05-09-2015 08:18 PM - edited 03-05-2019 01:25 AM
Hello, I'm trying to understand why a route-map I've configured isn't filtering a route. Below is a screenshot of the GNS3 topology I'm working on. I am trying to Filter the route, 192.168.192.32/37(R3's Loopback1) on Router R6 towards R9. I do not want R9 to be able to route to the 192.168.192.32/27 network. I've applied the following route-map to R6's Interface Fa 0/1 in the "out" direction. However I can still hit the .192.54 address on R3. What am I missing?
router eigrp 1
network 10.0.2.0 0.0.0.255
network 20.0.0.0 0.0.0.255
distribute-list route-map filter-192 out FastEthernet0/1
no auto-summary
ip prefix-list RM-192 seq 5 permit 192.168.192.32/27
!
route-map filter-192 deny 10
match ip address prefix-list RM-192
!
route-map filter-192 permit 15
I do have a summary route on R6, Interface Fa 0/1 for 192.168.0.0/16, does this make a difference? I thought the route-map would match the more specific route. Thank you for any help on this.
Solved! Go to Solution.
05-10-2015 07:48 AM
Rob
If the route for the specific network isn't in R9's routing table then it looks like your route filtering worked.
As to why you can still ping the loopback it all depends on what is in R9's routing table.
It's not clear whether you are saying there is a default route but if there is then that would allow the ping to work.
Jon
05-10-2015 06:52 AM
Are you saying you are advertising 192.168.0.0/16 to R9 ?
If so then it doesn't matter whether you filter the more specific 192.168.192.32/27 because R9 still has a route to the loopback using the summary route.
Jon
05-10-2015 07:41 AM
Thanks Jon, However, I removed the summary route from R6 and I can still ping that network from R9. Could it be that because my default route passes through R3 that those packets are still being delivered to the 192.168.192.32/27 network? I do not see a route to the network on R9 but I can still ping it.
Thanks,
Rob
05-10-2015 07:48 AM
Rob
If the route for the specific network isn't in R9's routing table then it looks like your route filtering worked.
As to why you can still ping the loopback it all depends on what is in R9's routing table.
It's not clear whether you are saying there is a default route but if there is then that would allow the ping to work.
Jon
05-10-2015 11:02 AM
Thank you Jon, that helped out quite a bit. I didn't realize that even though the specific route was being blocked via the route-map, that the traffic would still make it to the destination via the default-route. To test your post above, I simply stopped advertising the default-route and you're correct, the traffic to 192.168.192.32/27 from R9 stopped pinging. Thanks for the help.
R9#show ip route
Gateway of last resort is 20.0.0.2 to network 0.0.0.0 <-- Removed
192.168.128.0/25 is subnetted, 1 subnets
D 192.168.128.128 [90/463360] via 20.0.0.2, 00:04:34, FastEthernet0/0
20.0.0.0/24 is subnetted, 1 subnets
C 20.0.0.0 is directly connected, FastEthernet0/0
D 200.20.16.0/24 [90/358400] via 20.0.0.2, 15:40:42, FastEthernet0/0
10.0.0.0/24 is subnetted, 8 subnets
D 10.0.8.0 [90/363520] via 20.0.0.2, 00:02:15, FastEthernet0/0
D 10.0.2.0 [90/307200] via 20.0.0.2, 14:56:15, FastEthernet0/0
D 10.0.3.0 [90/332800] via 20.0.0.2, 14:56:17, FastEthernet0/0
D 10.0.1.0 [90/309760] via 20.0.0.2, 14:56:17, FastEthernet0/0
D 10.0.6.0 [90/335360] via 20.0.0.2, 14:34:36, FastEthernet0/0
D 10.0.7.0 [90/337920] via 20.0.0.2, 14:56:17, FastEthernet0/0
D 10.0.4.0 [90/332800] via 20.0.0.2, 14:34:46, FastEthernet0/0
D 10.0.5.0 [90/335360] via 20.0.0.2, 14:56:19, FastEthernet0/0
11.0.0.0/24 is subnetted, 1 subnets
C 11.0.0.0 is directly connected, Loopback1
D 192.168.1.0/24 [90/463360] via 20.0.0.2, 00:04:38, FastEthernet0/0
D* 0.0.0.0/0 [90/363520] via 20.0.0.2, 00:02:14, FastEthernet0/0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide