RIP Offset-list

Unanswered Question
May 5th, 2008
User Badges:

i have a question regarding Offset-list


access-list 1 permit 10.0.14.0 0.0.1.255


if i want to allow a specific port or ip address wat should access list looks like



offset-list 1 in 5 Serial1/1


wat is the difference if i applied offset-list to an interface or if i applied it to an ip address given on an interface ????

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Kevin Dorrell Mon, 05/05/2008 - 02:42
User Badges:
  • Green, 3000 points or more

The access list tells you which routes you are going to add the metric to. The port tells you which interface to do it on.


Taking your example, the route to 10.0.14.0/23 (or any of its subnets) will have 5 added to it whenever its advertisment is received on S1/1. The same prefixes received on any other interface will be unmodified. Any prefix that is not 10.0.14.0/23 (or its subnets) will be unmodified, regardless of which inteface the advertisment is received on.


So you need both of those commands.


Does that answer your question? I wasn't 100% clear what you were asking.


Kevin Dorrell

Luxembourg


mounir.mohamed Mon, 05/05/2008 - 02:43
User Badges:
  • Gold, 750 points or more

Dear Saud,


As far as i understand you are asking about ACL and Offset-list (correct me if i'm wrong)

First of all Access-list is a kind of packet filtering that used for basic security tasks in Cisco IOS.


Offset-list used by routing protocols ex. RIP to *increase* the metric for amount of routes received through one interface or specific route and this is to influence the routing decision for this path or prefix, in case if we need to increase the metric for specific route/subnet you should create access-list that match the route in then call it under the routing process with offset-list, if the interface attribute is missing on the offset-list command all routes matches with the ACL will be modified regardless which interface the prefixes received on


Hope that help.


Best Regards,

Mounir Mohamed

Richard Burts Mon, 05/05/2008 - 03:11
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Saud


I believe that your question shows a slight misunderstanding of the use of access list and offset list. In particular when you ask:

if i want to allow a specific port or ip address wat should access list looks like


This question seems to be looking at the access list as if it were a packet filter - which is the most common use of access lists. But in this case the access list is being used to identify routes in the routing protocol whose metric should be increased.


As Kevin and Mounir have pointed out the offset list will increase the metric of specified routes by an amount that you configure in the offset list command. You can apply the offset list as inbound or outbound on a specific interface. In this case the offset list will increase the metric of the specified route on that interface but not other interfaces. Or you can configure the offset list without specifying any interface and in this case it increases the metric on the specified route no matter what interface it is learned on.


HTH


Rick

Actions

This Discussion