From: ccie2be (ccie2be@nyc.rr.com)
Date: Mon May 30 2005 - 13:36:53 GMT-3
Very interesting. I wonder why that doesn't work? Hmmm
One of things I'm trying to do is make sure I know each method of
accomplishing something since Cisco likes to remove options from how
something is done.
Invariably, Cisco tells you to do something that can be done 3 ways but
forbids you from using the only 2 ways you know. Don't you just hate when
that happens?
Tim
-----Original Message-----
From: Long Kwok [mailto:lkwok@ccieunix.com]
Sent: Monday, May 30, 2005 12:30 PM
To: ccie2be; Bob Sinclair; ccielab@groupstudy.com
Subject: RE: Filtering/Poisoning ISIS injected 0.0.0.0/0 default route from
L1 internal routers
I tried adding that to R2 under its router isis process , R2 is the one
injecting the 0/0 route into R6 , so after removing the distance command
under R6 and clear ip route * , and verifying that R6 does again have
the 0/0 route , I added the no set-attatch-bit under R2's isis process
and cleared ip route but R6 still gets the 0/0 route ???
Long
-----Original Message-----
From: ccie2be [mailto:ccie2be@nyc.rr.com]
Sent: Monday, May 30, 2005 9:06 AM
To: Long Kwok; 'Bob Sinclair'; ccielab@groupstudy.com
Subject: RE: Filtering/Poisoning ISIS injected 0.0.0.0/0 default route
from L1 internal routers
Long,
What happens if you configure, no set-attach-bit under the isis routing
process? Doesn't that prevent the default route from being advertised
from
a L1/L2 router to a L1 router?
Tim
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Long
Kwok
Sent: Monday, May 30, 2005 11:58 AM
To: Bob Sinclair; ccielab@groupstudy.com
Subject: RE: Filtering/Poisoning ISIS injected 0.0.0.0/0 default route
from
L1 internal routers
Thanks Bob,
I believe though that when you set the attatched bit doesn't this tell a
router to send a default route into L1 only devices ? I was doing a lab
that was not permitted to have any form of default 0/0 routes on any
routers unless explicitly permitted , and within the isis topology ,
there was an L1/L2 router then behind this L1/L2 router is a few L1
only routers , I believe by default this L1/L2 ABR if you will ,
automatically injects a 0/0 route to its internal L1 only
bretherin...... Thanks so much for reply Bob
TIA Long
_____
From: Bob Sinclair [mailto:bsin@cox.net]
Sent: Monday, May 30, 2005 5:47 AM
To: Long Kwok; ccielab@groupstudy.com
Subject: Re: Filtering/Poisoning ISIS injected 0.0.0.0/0 default route
from L1 internal routers
Long Kwok,
Here is a config and link that permits conditional setting of the
attached bit. I wonder if something along these lines would help.
!
router isis
net 39.0001.0000.0000.7201.00
set-attached-bit route-map CONDITION
!
route-map CONDITION
match int loop101
http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/isis_an.htm
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: Long Kwok <mailto:lkwok@ccieunix.com>
Sent: Sunday, May 29, 2005 3:03 PM
Subject: Filtering/Poisoning ISIS injected 0.0.0.0/0 default
route from L1 internal routers
Hi,
I have been trying to filter out the automatically injected
0.0.0.0/0
route that the L2 border router injects into its L1 internal
neighbors
as I guess it would be considered cheating on lab and you cannot
do that
I was trying to filter via distance 255 under L1 routers isis
router
process but not working. Here is what I tried.
Router isis
Distance 255 0.0.0.0 255.255.255.255 1
Access-list 1 deny 0.0.0.0 0.0.0.0
Tia Long
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:03 GMT-3