From: Fahad Khan (fahad.khan@gmail.com)
Date: Tue Jul 22 2008 - 07:39:27 ART
well, i am still unable to understand , how Ext ACL is used in RIP(with
dist-list) and why? Can any one shed more light over it?
Thanks and regards,
On Tue, Jul 22, 2008 at 3:00 AM, Huan Pham <pnhuan@yahoo.com> wrote:
> Hi Khan,
>
>
>
> Thanks for the example. Appearently, the use of extended ACL in the BGP
> example is another hair pulling exersize.
>
>
>
> But we can use extended ACL for RIP as well, as shown in my example.
>
>
>
> Cheers,
>
>
> --- On *Tue, 7/22/08, Fahad Khan <fahad.khan@gmail.com>* wrote:
>
> From: Fahad Khan <fahad.khan@gmail.com>
> Subject: Re: RIP route filtering using Extended ACL
> To: "Huan Pham" <Huan.Pham@peopletelecom.com.au>
> Cc: ccielab@groupstudy.com
> Date: Tuesday, July 22, 2008, 7:00 PM
>
> Futher more,
>
> Remember! IP access-list number <1-199> (shown below) is meaning full
> *only*,
> when you want to perform route filtering in *BGP*
>
> R1(config-router)#distribute-list ?
> <1-199> IP access list number
> <1300-2699> IP expanded access list number
> WORD Access-list name
> gateway Filtering incoming updates based on gateway
> prefix Filter prefixes in routing updates
>
>
> In rip and other IGPs, distribute-list works with standard ACL only but
> in BGP it can work with extanded ACL as well.
>
> Go through the link below,
> http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801310cb.shtml#acclists
>
>
> Thanks and regards,
>
>
> On Mon, Jul 21, 2008 at 11:26 PM, Huan Pham
> <Huan.Pham@peopletelecom.com.au>
> wrote:
>
> > Hi GS,
> >
> > I can not find the guide on the use of extended ACL to filter RIP
> > routes. May someone please point me the link to this section. Many
> > thanks.
> >
> > The following config is from a vendor workbook. It's to prevent the
> > route 150.1.7.0/24 learnt via router 155.1.0.1 off interface Serial0.
> >
> > access-list 199 deny ip host 155.1.0.1 host 150.1.7.0
> > access-list 199 permit ip any any
> >
> > router rip
> > version 2
> > network 150.1.0.0
> > network 155.1.0.0
> > distribute-list 199 in Serial0
> > no auto-summary
> >
> >
> > I usually make mistake with creating extended ACL for this purpose. I do
> > tend to put subnet route first (source address portion), and the gateway
> > after (destination address). The right ACL should be created in the
> > reverse order, as above. I can not find relevant info in the RIP
> > configuration guide, nor in command reference. Help in understanding
> > this command is appreciated.
> >
> >
> > Huan,
> >
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
>
>
> --
> *FAHAD KHAN
>
> BE Computer Systems NED,
>
> CCNA,CCDA,CCNP,FOUNDFE,CLSE,
> QOS,JNCIA,JNCIS,MCP,CCIE (Written)
>
> Systems Support Engineer, Premier Systems (Pvt) limited,
>
> Karachi, Pakistan
>
> 92-321-2370510*.
>
>
> _______________________________________________________________________
> Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html
>
>
-- *FAHAD KHANBE Computer Systems NED,
CCNA,CCDA,CCNP,FOUNDFE,CLSE,QOS,JNCIA,JNCIS,MCP,CCIE (Written)
Systems Support Engineer, Premier Systems (Pvt) limited,
Karachi, Pakistan
92-321-2370510.*
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART