00:00:24, FastEthernet0.1
       10.0.0.0/24 is subnetted, 2 subnets
  O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:24, FastEthernet0.1
  O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:24, FastEthernet0.1
  r2#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  r2(config)#ip prefix-list Nontrading seq 2 deny 192.168.21.0/24
  r2(config)#^Z
  r2#sh ip ro os
       1.0.0.0/32 is subnetted, 1 subnets
  O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:02, FastEthernet0.1
       3.0.0.0/32 is subnetted, 1 subnets
  O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1
       4.0.0.0/32 is subnetted, 1 subnets
  O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:02, FastEthernet0.1
       10.0.0.0/24 is subnetted, 2 subnets
  O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:02, FastEthernet0.1
  O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1
  r2#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  r2(config)#no ip pre Nontrading seq 1
  r2#sh run | in ip pref
  ip prefix-list Nontrading seq 1 deny 192.168.22.0/24
  ip prefix-list Nontrading seq 2 deny 192.168.21.0/24
  ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32
  r2#sr os
       1.0.0.0/32 is subnetted, 1 subnets
  O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:32, FastEthernet0.1
       3.0.0.0/32 is subnetted, 1 subnets
  O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:32, FastEthernet0.1
       4.0.0.0/32 is subnetted, 1 subnets
  O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:32, FastEthernet0.1
       10.0.0.0/24 is subnetted, 2 subnets
  O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:32, FastEthernet0.1
  O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:32, FastEthernet0.1
  r2#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  r2(config)#no ip prefix-list Nontrading seq 1 deny 192.168.22.0/24
  r2(config)#^Z
  r2#sr os
       1.0.0.0/32 is subnetted, 1 subnets
  O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:03, FastEthernet0.1
       3.0.0.0/32 is subnetted, 1 subnets
  O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:03, FastEthernet0.1
       4.0.0.0/32 is subnetted, 1 subnets
  O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:03, FastEthernet0.1
       10.0.0.0/24 is subnetted, 2 subnets
  O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:03, FastEthernet0.1
  O E1 192.168.22.0/24 [110/10022] via 192.168.1.1, 00:00:03, FastEthernet0.1
  O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:03, FastEthernet0.1
  r2#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  r2(config)#no ip prefix-list Nontrading seq 2 deny 192.168.21.0/24
  r2(config)#ip prefix-list Nontrading seq 2 per 192.168.21.0/24
  r2(config)#^Z
  r2#sh ip ro os
       1.0.0.0/32 is subnetted, 1 subnets
  O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:02, FastEthernet0.1
       3.0.0.0/32 is subnetted, 1 subnets
  O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1
       4.0.0.0/32 is subnetted, 1 subnets
  O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:02, FastEthernet0.1
  O E1 192.168.21.0/24 [110/10022] via 192.168.1.1, 00:00:02, FastEthernet0.1
       10.0.0.0/24 is subnetted, 2 subnets
  O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:02, FastEthernet0.1
  O E1 192.168.22.0/24 [110/10022] via 192.168.1.1, 00:00:02, FastEthernet0.1
  O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1
  r2#
  r2#sh run | in pref
   distribute-list prefix Nontrading in
  ip prefix-list Nontrading description Disallow non-trading traffic to use
  the IPLC
  ip prefix-list Nontrading seq 2 permit 192.168.21.0/24
  ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32
  r2#conf t
  Enter configuration commands, one per line. End with CNTL/Z.
  r2(config)#no ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32
  r2(config)#^Z
  r2#sh run | in pref
   distribute-list prefix Nontrading in
  ip prefix-list Nontrading seq 2 permit 192.168.21.0/24
  r2#sh ip ro os

  r2#debug ip routing
  IP routing debugging is on
  ! TELNET INTO ROUTER TO CHANGE THE DISTRIBUTE-LIST
  r2#
  !ALLOW ALL 0.0.0.0/0 le 32
  000044: *Mar 1 08:45:53.195: RT: add 10.1.1.0/24 via 192.168.1.1, ospf
  metric [110/10001]
  000045: *Mar 1 08:45:53.195: RT: NET-RED 10.1.1.0/24
  000046: *Mar 1 08:45:53.195: RT: NET-RED queued, Queue size 1
  000047: *Mar 1 08:45:53.195: RT: add 192.168.2.0/24 via 192.168.1.1, ospf
  metric [110/10002]
  000048: *Mar 1 08:45:53.195: RT: NET-RED 192.168.2.0/24
  000049: *Mar 1 08:45:53.199: RT: NET-RED queued, Queue size 2
  000050: *Mar 1 08:45:53.199: RT: add 1.1.1.1/32 via 192.168.1.1, ospf
  metric [110/2]
  000051: *Mar 1 08:45:53.199: RT: NET-RED 1.1.1.1/32
  000052: *Mar 1 08:45:53.199: RT: NET-RED queued, Queue size 3
  000053: *Mar 1 08:45:53.199: RT: add 3.3.3.3/32 via 192.168.1.1, ospf
  metric [110/10002]
  000054: *Mar 1 08:45:53.199: RT: NET-RED 3.3.3.3/32
  000055: *Mar 1 08:45:53.199: RT: NET-RED queued, Queue size 4
  000056: *Mar 1 08:45:53.203: RT: add 4.4.4.4/32 via 192.168.1.1, ospf
  metric [110/10003]
  000057: *Mar 1 08:45:53.203: RT: NET-RED 4.4.4.4/32
  000058: *Mar 1 08:45:53.203: RT: NET-RED queued, Queue size 5
  000059: *Mar 1 08:45:53.203: RT: add 192.168.21.0/24 via 192.168.1.1, ospf
  metric [110/10022]
  000060: *Mar 1 08:45:53.203: RT: NET-RED 192.168.21.0/24
  000061: *Mar 1 08:45:53.203: RT: NET-RED queued, Queue size 6
  000062: *Mar 1 08:45:53.203: RT: add 192.168.22.0/24 via 192.168.1.1, ospf
  metric [110/10022]
  000063: *Mar 1 08:45:53.207: RT: NET-RED 192.168.22.0/24
  000064: *Mar 1 08:45:53.207: RT: NET-RED queued, Queue size 7
  !ALLOW ONLY 192.168.21.0/24
  000065: *Mar 1 08:46:16.355: RT: delete route to 1.1.1.1/32
  000066: *Mar 1 08:46:16.355: RT: NET-RED 1.1.1.1/32
  000067: *Mar 1 08:46:16.355: RT: NET-RED queued, Queue size 1
  000068: *Mar 1 08:46:16.355: RT: delete network route to 1.0.0.0
  000069: *Mar 1 08:46:16.355: RT: NET-RED 1.0.0.0/8
  000070: *Mar 1 08:46:16.355: RT: NET-RED queued, Queue size 2
  000071: *Mar 1 08:46:16.359: RT: delete route to 3.3.3.3/32
  000072: *Mar 1 08:46:16.359: RT: NET-RED 3.3.3.3/32
  000073: *Mar 1 08:46:16.359: RT: NET-RED queued, Queue size 3
  000074: *Mar 1 08:46:16.359: RT: delete network route to 3.0.0.0
  000075: *Mar 1 08:46:16.359: RT: NET-RED 3.0.0.0/8
  000076: *Mar 1 08:46:16.359: RT: NET-RED queued, Queue size 4
  000077: *Mar 1 08:46:16.363: RT: delete route to 4.4.4.4/32
  000078: *Mar 1 08:46:16.363: RT: NET-RED 4.4.4.4/32
  000079: *Mar 1 08:46:16.363: RT: NET-RED queued, Queue size 5
  000080: *Mar 1 08:46:16.363: RT: delete network route to 4.0.0.0
  000081: *Mar 1 08:46:16.363: RT: NET-RED 4.0.0.0/8
  000082: *Mar 1 08:46:16.363: RT: NET-RED queued, Queue size 6
  000083: *Mar 1 08:46:16.367: RT: delete route to 192.168.21.0/24
  000084: *Mar 1 08:46:16.367: RT: NET-RED 192.168.21.0/24
  000085: *Mar 1 08:46:16.367: RT: NET-RED queued, Queue size 7
  000086: *Mar 1 08:46:16.367: RT: delete route to 10.1.1.0/24
  000087: *Mar 1 08:46:16.367: RT: NET-RED 10.1.1.0/24
  000088: *Mar 1 08:46:16.367: RT: NET-RED queued, Queue size 8
  000089: *Mar 1 08:46:16.371: RT: delete route to 192.168.22.0/24
  000090: *Mar 1 08:46:16.371: RT: NET-RED 192.168.22.0/24
  000091: *Mar 1 08:46:16.371: RT: NET-RED queued, Queue size 9
  000092: *Mar 1 08:46:16.371: RT: delete route to 192.168.2.0/24
  000093: *Mar 1 08:46:16.375: RT: NET-RED 192.168.2.0/24
  000094: *Mar 1 08:46:16.375: RT: NET-RED queued, Queue size 10
  000095: *Mar 1 08:46:16.927: %SYS-5-CONFIG_I: Configured from console by
  vty0 (192.168.1.1)
  r2#

  _______________________________________________________________________
  Subscription information may be found at:
  http://www.groupstudy.com/list/CCIELab.html

• Next message: sumit.kumar@comcast.net: "EIGRP Varience"
• Previous message: hktco: "Re: distribute-list problem"
• Maybe in reply to: hktco: "distribute-list problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:58 GMT-3