Re: EIGRP distribute-list and redistribute connected

sebastien3 · ‎05-20-2024

Hello,

router eigrp EIGRP
 !        
 address-family ipv4 unicast autonomous-system 10
  !       
  af-interface default
   passive-interface
  exit-af-interface
  !       
  af-interface Tunnel1
   no passive-interface
  exit-af-interface
!
  topology base
   distribute-list prefix NO_IP-TUN1 out Tunnel1
   redistribute connected route-map MY_PREFIXE
!
route-map MY_PREFIXE permit 10
 description *** list of authorized Loopback ***
 match ip address 20
!
ip prefix-list NO_IP-TUN1 seq 5 deny 10.0.0.1/32
access-list 20 permit 192.168.1.100
access-list 20 permit 192.168.2.100

I want to not distribute the IP address of Tunnel 1 interface (10.0.0.1) => It's OK with NO_IP-TUN1 out
I want to redistribute only the prefixes being in access-list 20 using the MY_PREFIXE route-map in EIGRP.

With the configuration above this does not work, no IP from access-list 20 is redistributed !
If I add the following rule ip prefix-list NO_IP-TUN1 seq 10 permit 0.0.0.0/0 le 32 the IP present on the router (with code C - connected) are all redistributed even if they are not in the access-list 20...

What is my mistake ?

Thanks

MHM Cisco World · ‎05-20-2024

I dont get your Q' you use tunnel as no passive interface and this make eigrp established via tunnel and now you dont want to redistrubte it??

Can you elaborate what is your topolgy and what is goal of eigrp

Thanks

MHM

sebastien3 · ‎05-20-2024

To avoid having recursive routing via the tunnel interface.I recover the EIGRP topology from the other neighbor connected via the tunnel.

Here my problem is on the management of redistributing the prifixes that I want.

MHM Cisco World · ‎05-20-2024

I guess that

You need different eigrp AS for tunnel IP

There is no othet solution

MHM

sebastien3 · ‎05-20-2024

Why ? I don't understand the point of having a second process...

MHM Cisco World · ‎05-20-2024

One eigrp AS for tunnel source

Other eigrp AS for tunnel IP itself.

These prevent recursive routing issue because no more the tunnel source is reachable via tunnel itself.

Goodluck

MHM

Scott Leport · ‎05-20-2024

Are you advertising your tunnel source in EIGRP? That could be a reason why you're running into the recursive routing issue.

sebastien3 · ‎05-20-2024

Sorry... When rereading my first post I made a mistake !

I want to not distribute the IP address of Gi0/0/1 (10.0.0.1) via Tunnel1 interface => It's OK with NO_IP-TUN1 out :

interface Tunnel1
tunnel source GigabitEthernet0/0/1

MHM Cisco World · ‎05-20-2024

If you excluded tunnel source in distribute list' then that OK

No more routing issue

MHM

sebastien3 · ‎05-20-2024

@MHM Cisco World wrote:
If you excluded tunnel source in distribute list' then that OK

I just excluded the address 10.0.0.1 from the Gi0/0/1 interface on EIGRP : ip prefix-list NO_IP-TUN1 seq 5 deny 10.0.0.1/32

My problem is that the route-map MY_PREFIXE is not executed...

MHM Cisco World · ‎05-20-2024

you use redistribute connect in to EIGRP

this must include all connect and exclude the tunnel source

I make this lab for you how you can config redistribute connect route-map and distribute list

MHM

MHM Cisco World · ‎05-20-2024

I use prefix-list because I prefer use it in redistribute and other filtering of any prefix.

I dont recommend use standard or extended ACL for filter prefix

MHM

sebastien3 · ‎05-20-2024

I use prefix-list because I prefer use it in redistribute and other filtering of any prefix.
I dont recommend use standard or extended ACL for filter prefix

Can you tell me why it is better to use prefix-list versus standard or extended ACL ?

@David Ruess: Thanks !

MHM Cisco World · ‎05-20-2024

This my recommendation' it not mandatory.

And why because prefix list is easy to config and understand.

Using ACL to filter prefix have many point to consider' especially extended ACL.

So if we have simple solution we should use it.

That all.

MHM

David Ruess · ‎05-20-2024

Hello,

You should be able to accomplish this a couple of ways.

First: You could just use network statements for the EIGRP process for the networks you have in ACL 20. If you only put those 2 network statements it wont advertise the 10.0.0.0 network.

Second: You could just eliminate the DL altogether. Using only the redistribute command with the PREFIX LIST and ROUTE-MAP should just redistribute the 2 networks in the prefix-list.

-David