distribute-list on RIP

Unanswered Question
Jan 8th, 2009
User Badges:

Hi all,

need enlightenment, i try to configure "distribute-list out" to filter rip routing update. the goal is to access one destination(in this case Lopbck1 on router 1) from different source/segment through different link as well. my configuration as below (unfortunetly doesn't work)

-------------

on router 1

interface Loopback0

ip address 10.10.10.1 255.255.255.0

!

interface Serial0/2/0

ip address 192.168.0.1 255.255.255.252

!

interface Serial0/2/1

ip address 192.168.0.5 255.255.255.252

!

router rip

version 2

network 10.0.0.0

network 192.168.0.0


on router 2


interface Loopback0

ip address 20.20.20.1 255.255.255.0

!

interface Loopback1

ip address 40.10.10.1 255.255.255.0

!

interface Serial0/0/0

ip address 192.168.0.2 255.255.255.252

!

interface Serial0/0/1

ip address 192.168.0.6 255.255.255.252

!

router rip

version 2

network 20.0.0.0

network 40.0.0.0

network 192.168.0.0

distribute-list viaS0/0/0 out Serial0/0/0

distribute-list inboundany in Serial0/0/0

distribute-list viaS0/0/1 out Serial0/0/1

distribute-list inboundany in Serial0/0/1

!

ip access-list standard inboundany

permit any

!

ip access-list standard viaS0/0/0

permit 20.20.20.0 0.0.0.255

permit 192.168.0.0 0.0.0.2

deny any log

ip access-list standard viaS0/0/1

permit 40.10.10.0 0.0.0.255

permit 192.168.0.4 0.0.0.2

deny any log


check on access-list no packet match. appreciate your input


thanks

jimmy


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (3 ratings)
Loading.
Giuseppe Larosa Thu, 01/08/2009 - 04:08
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

hello Jimmy,

try to disable auto-summary


router rip

version 2

no auto-summary


or at major network boundary it will try to send out

10/8

20/8 instead of the subnets


if so the access-list cannot match as a result of auto-summarization


note:

the inverse mask for 255.255.255.252 is

0.0.0.3 not 0.0.0.2

the wildcard bits are the last two so comes the 0.0.0.3

a math rule is 255 - subnetmask.byte


hope to help

Giuseppe


jimmymbara Thu, 01/08/2009 - 05:13
User Badges:

Hi,

i did it and the acl works, but if i wan't to make source 20.20.20.1 go to 10.10.10.1 only via S0/0/0 and 40.10.10.1 go to 10.10.10.1 only via S0/0/1, is my ACL rule correct?

Giuseppe Larosa Thu, 01/08/2009 - 11:17
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Jim,


>> if i wan't to make source 20.20.20.1 go to 10.10.10.1 only via S0/0/0 and 40.10.10.1 go to 10.10.10.1 only via S0/0/1, is my ACL rule correct?


It is correct but can be not enough you need to think to the return path also.

A better solution would be that of using multiple offset-lists that is a tool that allow to modify the cost of routes in a selective basis (using an ACL) in this way you can make the preferred paths but you still have redundancy should one link fail the other link could be used for all traffic.


In a lab this is not important but in real world it is


Hope to help

Giuseppe


jaybizzel Thu, 01/08/2009 - 04:11
User Badges:

hi jimmy,


configure no auto-summary on your both routers. RIP summarises at classful boundary.


All d best!

Jerome

jimmymbara Thu, 01/08/2009 - 05:32
User Badges:

hi,

if on rip has redistribute BGP and on BGP has no auto-summary, it's not necessary put no auto-summary on RIP,is it rite?

Richard Burts Thu, 01/08/2009 - 11:35
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Jimmy


For the purposes of your question it does not matter whether BGP has no auto-summary or not. If you are concerned about what RIP will advertise then you must have no auto-summary under router rip.


HTH


Rick

jimmymbara Thu, 01/08/2009 - 18:41
User Badges:

hi all,

thanks for enlightenment. it's helpful alot.

Actions

This Discussion