Re: Extended ACL with EIGRP

From: Arun Arumuganainar (aarumuga@hotmail.com)
Date: Wed Aug 03 2005 - 14:18:52 GMT-3

• Next message: Loc Pham: "RE: IWEB Lab 14 Task 5.11 IS-IS in HUB-n-SPOKE"
• Previous message: kumara.shunmugam@wipro.com: "RE: IWEB Lab 14 Task 5.11 IS-IS in HUB-n-SPOKE"
• Maybe in reply to: gladston@br.ibm.com: "Extended ACL with EIGRP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi ,

First a general request : It would be better to avoid aliases like "sir ei"
 I took a little time to understand what it was . Its offcourse will be
easy for you use the aliased . But if others are debugging your router trace
it is very difficult for them to follow .

Now coming back to your question .... What do you want to achieve
???...Allow eigrp network 148.5.214.8/29 ( pls. correct me if i am wrong ).
Then try this one

ip access-list 101 permit ip 148.5.214.8 0.0.0.7 255.255.255.248 0.0.0.7

Pls. let me know if you have any problems .

Thanks and Regards
Arun
----- Original Message -----
From: <gladston@br.ibm.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, August 03, 2005 7:04 PM
Subject: Extended ACL with EIGRP

> Have you seem this behavior?
> Distribute-list with an extended acl works, but only if the network is
specified on the destination of the acl.
>
> Rack2CAT1#b router ei
> router eigrp 147
> network 148.5.147.0 0.0.0.255
> distribute-list 141 in
>
> Rack2CAT1#sir ei
> 148.5.0.0/16 is variably subnetted, 34 subnets, 4 masks
> D 148.5.214.8/29
> [90/409600] via 148.5.147.14, 00:00:33, FastEthernet0/24
>
> Rack2CAT1#i access-list 141
> access-list 141 permit ip any host 148.5.214.8
>
> Specifying it on the source does not work:
>
> Rack2CAT1(config-router)#access-list 139 per ip h 148.5.214.8 a
> Rack2CAT1(config)#router eigrp 147
> Rack2CAT1(config-router)#distribute-list 139
>
> Rack2CAT1(config-router)#do sir ei
>
> Rack2CAT1(config-router)#do sir ei
>
> Rack2CAT1(config-router)#do sir ei
>
> Just as a test, using the BGP style also does not work;
>
> Rack2CAT1(config-router)#access-list 140 per ip h 148.5.214.8 h
255.255.255.248
> Rack2CAT1(config)#router eigrp 147
> Rack2CAT1(config-router)#distribute-list 139
>
> Rack2CAT1(config-router)#do sir ei
>
> Rack2CAT1(config-router)#do sir ei
>
> Rack2CAT1(config-router)#do sir ei
>
> What do you think?
> I am wondering if it is better to forget about it (no useful) and just use
standard ACL with EIGRP/RIP/OSPF)
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Loc Pham: "RE: IWEB Lab 14 Task 5.11 IS-IS in HUB-n-SPOKE"
• Previous message: kumara.shunmugam@wipro.com: "RE: IWEB Lab 14 Task 5.11 IS-IS in HUB-n-SPOKE"
• Maybe in reply to: gladston@br.ibm.com: "Extended ACL with EIGRP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:18 GMT-3