RIP distribute-list question

tvo · ‎09-22-2006

Hi,

I have a question about RIP routing:

I have 2 routers (A and B) connected to each other via an ATM wan link.

Each router has several routes in his routingtable.

For example: router A has a route to 10.0.0.0/16, 10.0.1.0/24, 10.0.2.0/24,...

Router A has to advertise to router B the 10.0.0.0/16 and not the /24's.

I've created an access-list 1:

access-list 1 permit 10.0.0.0 0.0.255.255.

And put it in the router rip:

distribute-list 1 out atm1/0

Unfortunately the /16 is advertised, but so are the /24's.

When I change the ACL to:

access-list 1 deny 10.0.1.0 0.0.0.255

access-list 1 deny 10.0.2.0 0.0.0.255

access-list 1 permit 10.0.0.0 0.0.255.255

No routes are being advertised at all by rip and counters on the first deny are rising.

Has anybody got an idea ?

Thanks,

tom

ariela · ‎09-23-2006

Hi Tom,

RIP automatically summarizes to classful network boundaries.

From http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_configuration_guide_chapter09186a00800d97f7.html#wp1001118

"Cisco routers can summarize routes in two ways:

- Automatically, by summarizing subprefixes to the classful network boundary when crossing classful network boundaries (autosummary)

- As specifically configured, advertising a summarized local IP address pool on the specified interface, (on a network access server) so that the address pool can be provided to dialup clients

Autosummary addressing always summarizes to the classful address boundary, while the ip summary-address command summarizes addresses on a specified interface. If autosummary addressing is enabled, autosummarization is the default behavior for interfaces on the router not associated with dial-in clients (the "backbone"), with or without the ip summary-address rip interface subcommand present.

For example, if a local IP address pool of 10.1.1.1 to 10.1.1.254 is configured on the network access server, you could configure the ip summary-address rip 10.1.1.0 255.255.255.0 command on the network access server port that provides addresses to dialup clients to cause the router to advertise 10.1.1.0/24 routes to dialup clients. Because a summary route is advertised, advertisement of the /32 host routes (installed when the dialup client connects) is suppressed so that the router does not advertise these routes to the network access server interface.

- Autosummary will override the configured summary-address feature on a given interface except when both of the following conditions are true:

- The configured interface summary-address and the IP address of the configured interface share the same major network (the classful, nonsubnetted portion of the IP address).

- Split horizon is not enabled on the interface.

..."

From 12.0(6)T you can use the 'ip summary-address rip' on ATM interface (and if your RIP cloud is only 2 routers, use 'no ip split-horizon' whitout any problem).

http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a0080087ad1.html

Try something like that:

interface ATM x

ip address 10.0.0.1 255.255.0.0

ip summary-address rip 10.0.0.0 255.255.0.0

no ip split-horizon

HTH

Andrea

tvo · ‎09-25-2006

Hi Andrea,

It works ! great !

Only problem, I have to use an 10.0.X.X ip address on the wan (point to point) link otherwise it doesn't work. For my other lines i use 192.168.X.X addresses.

Thanks anyway !

(you've been a great help)

tom

vladrac-ccna · ‎09-23-2006

Hey Tom,

Could you show us the output of "show ip route" in both routers before and after the ACL?

I've implemented the same setup in a lab and it worked with no problem using the last ACL.

BEFORE ACL:

R2>show ip route

R 10.0.2.0/24 [120/1] via 10.0.4.1, 00:00:01, FastEthernet0/0

R 10.0.3.0/24 [120/1] via 10.0.4.1, 00:00:01, FastEthernet0/0

R 10.0.0.0/16 [120/2] via 10.0.4.1, 00:00:01, FastEthernet0/0

C 10.0.4.0/30 is directly connected, FastEthernet0/0

C 10.0.5.0/24 is directly connected, FastEthernet1/0

AFTER dist-list with ACL 1

R2>SHOW IP ROUTE

R 10.0.0.0/16 [120/2] via 10.0.4.1, 00:00:01, FastEthernet0/0

C 10.0.4.0/30 is directly connected, FastEthernet0/0

C 10.0.5.0/24 is directly connected, FastEthernet1/0

acl:

access-list 1 deny 10.0.2.0 0.0.0.255

access-list 1 deny 10.0.3.0 0.0.0.255

access-list 1 permit 10.0.0.0 0.0.255.255

router rip

distribute-list 1 out fa0/0

Let us know,

Vlad

tvo · ‎09-25-2006

Hi Vlad,

Thanks for your reply.

The ACL works partially for me, the problem is:

Router A has a route to 10.0.0.0/24 (connected) and a route to 10.0.0.0/16 (static)

The static route should be advertised but not the 10.0.0.0/24.

Any idea ?

Thanks,

tom

vladrac-ccna · ‎09-30-2006

hello Tom, sorry for the delay.

Again, I used the same ACL and dist-list and it worked as required. /16 was advertised but not the /24.

Maybe there's something else with the configs.

Give us more details, we might find the problem.

Vlad