10-17-2023 08:55 AM - last edited on 10-19-2023 02:56 AM by Translator
Hello all,
I'm looking for a solution to filtering specific routes being advertised from an adjacent neighbour but no filtered from other routers via EIGRP.
I have tried the following configuration, but this blocks all updates from all routers for the 172.17.0.0/16, I want to block routes from only one router, 172.19.128.26 but allow updates for all other routers.
access-list 26 remark DENY EIGRP UPDATES 172.17.0.0
access-list 26 deny 172.17.0.0 0.0.255.255
access-list 26 permit any route-map EIGRP-IN permit 26
match ip address 26
router eigrp 2000
distribute-list route-map EIGRP-IN in
Solved! Go to Solution.
10-17-2023 12:25 PM - last edited on 10-19-2023 03:04 AM by Translator
Hello
@murray.bown wrote:
I'm looking for a solution to filtering specific routes being advertised from an adjacent neighbour but no filtered from other routers via EIGRP.
Example1:
access-list 10 permit 172.17.0.0 0.0.255.255
router eigrp 2000
distance 255 172.19.128.26. 0.0.0.0 10
Example2: use an extended acl when not directly adjacent -
Source ip = advertising rtr,
Destination ip = network/host to be filtered
access-list 100 deny host 172.19.128.26 172.17.0.0 0.0.255.255
access-list 100 permit ip any any
router eigrp 2000
distribute-list 100 in <neighbour interfaces>
10-17-2023 09:09 AM - last edited on 10-19-2023 03:07 AM by Translator
use same except add
distribute-list route-map EIGRP-IN <<- add interface
you recive update from
this way you can filter from specific neighbour
10-17-2023 09:26 AM - last edited on 10-19-2023 03:09 AM by Translator
Hello,
If you want to block updates from a specific peer you can use an Extended ACL with the
distribute list
. See example below:
access-list 111 deny ip host <ip> any <- ip in this sense is the neighbor IP
access-list 111 permit ip any any
router eigrp <AS#>
distribute-list 111 in [interface] -
if you don't specify an interface it will apply to all interfaces. Since the peer is likely directly connected you would probably use the
interface
command as well.
EIGRP is a distance vector so its basically "routing by rumor" in a sense. As each device receives a network it passes it along to its other EIGRP neighbors. If you are trying to block a specific network from a device, lets say several hops away then the above mentioned will not work. If that is your desired goal then other methods may have to be employed. If this does not resolve your issue can you provide more details such as configuration and a diagram of what you have and what you are trying to achieve?
-David
10-17-2023 12:25 PM - last edited on 10-19-2023 03:04 AM by Translator
Hello
@murray.bown wrote:
I'm looking for a solution to filtering specific routes being advertised from an adjacent neighbour but no filtered from other routers via EIGRP.
Example1:
access-list 10 permit 172.17.0.0 0.0.255.255
router eigrp 2000
distance 255 172.19.128.26. 0.0.0.0 10
Example2: use an extended acl when not directly adjacent -
Source ip = advertising rtr,
Destination ip = network/host to be filtered
access-list 100 deny host 172.19.128.26 172.17.0.0 0.0.255.255
access-list 100 permit ip any any
router eigrp 2000
distribute-list 100 in <neighbour interfaces>
10-19-2023 01:49 AM
Thank you so much for your support.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide