Re: Filtering RIP routes

From: Narbik Kocharians (narbikk@gmail.com)
Date: Thu Aug 02 2007 - 10:14:50 ART

• Next message: Paul Dardinski: "RE: Notice Verisign's aggressive seling?"
• Previous message: Sadiq Yakasai: "External Linear Flash memory keeps crashing a 3640"
• Maybe in reply to: Toh Soon, Lim: "Filtering RIP routes"
• Next in thread: Peter Kingston: "Re: Filtering RIP routes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Prefix-lists, YES they are

On 8/1/07, Peter Kingston <kingstonp.ccie@gmail.com> wrote:
>
> I was under the impression that prefix-lists aren't supported for RIP.
>
> Please correct me if I am wrong.
>
>
> --
> Regards,
>
> Peter Kingston
> Studying my CCIE
>
>
> On 8/2/07, Toh Soon, Lim <tohsoon28@gmail.com> wrote:
> >
> > Hi All,
> >
> > I have this lab scenario. R1 learns the following RIP routes:
> >
> > R1#sh ip ro ri
> > R 192.168.4.0/24 [120/1] via 150.50.200.254, 00:00:07,
> FastEthernet0/1
> > R 192.168.1.0/24 [120/1] via 150.50.200.254, 00:00:07,
> FastEthernet0/1
> > R 192.168.2.0/24 [120/1] via 150.50.200.254, 00:00:07,
> FastEthernet0/1
> > R 192.168.3.0/24 [120/1] via 150.50.200.254, 00:00:07,
> FastEthernet0/1
> > Question 1
> > ---------------
> > Filter the 192.168.4.0. My first thought of the solution is as follows:
> >
> > !
> > access-list 1 deny 192.168.4.0
> > access-list 1 permit any
> > !
> > router rip
> > distribute-list 1 in Fas0/1
> > !
> >
> > It works. My practice of matching routes when using standard ACL is
> > without
> > the wildcard mask, i.e. it defaults to 0.0.0.0. But I've seen some
> people
> > configure the mask e.g. "access-list 1 deny 192.168.4.0 0.0.0.255". I
> > don't
> > see any problems with both methods in this case because the received
> > prefix
> > addresses will be Logical ANDed to the wildcard mask and then match to
> the
> > address in the ACL. Though I always think that the latter method is
> > typically for matching traffic, e.g. ACLs applied to interfaces for
> packet
> > filtering. Do correct me if my concept is wrong.
> >
> > I could also configure using prefix-list:
> >
> > !
> > ip prefix-list BLOCK4 seq 5 deny 192.168.4.0/24
> > ip prefix-list BLOCK4 seq 10 permit 0.0.0.0/0 le 32
> > !
> > router rip
> > distribute-list prefix BLOCK4 in Fas0/1
> > !
> >
> > Kindly clear my doubts on which method conforms to best practice and
> > should
> > be typically used in the lab exam.
> >
> > Question 2
> > ---------------
> > If neighboring routers are sending RIPv1, make sure R1 does not pay
> > attention to updates.
> >
> > I solved this by configuring "ver 2" under "router rip", i.e. R1 will
> > send/receive only v2 updates. Mixing RIPv1 and RIPv2 operations can
> > sometimes make me very confused. Is it really important to know RIPv1 in
> > details?
> >
> >
> > Thank you.
> >
> > B.Rgds,
> > Lim TS
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Narbik Kocharians
CCIE# 12410 (R&S, SP, Security)
CCSI# 30832
www.Net-WorkBooks.com

• Next message: Paul Dardinski: "RE: Notice Verisign's aggressive seling?"
• Previous message: Sadiq Yakasai: "External Linear Flash memory keeps crashing a 3640"
• Maybe in reply to: Toh Soon, Lim: "Filtering RIP routes"
• Next in thread: Peter Kingston: "Re: Filtering RIP routes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:09 ART