cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1116
Views
0
Helpful
8
Replies

EIGRP Route Filtering

BlueyVIII
Level 1
Level 1

Hi,

We have an EIGRP network that we need to connect to a 3rd party. We've agreed that the 3rd Party will join our EIRGP AS so we can swap dynamic routes, however, I want to filter the routes they send to be absolutely sure we don't recevie any unauthorised routes if they

inadvertently make a config mistake.

I know I can apply an inboud distribute list, however, I suspect this would apply to the whole EIGRP process. As there are only really 2 routes that I need to receive from the 3rd party network I was hoping that I could apply a distribute list that only applies to the 3rd party router (ie, appy the distribute list to the ethernet interface which connects to the 3rd party network).

Is this possible?? Or is there a better alternative?? (I've considered redistributing to another protocol or EIGRP AS but would like to avoid this if possible).

Any help greatfully received.

1 Accepted Solution

Accepted Solutions

Do you have access to the router to see if you can apply the filter inbound per neighbor?

router eigrp 1

 network 192.168.0.0

 neighbor 192.168.1.1 Ethernet 0/0 distribute-list test in

If not then you would need to do it per vrf/address family

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfeigrp.html#wp1030091

HTH

View solution in original post

8 Replies 8

Richard Burts
Hall of Fame
Hall of Fame

It is possible to apply a distribute list to a specific interface when using EIGRP as the routing protocol. Here is a reference in Cisco documentation:

To filter networks received in updates, use the distribute-list in command in address family or router configuration mode. To disable this function, use the no form of this command.

distribute-list {access-list-number | prefix prefix-list-name [gateway prefix-list-name]} in [interface-type interface-number]

Here is the URL if you want more detail:

http://www.cisco.com/en/US/partner/docs/ios/12_2/iproute/command/reference/1rfeigrp.html#wp1030091

HTH

Rick

HTH

Rick

Thanks Rick - When I click that link I get a "Forbidden File or Application" error.....

.

For the link Rick provided you need a CCO account

try this one:

http://www.cisco.com/en/US/docs/ios/iproute_eigrp/command/reference/ire_i1.html#wp1038865

HTH

Thanks Guys - For the link Rick posted I tried using my CCO login but it still didn't work.

Reza, the link you posted works but I'm not sure which command I should be referencing??

Do you have access to the router to see if you can apply the filter inbound per neighbor?

router eigrp 1

 network 192.168.0.0

 neighbor 192.168.1.1 Ethernet 0/0 distribute-list test in

If not then you would need to do it per vrf/address family

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfeigrp.html#wp1030091

HTH

Thanks for the reply Reza...just one more query before I implement this.

If I add the command "neigbour 192.168.1.1 Ethernet 0/0 distribution-list test in" will my router ignore all of the other neighbour routers or will the other routers continue to operate as normal and only this neighbour will have the distribute list appled?

The distribute-list applies only to the neighbor that is connected to this interface (in this example Ethernet 0/0 ).

it does not effect any other neighbor.

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: