hi all, suppose i have 4 routers connected via frame-relay with only their physical interfaces. R1 R2 R3 R4. R1 is the hub where R2, R3, R4 are spokes. Now at R1 i want to configure policy such that the networks learned via R3 are not propagated to R4. I am running RIPv2 on my network. i want to filter updates based on neighbours so kindly let me know how can i do it. i dont want to use any tunnels, nor any subinterfaces, now is there any way to do it ?? in my quest of doing it using several methods i found that cisco has tried to make sure it CANT be done :-), any 1 knows how to do it ?
Hey there... you mentioned that your routers are connected via "physical interfaces". Did you mean that all routers are connected via multipoint frame-relay? If that is the case, you'll have problems with routing updates. You see, with multipoint interfaces, when, say, R2 sends its update to R1, R1 will NOT send the update to any other routers, because of split-horizon rule. I'd suggest you to create point-to-point sub-interfaces instead. Alternatively, you can turn off split-horizon.
With point-to-point sub-interfaces, you can filter routing updates from R1 to other spoke routers by using distribute-list command.
How about, making all interfaces passive on all routers. Since all rip multicast upates are sent with a ttl of 2, this means when a spoke send rip update it will go to hub, then onto other spokes.
Instead configure rip for unicast updates, via the neighbour command under rip (also use passive-interface default), so on the hub you would have nieghbour statements for all spokes, on the spoke just for for the hub.
Turn split horizon on and the hub should not advertise the routes back out.
If it still does, then you could use a distribute on inbound on the spokes to only allow what you want, or just deny what you dont want!
yes lee, thanks but we surely can do filtering inbound right, but can we do it outbound on per neighbour basis ? like i dont want to configure any filtering on spokes but just on R1, so in my view its no possible, what do you guys think, i cant figure out any way to make this happen via configuring any such policy on R1, what do you guys think ?
Firstly enable unicast routing updates.
Then use offset-list. On R3 define an offset-list for subnets on R4 with metric 15. R3 when receives updates for subnets to R4 from hub for a metric of 15, will add 1 more hop to it & installin RIB as 16. Since 16 is unreachable in RIP, R3 will never be able to reach those subnets.
Any expert would like to comment on this?