From: Matt Bentley (mattdbentley@gmail.com)
Date: Sat Jun 07 2008 - 18:15:04 ART
Thanks for everyone's advice so far. I hope I am not persisting in a wrong
thought, though it's very possible.
I see it this way:
There is some reverse logic going on here:
When you are using distribute lists, offset-lists, and distance, anything
that you DENY in an acl is NOT filtered. Anything that you PERMIT is
filtered.
For example:
offset-list TEST 16 in fa0/0
ip access-list standard TEST
deny 1.1.1.1
permit any
The 1.1.1.0 prefix would be the only prefix appear - as you are denying it
from being filtered. Everything else would be filtered.
If I were to do this
ip access-list standard TEST
permit 1.1.1.1
Then only 1.1.1.0 would be filtered, and everything else denied.
I know this wouldn't work, but is it along the right track? Thanks for
everybody's comments
R1:
ip cef
class-map match-all FILTER
match not access-group 1
match protocol rip
policy-map FILTER2
class FILTER
drop
router eigrp 100
redistribute rip route-map RIP->EIGRP metric 1 1 1 1 1
route-map RIP->EIGRP
match ip add 1
access-list 1 permit [the one prefix]
On Sat, Jun 7, 2008 at 4:22 PM, Joseph Brunner <joe@affirmedsystems.com>
wrote:
> >This infers a DENY in the ACL being used (you can only use one ACL for
> both
> >tasks).
>
> NO actually it does not mean you must DENY anything... as a matter of fact
> the word deny need not appear in the entire config to do this... Simply
> don't permit the 9 filtered routes, and they will be effectively denied
> without every saying so.
>
> Q> what is at the end of every ACL, with at least 1 permit line?
> A> a deny any...
>
> Q> what happens to any route that is not matched by a route-map permit
> sequence if that route-map is referenced during redistribution?
> A> the route is not redistributed.
>
> I would recommend re-reading the Wendell odom ccie exam certification
> guide's page on route-map matching not/matching routes, with permit and
> deny
> sequences.
>
> -Joe
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Matt
> Bentley
> Sent: Saturday, June 07, 2008 3:52 PM
> To: Luca Hall
> Cc: ccielab@groupstudy.com
> Subject: Re: Tough Filtering Question
>
> Hello Luca:
>
> Tough part is that you can only use one ACL for both tasks. In order to
> have the route in your table to redistribute it into EIGRP, you must
> prevent it from being filtered, correct? This infers a DENY in the ACL
> being used (you can only use one ACL for both tasks). Since you must use a
> deny - I think, then you would be denying that route from getting
> redistributed. Once again, key here is you are only allowed a single ACL
> for both tasks. Thanks again
>
> On Sat, Jun 7, 2008 at 3:44 PM, Luca Hall <lhall@setnine.com> wrote:
>
> >
> > so if the routes 10.10.10.0/24 cant you just:
> >
> > access-list 5 permit 10.10.10.0
> > router rip
> > distribute-list 5 in <interface>
> >
> > route-map RIP->EIGRP permit 10
> > match ip address 5
> >
> > router eigrp X
> > redistribute rip route-map RIP->EIGRP metric 1 1 1 1 1
> >
> > wheres the tough part? if you have to use denys just deny the other
> > 9 routes in the acl and permit any any or permit the specific one.
> >
> >
> > ----- Original Message -----
> > From: Matt Bentley <mattdbentley@gmail.com>
> > To: ccielab@groupstudy.com
> > Sent: Sat, 7 Jun 2008 15:09:42 -0400 (EDT)
> > Subject: Tough Filtering Question
> >
> > Hi GS:
> >
> > Ran across this one on a lab.
> >
> > Requirement #1: R1 is receiving 10 RIP routes from BB1, you want to
> filter
> > out all except 1. You must use a standard ACL
> > Requirement #2: You want to redistribute only that one route received
> from
> > BB1 from RIP into EIGRP on R1, restricting the redistribution to only
> that
> > single route. The ACL you use to restrict must be the same as the one
> used
> > to filter from BB1.
> >
> > Using distance, offset-lists, and distribute-lists, you have to DENY that
> > single RIP route to prevent it getting filtered. Correct? How can you
> use
> > that same ACL to PERMIT it to be redistributed into EIGRP.
> >
> > Thanks in advance.
> >
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:21 ART