From: Ramy Sisy (ramysisy@inspiredmaster.com)
Date: Tue Jul 22 2008 - 04:42:33 ART
Hi Huan,
It is not something specific for RIP, but it is how to filter routing
updates using distribute-list as a filtering mechanism.
http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_pi1.html#w
p1018093
BEST REGARDS,
RAMY SISY, CCIE X 2 (SECURITY, ROUTING/SWITCHING)#17321, CCSI#30417
CCIE PROGRAM MANAGER
INSPIRED MASTER
INSPIRING CREATIVE THINKING ....
WWW.INSPIREDMASTER.COM
E. RAMYSISY@INSPIREDMASTER.COM
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Huan
Pham
Sent: Monday, July 21, 2008 11:27 PM
To: ccielab@groupstudy.com
Subject: RIP route filtering using Extended ACL
Hi GS,
I can not find the guide on the use of extended ACL to filter RIP
routes. May someone please point me the link to this section. Many
thanks.
The following config is from a vendor workbook. It's to prevent the
route 150.1.7.0/24 learnt via router 155.1.0.1 off interface Serial0.
access-list 199 deny ip host 155.1.0.1 host 150.1.7.0
access-list 199 permit ip any any
router rip
version 2
network 150.1.0.0
network 155.1.0.0
distribute-list 199 in Serial0
no auto-summary
I usually make mistake with creating extended ACL for this purpose. I do
tend to put subnet route first (source address portion), and the gateway
after (destination address). The right ACL should be created in the
reverse order, as above. I can not find relevant info in the RIP
configuration guide, nor in command reference. Help in understanding
this command is appreciated.
Huan,
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART