Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How to filter incoming routes

Would anyone please tell me how to write access-list to filter incoming routes as follows?

Incoming Routes:

10.0.0.0/8, 10.0.0.0/9, 10.10.0.0/16

Wanted Route:

10.0.0.0/8

I have tried to use the following methods but it didn't work:

Method 1 --

distribute-list 10 in

access-list 10 permit 10.0.0.0

Result => Only 10.10.0.0/16 is filtered

Method 2 --

distribute-list 10 in

access-list 10 permit 10.0.0.0 0.255.255.255

Result => no routes are filtered.

Method 3 --

distribute-list 101 in

access-list 101 permit ip 10.0.0.0 0.0.0.0 255.0.0.0 0.0.0.0

Result => all routes are filtered.

I don't know how to write access-list to control the incoming routes down to subnet mask.

Thanks!!!!

4 REPLIES
New Member

Re: How to filter incoming routes

Try this

Method 4 --

distribute list 100 in

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255

I didn't try it, but hope it works.

/Rustam

New Member

Re: How to filter incoming routes

You might want to try a permit statement of 10.0.0.0 0.0.0.0

That is an exact match of 10.0.0.0. However, there might be better ways to go about it depending on your overall network. Just not redistributing subnets would be one example I think.

New Member

Re: How to filter incoming routes

You could also look at using a prefix-list. Depending on what routing protocol you are using

changes the way you apply it.

Ex. ip prefix-list prefix-list-name permit 10.0.0.0/8

router bgp 100

network 20.1.1.1

neighbor 30.1.1.1 remote-as 300

neighbor 30.1.1.1 prefix-list prefix-list-name in

This would only allow the 10.0.0.0/8 network and deny

every other network. I haven't tested this but it is another way to filter at the net prefix.

New Member

Re: How to filter incoming routes

Thanks a lot for all of them!!!

Before reading your reply, I tried to use Prefix-list to do route filtering. I'm very surprise that the prefix-list can be applied on any classless routing protocols, not just BGP. I'd like to share with you.

Sure-Win Method -- :>

!

router eigrp 10

...

distribute-list prefix TEST in

!

ip prefix-list TEST seq 1 permit 10.0.0.0/8

!

Result => Only 10.0.0.0/8 is received.

111
Views
0
Helpful
4
Replies