From: Gustavo Novais (gustavo.novais@novabase.pt)
Date: Tue Sep 20 2005 - 10:43:29 GMT-3
Hi again,
Kept testing what I was facing and I was able to determine what was wrong.
We must think of the distribute-list out ROUTINGPROTOCOL, as a filter to routes COMING from that protocol, instead as GOING TO that protocol... Rookie mistake, I checked the Bible for enlightnement (TCP-IP VOL1), although reading it the first time one could get the wrong idea.
The configuration that works is
router eigrp 1
network 192.168.23.0
no auto-summary
!
router ospf 1
log-adjacency-changes
redistribute eigrp 1 subnets
network 192.168.12.0 0.0.0.255 area 0
distribute-list 1 out eigrp 1 <<<--------------HERE EIGRP as the source of the routes
!
access-list 1 deny 10.0.3.0 0.0.0.255
access-list 1 permit 150.50.3.0 0.0.0.255
Just to check it, we can see that there is no LSA on OSPF database.
R2#sh ip ospf database
OSPF Router with ID (10.0.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
10.0.2.2 10.0.2.2 985 0x80000003 0x00B66E 1
172.16.0.1 172.16.0.1 1052 0x80000004 0x009E7F 3
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
192.168.12.1 172.16.0.1 1053 0x80000001 0x00AE8B
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.0.0.0 172.16.0.1 1123 0x80000001 0x0078FB
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
150.50.3.0 10.0.2.2 981 0x80000001 0x005274 0
R2#sh ip ospf database exte
R2#sh ip ospf database external
OSPF Router with ID (10.0.2.2) (Process ID 1)
Type-5 AS External Link States
LS age: 988
Options: (No TOS-capability, DC)
LS Type: AS External Link
Link State ID: 150.50.3.0 (External Network Number )
Advertising Router: 10.0.2.2
LS Seq Number: 80000001
Checksum: 0x5274
Length: 36
Network Mask: /24
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0
External Route Tag: 0
R2#
I'm just posting it, because as I did this stupid mistake... someone else can do it also.
Thanks
Gustavo
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Gustavo Novais
Sent: terga-feira, 20 de Setembro de 2005 12:39
To: Cisco certification
Subject: Distribute-list out ospf
Hello
I'm testing the funcionality of distribute-list commands.
I have three routers speaking OSPF and EIGRP according to the diagram
(R1)------OSPF-----(R2)------EIGRP-----(R3)
The route table of R2 is
R2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, FastEthernet0/0
172.16.0.0/24 is subnetted, 1 subnets
O 172.16.0.0 [110/2] via 192.168.12.1, 00:09:35, FastEthernet0/0
172.21.0.0/24 is subnetted, 1 subnets
D 172.21.0.0 [90/156160] via 192.168.23.3, 00:10:11,
FastEthernet0/1
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
D 10.0.3.0/24 [90/156160] via 192.168.23.3, 00:10:11,
FastEthernet0/1
C 10.0.2.2/32 is directly connected, Loopback0
O IA 10.0.0.0/24 [110/2] via 192.168.12.1, 00:09:36, FastEthernet0/0
C 192.168.23.0/24 is directly connected, FastEthernet0/1
150.50.0.0/16 is variably subnetted, 2 subnets, 2 masks
O 150.50.0.1/32 [110/2] via 192.168.12.1, 00:09:36,
FastEthernet0/0
D 150.50.3.0/24 [90/156160] via 192.168.23.3, 00:10:12,
FastEthernet0/1
R2#
I'm trying to filter some routes learned from EIGRP, so that they are not propagated to OSPF, using distribute-list 1 out ospf 1 on eigrp
R2 config follows
router eigrp 1
network 192.168.23.0
distribute-list 1 out ospf 1
no auto-summary
!
router ospf 1
log-adjacency-changes
redistribute eigrp 1 subnets
network 192.168.12.0 0.0.0.255 area 0
!
!
access-list 1 deny 10.0.3.0 0.0.0.255
access-list 1 permit 150.50.3.0 0.0.0.255 !
The problem is that all routes are passing, where they shouldn't. I don't see any match on ACL's R2#sh access-lists Standard IP access list 1
10 deny 10.0.3.0, wildcard bits 0.0.0.255
20 permit 150.50.3.0, wildcard bits 0.0.0.255
And on R1 I see all routes
R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.12.0/24 is directly connected, FastEthernet0/0
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.0.0 is directly connected, Loopback1
172.21.0.0/24 is subnetted, 1 subnets
O E2 172.21.0.0 [110/20] via 192.168.12.2, 00:14:01, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
O E2 10.0.3.0 [110/20] via 192.168.12.2, 00:14:01, FastEthernet0/0
C 10.0.0.0 is directly connected, Loopback0
O E2 192.168.23.0/24 [110/20] via 192.168.12.2, 00:14:01, FastEthernet0/0
150.50.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 150.50.0.1/32 is directly connected, Loopback2
O E2 150.50.3.0/24 [110/20] via 192.168.12.2, 00:14:02,
FastEthernet0/0
R1#
I think I'm missing something, not understanding the purpose of the command or then encountered a bug.
Any comments will be appreciated
TIA
Gustavo
This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:15 GMT-3