03-24-2008 11:32 AM - edited 03-05-2019 09:56 PM
Hi,
Is there a way to block RIP updates 'outbound' on a router interface ?
I realise that it is probably better to block them 'inbound' to save unnecessary processing. But I cannot get outbound to work. I am using the following acl :
access-list 100 deny udp any any eq rip
int e0
ip access-group 100 out
Regards,
Phil.
Solved! Go to Solution.
03-24-2008 11:56 AM
Phil
Apologies Phil, didn't mean to patronise you.
No this won't work because an access-list applied outbound on an interface does not stop packets sourced by the router itself.
Jon
03-24-2008 11:39 AM
Hi Phil
You can use the "passive-interface" command to achieve this ie. from Cisco doc
=============================================
For RIP and IGRP, the passive interface command stops the router from sending updates to a particular neighbor, but the router continues to listen and use routing updates from that neighbor;
=============================================
Full link
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080208748.shtml
HTH
Jon
03-24-2008 11:44 AM
Thanks John,
I understand the passive-interface operation. Can you confirm if it is or isn't possible though to filter the udp broadcasts 'outbound' a router interface ?
Regards,
Phil.
03-24-2008 11:56 AM
Phil
Apologies Phil, didn't mean to patronise you.
No this won't work because an access-list applied outbound on an interface does not stop packets sourced by the router itself.
Jon
03-24-2008 12:18 PM
Hi John,
No need to apologise. I am just trying to do things in as many different ways as possible so that my options remain open.
Regards,
Phil.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide