01-08-2009 04:05 AM - edited 03-04-2019 03:22 AM
Hi all,
need enlightenment, i try to configure "distribute-list out" to filter rip routing update. the goal is to access one destination(in this case Lopbck1 on router 1) from different source/segment through different link as well. my configuration as below (unfortunetly doesn't work)
-------------
on router 1
interface Loopback0
ip address 10.10.10.1 255.255.255.0
!
interface Serial0/2/0
ip address 192.168.0.1 255.255.255.252
!
interface Serial0/2/1
ip address 192.168.0.5 255.255.255.252
!
router rip
version 2
network 10.0.0.0
network 192.168.0.0
on router 2
interface Loopback0
ip address 20.20.20.1 255.255.255.0
!
interface Loopback1
ip address 40.10.10.1 255.255.255.0
!
interface Serial0/0/0
ip address 192.168.0.2 255.255.255.252
!
interface Serial0/0/1
ip address 192.168.0.6 255.255.255.252
!
router rip
version 2
network 20.0.0.0
network 40.0.0.0
network 192.168.0.0
distribute-list viaS0/0/0 out Serial0/0/0
distribute-list inboundany in Serial0/0/0
distribute-list viaS0/0/1 out Serial0/0/1
distribute-list inboundany in Serial0/0/1
!
ip access-list standard inboundany
permit any
!
ip access-list standard viaS0/0/0
permit 20.20.20.0 0.0.0.255
permit 192.168.0.0 0.0.0.2
deny any log
ip access-list standard viaS0/0/1
permit 40.10.10.0 0.0.0.255
permit 192.168.0.4 0.0.0.2
deny any log
check on access-list no packet match. appreciate your input
thanks
jimmy
01-08-2009 04:08 AM
hello Jimmy,
try to disable auto-summary
router rip
version 2
no auto-summary
or at major network boundary it will try to send out
10/8
20/8 instead of the subnets
if so the access-list cannot match as a result of auto-summarization
note:
the inverse mask for 255.255.255.252 is
0.0.0.3 not 0.0.0.2
the wildcard bits are the last two so comes the 0.0.0.3
a math rule is 255 - subnetmask.byte
hope to help
Giuseppe
01-08-2009 05:13 AM
Hi,
i did it and the acl works, but if i wan't to make source 20.20.20.1 go to 10.10.10.1 only via S0/0/0 and 40.10.10.1 go to 10.10.10.1 only via S0/0/1, is my ACL rule correct?
01-08-2009 11:17 AM
Hello Jim,
>> if i wan't to make source 20.20.20.1 go to 10.10.10.1 only via S0/0/0 and 40.10.10.1 go to 10.10.10.1 only via S0/0/1, is my ACL rule correct?
It is correct but can be not enough you need to think to the return path also.
A better solution would be that of using multiple offset-lists that is a tool that allow to modify the cost of routes in a selective basis (using an ACL) in this way you can make the preferred paths but you still have redundancy should one link fail the other link could be used for all traffic.
In a lab this is not important but in real world it is
Hope to help
Giuseppe
01-08-2009 04:11 AM
hi jimmy,
configure no auto-summary on your both routers. RIP summarises at classful boundary.
All d best!
Jerome
01-08-2009 05:32 AM
hi,
if on rip has redistribute BGP and on BGP has no auto-summary, it's not necessary put no auto-summary on RIP,is it rite?
01-08-2009 11:35 AM
Jimmy
For the purposes of your question it does not matter whether BGP has no auto-summary or not. If you are concerned about what RIP will advertise then you must have no auto-summary under router rip.
HTH
Rick
01-08-2009 06:41 PM
hi all,
thanks for enlightenment. it's helpful alot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide