From: Hobbs (deadheadblues@gmail.com)
Date: Wed Feb 04 2009 - 20:27:56 ARST
Hello Roger,
Yes, it appears to work that way:
R4#sho ip osp ne
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - 00:00:35 192.168.34.3 Serial1/1
5.5.5.5 0 FULL/ - 00:00:32 192.168.45.5 Serial1/0
R4#sho ip route | inc 34.3
Gateway of last resort is 192.168.34.3 to network 0.0.0.0
O 192.168.23.0/24 [110/6] via 192.168.34.3, 00:00:10, Serial1/1
O 192.168.3.0/24 [110/2] via 192.168.34.3, 00:00:10, Serial1/1
O*E2 0.0.0.0/0 [110/1] via 192.168.34.3, 00:00:05, Serial1/1
Next hop is 192.168.34.3, router-id is 3.3.3.3
Now I make the list:
R4(config)#ip prefix-list R3 permit 3.3.3.3/32
R4(config)#router ospf 1
R4(config-router)#distribute-list gateway R3 in serial 1/1
R4(config-router)#^Z
R4#clear ip route *
No more routes from 34.3:
R4#sho ip route | inc 34.3
R4#
-hth
On Wed, Feb 4, 2009 at 3:11 PM, Roger RPF <rpf@bluemail.ch> wrote:
> Luan,
>
> In the first link of your post, it is written (according to this cisco guy)
> that with OSPF it is the router-id of the neighbor...as I would imagine.
>
> Copy from this mail of the link...
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> Hi George... following is an explanation by Faraz Shamim @cisco.
>
> //snip//
>
> This is a generic options for all the routing protocols not just OSPF.
> Gateway is the ip address of the neighbor whom you receive a routing update
> from. This term make more sense in RIP and IGRP. Incase of OSPF its the
> router ID of the neighbor.
>
> Lets say you want to block full or partial routing update from a neighbor on
> a broadcast segment like ethernet. If you do passive interface in case of
> OSPF then it will affect all the neighbors on that segment so one option
> there is to use gateway with distribute-list.
>
> Note, this option is only valid for inbound distribute-list. Outbound
> distribute-list will not work and it does not make sense, thats why its not
> supported.
>
> //snip//
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> So I guess I really have to check it once with ospf, for the other protocols
> it is clear to me...
> Can one proof the correct behavior with OSPF???
>
>
> regards
>
> Roger
>
>
> -----Urspr|ngliche Nachricht-----
> Von: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Im Auftrag von
> Luan Nguyen
> Gesendet: Mittwoch, 4. Februar 2009 21:58
> An: 'Tim'; 'Cisco certification'; security@groupstudy.com
> Betreff: RE: distribute-list gateway
>
> Here's a link
> http://www.cisco.com/en/US/docs/ios/12_1/iproute/command/reference/1rdrip.ht
> ml#wp1025003
>
> Link to older group study post:
> http://www.groupstudy.com/archives/ccielab/200206/msg00924.html
>
> Use prefix-list with next-hop IP address and not router-ID.
>
> Regards,
>
> Luan Nguyen
> Chesapeake NetCraftsmen, LLC.
> [W] http://www.netcraftsmen.net
> [M] luan@netcraftsmen.net
> [Blog] http://cnc-networksecurity.blogspot.com/
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Tim
> Sent: Wednesday, February 04, 2009 11:57 AM
> To: 'Cisco certification'; security@groupstudy.com
> Subject: distribute-list gateway
>
> Hi Guys,
>
>
>
> Is the above command undocumented?
>
>
>
> I couldn't find it in the command reference or by using the command lookup
> tool.
>
>
>
> If the command is documented somewhere, could you post the link to it?
>
>
>
>
>
> Also, when using this command with ospf, should the ip of the neighbor
> router be specified with the router ID or the ip add assigned to the
> interface from which the updates are coming?
>
>
>
> Thanks in advance,
>
> Tim
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST