Re: Can't filter prefix longer than 24 from OSPF to RIP

From: nhatphuc (nhatphuc@gmail.com)
Date: Tue Jan 01 2008 - 14:29:52 ARST

Hi Keith,

I used tag and the longer than 24 prefixes was filtered.

Thank you all for your help

Phuc

On Jan 1, 2008 2:00 AM, keith tokash <ktokash@hotmail.com> wrote:

> I remember this scenario from IE. There are two points of mutual
> redistribution between RIP and OSPF. Did you tag the routes being
> redistributed on both R1 and R3? I know the solution guide just tagged them
> "110" and "120", but I tagged them 1110, 1120, 3110, and 3120, so I could
> jump on SW2 and do a show ip route x.x.x.x and see the tag nice and
> easily. It helps track down if you have leakage where you don't expect it.
>
> With a few exceptions, secrecy is deeply incompatible with democracy and
> with science.
> --Carl Sagan
>
> > From: huan.pham@valuenet.com.au
> > To: nhatphuc@gmail.com
> > CC: ccielab@groupstudy.com
> > Subject: RE: Can't filter prefix longer than 24 from OSPF to RIP
> > Date: Tue, 1 Jan 2008 01:45:05 +1100
>
> >
> > Hi,
> >
> > It looks like that R1 already learnt about those subnets via RIP as
> well.
> > (including the one with subnets more than 25).
> >
> > Your config tells that R1 can only advertise RIP routes via Fa0/0, all
> other
> > interfaces are passive, this does not prevent R1 from receiving RIP
> routes
> > from other passive interfaces.
> >
> > > > router rip
> > > > version 2
> > > > redistribute ospf 1 metric 1 route-map OSPF->RIP
> > > > passive-interface default
> > > > no passive-interface FastEthernet0/0
> >
> > Could you pls disable redistribution from OSPF to RIP, and do show ip
> route,
> > or show ip rip database, and see if those routes you want to filter
> already
> > exist in your RIP table.
> >
> > router rip
> > version 2
> > no redistribute ospf 1 metric 1 route-map OSPF->RIP
> >
> > Cheers,
> >
> > Huan
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > nhatphuc
> > Sent: Monday, 31 December 2007 11:24 PM
> > To: Gary Duncanson
> > Cc: ccielab@groupstudy.com
> > Subject: Re: Can't filter prefix longer than 24 from OSPF to RIP
> >
> > See my answer below
> >
> > Thanks
> > Phuc
> >
> > On Dec 31, 2007 5:51 PM, Gary Duncanson <gary.duncanson@googlemail.com>
> > wrote:
> >
> > > Hi Phuc,
> > >
> > > Have you tried restarting the ospf process or clear ip route on SW2?
> >
> >
> > SW2 and R1 run RIP and I tried "clear ip route *" on SW2
> >
> > >
> > >
> > > Can SW2 receive these routes from somewhere other than R1 perhaps?
> >
> >
> > I don't think so because the next hop is from 163.1.18.1
> >
> >
> > >
> > >
> > > Gary
> > >
> > > ----- Original Message -----
> > > From: "nhatphuc" <nhatphuc@gmail.com>
> > > To: "Cisco certification" <ccielab@groupstudy.com>
> > > Sent: Monday, December 31, 2007 10:08 AM
> > > Subject: Can't filter prefix longer than 24 from OSPF to RIP
> > >
> > >
> > > > HI Group,
> > > >
> > > > Please help why I can't filter prefix longer than 24 redistributed
> into
> > > > RIP
> > > > from OSPF:
> > > >
> > > > This is my config:
> > > >
> > > > R1
> > > >
> > > > router rip
> > > > version 2
> > > > redistribute ospf 1 metric 1 route-map OSPF->RIP
> > > > passive-interface default
> > > > no passive-interface FastEthernet0/0
> > > > network 163.1.0.0
> > > > no auto-summary
> > > > !
> > > > ip forward-protocol nd
> > > > !
> > > > ip http server
> > > > no ip http secure-server
> > > > !
> > > > ip prefix-list NOT_LONGER24 seq 5 permit 0.0.0.0/0 le 24
> > > > !
> > > > route-map OSPF->RIP permit 10
> > > > match ip address prefix-list NOT_LONGER24
> > > >
> > > > DEBUG IP RIP on R1:
> > > >
> > > > *Dec 31 17:42:39.209: RIP: sending v2 update to 224.0.0.9 via
> > > > FastEthernet0/0 (163.1.18.1)
> > > > *Dec 31 17:42:39.209: RIP: build update entries
> > > > *Dec 31 17:42:39.209: 10.0.0.0/8 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.2.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.3.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.4.0/23 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.4.4/32 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.5.5/32 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.6.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.7.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 150.1.8.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.0.0/25 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.0.128/25 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.3.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.4.0/24 via 0.0.0.0, metric 1, tag 0
> > > > Rack1R1#
> > > > *Dec 31 17:42:39.209: 163.1.5.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.6.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.7.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.12.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.13.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.13.3/32 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.15.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.35.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.38.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.45.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.45.5/32 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 163.1.54.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: RIP: build update entries
> > > > *Dec 31 17:42:39.209: 163.1.57.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 192.10.1.0/24 via 0.0.0.0, metric 1, tag 0
> > > > *Dec 31 17:42:39.209: 204.12.1.0/24 via 0.0.0.0, metric 1, tag 0
> > > >
> > > > SW2 still see route longer than 24 from R1 (163.1.18.1)
> > > > SW2#
> > > > R 204.12.1.0/24 [120/1] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 163.1.0.0/25 [120/4] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 163.1.6.0/24 [120/1] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 163.1.13.3/32 [120/4] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 163.1.12.0/24 [120/1] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 150.1.6.0/24 [120/4] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 150.1.3.0/24 [120/4] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 150.1.2.0/24 [120/1] via 163.1.18.1, 00:00:04, FastEthernet0/21
> > > > R 150.1.5.5/32 [120/4] via 163.1.18.1, 00:00:05, FastEthernet0/21
> > > > R 150.1.4.4/32 [120/4] via 163.1.18.1, 00:00:05, FastEthernet0/21
> > > >
> > > > Thanks
> > > >
> > > > Phuc
> > > >
> > > >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> ------------------------------
> The best games are on Xbox 360. Click here for a special offer on an Xbox
> 360 Console. Get it now! <http://www.xbox.com/en-US/hardware/wheretobuy/>

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:37:57 ARST