From: Ramy Sisy (ramysisy@inspiredmaster.com)
Date: Tue Jul 22 2008 - 07:50:15 ART
Huan,
Would you please share this question "ONLY IF" it does not violate IE
policy?
I think it will be OK with Brians to only post this question. "I guess :) "
BEST REGARDS,
RAMY SISY, CCIE X 2 (SECURITY, ROUTING/SWITCHING)#17321, CCSI#30417
CCIE PROGRAM MANAGER
INSPIRED MASTER
INSPIRING CREATIVE THINKING ....
WWW.INSPIREDMASTER.COM
E. RAMYSISY@INSPIREDMASTER.COM
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Huan
Pham
Sent: Tuesday, July 22, 2008 2:51 AM
To: 'Huan Pham'; ccielab@groupstudy.com; Ramy Sisy
Subject: RE: RIP route filtering using Extended ACL
Hi Ramy,
Thanks for the link. However, I think the link is for old IOS, as it only
mentions the standard ACL only. Filtering routes using standard ACL is
straight forward task.
I am looking specifically for info about filtering routes using Extended
ACL.
You may ask why. It is just because I came accross this in IE WB VOl1
ver5.0,
and there's no explaination about it.
As far as the lab is concerned, the task may specifically rule out the use
of
other method (route-map, filter-list using gateway command) or specifically
ask us to use extended ACL to complete a task. We would be "stuck in active"
if we do not know how to solve the problem using an extended ACL.
Cheers,
Huan
--- On Tue, 7/22/08, Ramy Sisy <ramysisy@inspiredmaster.com> wrote:
From: Ramy Sisy <ramysisy@inspiredmaster.com>
Subject: RE: RIP route filtering using Extended ACL
To: "'Huan Pham'" <Huan.Pham@peopletelecom.com.au>, ccielab@groupstudy.com
Date: Tuesday, July 22, 2008, 5:42 PM
Hi Huan,
It is not something specific for RIP, but it is how to filter routing
updates using distribute-list as a filtering mechanism.
http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_pi1.html#w
p1018093
BEST REGARDS,
RAMY SISY, CCIE X 2 (SECURITY, ROUTING/SWITCHING)#17321, CCSI#30417
CCIE PROGRAM MANAGER
INSPIRED MASTER
INSPIRING CREATIVE THINKING ....
WWW.INSPIREDMASTER.COM
E. RAMYSISY@INSPIREDMASTER.COM
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Huan
Pham
Sent: Monday, July 21, 2008 11:27 PM
To: ccielab@groupstudy.com
Subject: RIP route filtering using Extended ACL
Hi GS,
I can not find the guide on the use of extended ACL to filter RIP
routes. May someone please point me the link to this section. Many
thanks.
The following config is from a vendor workbook. It's to prevent the
route 150.1.7.0/24 learnt via router 155.1.0.1 off interface Serial0.
access-list 199 deny ip host 155.1.0.1 host 150.1.7.0
access-list 199 permit ip any any
router rip
version 2
network 150.1.0.0
network 155.1.0.0
distribute-list 199 in Serial0
no auto-summary
I usually make mistake with creating extended ACL for this purpose. I do
tend to put subnet route first (source address portion), and the gateway
after (destination address). The right ACL should be created in the
reverse order, as above. I can not find relevant info in the RIP
configuration guide, nor in command reference. Help in understanding
this command is appreciated.
Huan,
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART