hi all, suppose i have 4 routers connected via frame-relay with only their physical interfaces. R1 R2 R3 R4. R1 is the hub where R2, R3, R4 are spokes. Now at R1 i want to configure policy such that the networks learned via R3 are not propagated to R4. I am running RIPv2 on my network. i want to filter updates based on neighbours so kindly let me know how can i do it. i dont want to use any tunnels, nor any subinterfaces, now is there any way to do it ?? in my quest of doing it using several methods i found that cisco has tried to make sure it CANT be done :-), any 1 knows how to do it ?
Hey there... you mentioned that your routers are connected via "physical interfaces". Did you mean that all routers are connected via multipoint frame-relay? If that is the case, you'll have problems with routing updates. You see, with multipoint interfaces, when, say, R2 sends its update to R1, R1 will NOT send the update to any other routers, because of split-horizon rule. I'd suggest you to create point-to-point sub-interfaces instead. Alternatively, you can turn off split-horizon.
With point-to-point sub-interfaces, you can filter routing updates from R1 to other spoke routers by using distribute-list command.
Hi michael, currently all routers are getting updates of each other, split horizon is disabled, and i dont want to use subinterfaces since i want to know that whether we can achieve this via any filtering mechanism or not :-)
OK. Not sure then, 'cuz distribute-list filters by egress interface, so I guess you wouldn't be able to use that. BGP is the only protocol I know of that you can filter routes per neighbor.
How about, making all interfaces passive on all routers. Since all rip multicast upates are sent with a ttl of 2, this means when a spoke send rip update it will go to hub, then onto other spokes.
Instead configure rip for unicast updates, via the neighbour command under rip (also use passive-interface default), so on the hub you would have nieghbour statements for all spokes, on the spoke just for for the hub.
Turn split horizon on and the hub should not advertise the routes back out.
If it still does, then you could use a distribute on inbound on the spokes to only allow what you want, or just deny what you dont want!
yes lee, thanks but we surely can do filtering inbound right, but can we do it outbound on per neighbour basis ? like i dont want to configure any filtering on spokes but just on R1, so in my view its no possible, what do you guys think, i cant figure out any way to make this happen via configuring any such policy on R1, what do you guys think ?
If you enable passive interface default, with neighbour statements, and enable split horizon on the hub, then this will achieve this.
hi lee, how come ? if i enable split horizon then in that case R4 updates wont be propagated to any other spokes ! i just want to prevent R4 updates to R3 only but they should be allowed on R2, i hope its clear now, plz advice now
Ahh ok, yes you are right.
Well in that case then, on r4 and r4, configure a neighbour statement for each other, aswell as the hub,
That should do the trick.
Firstly enable unicast routing updates.
Then use offset-list. On R3 define an offset-list for subnets on R4 with metric 15. R3 when receives updates for subnets to R4 from hub for a metric of 15, will add 1 more hop to it & installin RIB as 16. Since 16 is unreachable in RIP, R3 will never be able to reach those subnets.
Any expert would like to comment on this?