From: Toh Soon, Lim (tohsoon28@gmail.com)
Date: Wed Aug 01 2007 - 18:07:40 ART
Hi All,
I have this lab scenario. R1 learns the following RIP routes:
R1#sh ip ro ri
R 192.168.4.0/24 [120/1] via 150.50.200.254, 00:00:07, FastEthernet0/1
R 192.168.1.0/24 [120/1] via 150.50.200.254, 00:00:07, FastEthernet0/1
R 192.168.2.0/24 [120/1] via 150.50.200.254, 00:00:07, FastEthernet0/1
R 192.168.3.0/24 [120/1] via 150.50.200.254, 00:00:07, FastEthernet0/1
Question 1
---------------
Filter the 192.168.4.0. My first thought of the solution is as follows:
!
access-list 1 deny 192.168.4.0
access-list 1 permit any
!
router rip
distribute-list 1 in Fas0/1
!
It works. My practice of matching routes when using standard ACL is without
the wildcard mask, i.e. it defaults to 0.0.0.0. But I've seen some people
configure the mask e.g. "access-list 1 deny 192.168.4.0 0.0.0.255". I don't
see any problems with both methods in this case because the received prefix
addresses will be Logical ANDed to the wildcard mask and then match to the
address in the ACL. Though I always think that the latter method is
typically for matching traffic, e.g. ACLs applied to interfaces for packet
filtering. Do correct me if my concept is wrong.
I could also configure using prefix-list:
!
ip prefix-list BLOCK4 seq 5 deny 192.168.4.0/24
ip prefix-list BLOCK4 seq 10 permit 0.0.0.0/0 le 32
!
router rip
distribute-list prefix BLOCK4 in Fas0/1
!
Kindly clear my doubts on which method conforms to best practice and should
be typically used in the lab exam.
Question 2
---------------
If neighboring routers are sending RIPv1, make sure R1 does not pay
attention to updates.
I solved this by configuring "ver 2" under "router rip", i.e. R1 will
send/receive only v2 updates. Mixing RIPv1 and RIPv2 operations can
sometimes make me very confused. Is it really important to know RIPv1 in
details?
Thank you.
B.Rgds,
Lim TS
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:09 ART