Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
445
Views
0
Helpful
4
Replies

How to filter incoming routes

hsbc001
Level 1
Level 1

‎11-27-2001 10:32 PM - edited ‎03-01-2019 07:31 PM

Would anyone please tell me how to write access-list to filter incoming routes as follows?

Incoming Routes:

10.0.0.0/8, 10.0.0.0/9, 10.10.0.0/16

Wanted Route:

10.0.0.0/8

I have tried to use the following methods but it didn't work:

Method 1 --

distribute-list 10 in

access-list 10 permit 10.0.0.0

Result => Only 10.10.0.0/16 is filtered

Method 2 --

distribute-list 10 in

access-list 10 permit 10.0.0.0 0.255.255.255

Result => no routes are filtered.

Method 3 --

distribute-list 101 in

access-list 101 permit ip 10.0.0.0 0.0.0.0 255.0.0.0 0.0.0.0

Result => all routes are filtered.

I don't know how to write access-list to control the incoming routes down to subnet mask.

Thanks!!!!

Labels:
0 Helpful
4 Replies 4

r_nabiev
Level 1
Level 1

‎11-28-2001 03:09 AM

Try this

Method 4 --

distribute list 100 in

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255

I didn't try it, but hope it works.

/Rustam

0 Helpful

svermill
Level 4
Level 4

‎11-29-2001 10:38 AM

You might want to try a permit statement of 10.0.0.0 0.0.0.0

That is an exact match of 10.0.0.0. However, there might be better ways to go about it depending on your overall network. Just not redistributing subnets would be one example I think.

0 Helpful

jambern
Level 1
Level 1

‎11-29-2001 11:55 AM

You could also look at using a prefix-list. Depending on what routing protocol you are using

changes the way you apply it.

Ex. ip prefix-list prefix-list-name permit 10.0.0.0/8

router bgp 100

network 20.1.1.1

neighbor 30.1.1.1 remote-as 300

neighbor 30.1.1.1 prefix-list prefix-list-name in

This would only allow the 10.0.0.0/8 network and deny

every other network. I haven't tested this but it is another way to filter at the net prefix.

0 Helpful

hsbc001
Level 1
Level 1
In response to jambern

‎11-30-2001 12:08 AM

Thanks a lot for all of them!!!

Before reading your reply, I tried to use Prefix-list to do route filtering. I'm very surprise that the prefix-list can be applied on any classless routing protocols, not just BGP. I'd like to share with you.

Sure-Win Method -- :>

!

router eigrp 10

...

distribute-list prefix TEST in

!

ip prefix-list TEST seq 1 permit 10.0.0.0/8

!

Result => Only 10.0.0.0/8 is received.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card