Hey guys,
I am playing with EIGRP and wanted to mess with some ACLs to verify my
understanding of the query and reply process.
I have an ACL below on one router where I am hoping to allow eigrp multicast
packets but deny any unicast.
ip access-list extended block-eigrp
permit eigrp any host 224.0.0.10
deny eigrp any any
interface serial0/0
ip access-group block-eigrp out
This doesn't seem to block router EIGRP unicast packets at all. I have got
around this by blocking at the other end in the 'in' direction but I am just
curious as to why this isn't working.
My thoughts are it has something to do with the fact that the traffic is
originated from the router itself and as such is not subject to the rules of
the ACL. No matches on the ACL seems to confirm this.
Local policy routing?
Thanks,
-Aaron.
Blogs and organic groups at http://www.ccie.net
Received on Tue Jul 05 2011 - 11:50:27 ART
This archive was generated by hypermail 2.2.0 : Mon Aug 01 2011 - 06:30:05 ART