RE: distribute-list x in - warning....why? from Aaron on 2012-01-26 (Ccielab archives 01/2012)

From: Aaron <aaron1_at_gvtc.com>
Date: Thu, 26 Jan 2012 08:05:13 -0600

That's right Tom, thanks. Nuclear weapon is what it said, hence my concern
in understanding why they would put worth such a caution.

Thanks for the real-world explanation and use case you had.

Aaron

From: marc edwards [mailto:renorider_at_gmail.com]
Sent: Wednesday, January 25, 2012 10:29 PM
To: Tom Kacprzynski
Cc: Aaron; Cisco certification
Subject: Re: distribute-list x in - warning....why?

I believe Cisco 360 reference guide dubbed it the 'nuclear weapon' of
routing. Most likely put in that context because you can nuke the whole
routing table by basically stopping advertised routes from populating the
RIB of any IGP neighborship. Another thing to note is that it will not stop
the advertisements of neighbors on the wire but instead blocks them inbound.
This might be desired but recognize it does add overhead on the line that
could be avoided by filtering routes where they originate and issuing a
'distribute list out' on the originating router instead.

There are definitely use cases for it. It has been a great help for me in
certain situations. One being a large L3 DC with many devices sharing core
routing tables. Hard to do distribute list out when all routers need the
table and there are redundant paths to reach a packet destination. Easier to
go out to the edge routers and issue distribute list in... maybe all that
needs to be advertised downstream are a few subnets in the DC and default
route....

hth,

Marc

On Wed, Jan 25, 2012 at 5:55 PM, Tom Kacprzynski <tom.kac_at_gmail.com> wrote:

Are you referencing using distribute-list in on any routing protocol or
just OSPF?

On Wed, Jan 25, 2012 at 7:07 PM, Aaron <aaron1_at_gvtc.com> wrote:

> I read something today about the following being dangerous during
> redistribution...
>
>
>
> Distribute-list X in
>
>
>
> .can someone please explain why this is dangerous? And more specifically,
> if it's the part about doing it during redistribution that makes it so
> dangerous or is it dangerous to do with routing period?
>
>
>
> Aaron
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Jan 26 2012 - 08:05:13 ART

This archive was generated by hypermail 2.2.0 : Thu Feb 02 2012 - 11:52:52 ART