From: ALL From_NJ (all.from.nj@gmail.com)
Date: Wed Feb 04 2009 - 14:16:53 ARST
You rock man! Thanks for sharing your test results ...
On Wed, Feb 4, 2009 at 11:13 AM, Rsharma <cciers09@gmail.com> wrote:
> Its true that default behavior is for the check to be ON.
>
> I just played with default behavior and disabled Validation check by
> command no validate-update-source .
>
> and routers started exchanging routes .but when i disabled spilt horizon on
> incoming interface .router started looking for validation check even though
> *no validate-update-source *
> command exist .
>
> So this caused me to look for a relation with Split Horizon and
> Validation-update-source check .
>
> Cheers!!!
> Rsharma :-)
> On Tue, Feb 3, 2009 at 6:51 PM, ALL From_NJ <all.from.nj@gmail.com> wrote:
>
>> Well ... the cool thing is that the default behavior is for the check to
>> be on. I never saw the split horizon comment until I looked this up, so as
>> I understand it, with or without split horizon, this check will happen. Did
>> you find different?
>>
>> I forgot all the 'rules and caveats' with this ... but having secondary
>> addressing on a peer neighbor can cause some problems.
>>
>> If updates are sourced from the secondary address, and this secondary
>> address is from another network than the peering router, then you would need
>> to use the 'no' keyword in order for rip to accept the updates.
>>
>>
>>
>>
>> On Tue, Feb 3, 2009 at 12:17 PM, Rsharma <cciers09@gmail.com> wrote:
>>
>>> Hi ,
>>>
>>> Just want to knw the reason behind it that Disabling split horizon on the
>>> incoming interface cause the system to perform this validation check .
>>>
>>> I tried this with Dynamip lab and its correct but i wasnt able to
>>> co-relate Split Horizon with Validate check .
>>>
>>> Thanks!!!!!!
>>> Rsharma :-)
>>>
>>> ALL From_NJ wrote:
>>>
>>>> I am learning to search the docs ... I have a feeling I will need
>>>> them!!! ;-)
>>>>
>>>> Here is a link to this command (watch the ugly word wrap):
>>>>
>>>> http://www.cisco.com/en/US/docs/ios/iproute/command/reference/irp_rip.html#wp1012874
>>>>
>>>> Copied and pasted from the link:
>>>>
>>>> To have the Cisco IOS software validate the source IP address of
>>>> incoming routing updates for Routing Information Protocol (RIP) and Interior
>>>> Gateway Routing Protocol (IGRP) routing protocols, use the
>>>> validate-update-source command in router configuration mode. To disable this
>>>> function, use the no form of this command.
>>>>
>>>> validate-update-source
>>>> no validate-update-source
>>>>
>>>> ---->>>> Usage Guidelines
>>>>
>>>> This command is applicable only to RIP and IGRP. The software ensures
>>>> that the source IP address of incoming routing updates is on the same IP
>>>> network as one of the addresses defined for the receiving interface.
>>>>
>>>> Disabling split horizon on the incoming interface will also cause the
>>>> system to perform this validation check.
>>>>
>>>> For unnumbered IP interfaces (interfaces configured as IP unnumbered),
>>>> no checking is performed.
>>>> Examples
>>>>
>>>> The following example configures a router not to perform validation
>>>> checks on the source IP address of incoming RIP updates:
>>>>
>>>> router rip
>>>> network 10.105.0.0
>>>> no validate-update-source
>>>>
>>>> HTH,
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, Feb 2, 2009 at 1:43 PM, Rsharma <cciers09@gmail.com <mailto:
>>>> cciers09@gmail.com>> wrote:
>>>>
>>>> Hi,
>>>>
>>>> Validate Update source command in RIPv2 n IGRP .
>>>> What exactly is being scanned by protocol to validate ....????
>>>>
>>>> can anyone zoom on Validate action ??
>>>>
>>>> Thanks
>>>> Rsharma
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Andrew Lee Lissitz
>>>> all.from.nj@gmail.com <mailto:all.from.nj@gmail.com>
>>>>
>>>
>>>
>>
>>
>> --
>> Andrew Lee Lissitz
>> all.from.nj@gmail.com
>>
>
>
-- Andrew Lee Lissitz all.from.nj@gmail.comBlogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST