< Free Open Study > |
7-1 distribute-list access-list-number inSyntax Description:
Purpose: To prevent OSPF learned routes from being installed in the IP routing table. Even though an OSPF route may be prevented from being installed in the IP routing table, the route will still be in the OSPF database and advertised to OSPF neighbors. If you want to block a particular route or group of routes from entering the IP routing table, use a distribute list on all OSPF routers. Initial Cisco IOS Software Release: 10.0 Configuration Example: Preventing OSPF Learned Routes from Being Installed in the IP Routing TableIn Figure 7-1, Router A is receiving the OSPF routes 2.2.2.2, 3.3.3.3, and 4.4.4.4 from Router B. Start by configuring Routers A and B as shown in the listing that follows . Figure 7-1. A Distribute List/Access List Controls Which OSPF Routes Are Transferred from the OSPF Database into the IP Routing Table
Router A interface Loopback0 ip address 1.1.1.1 255.255.255.255 ! interface Ethernet0/0 ip address 172.16.1.1 255.255.255.0 ! router ospf 1 network 1.1.1.1 0.0.0.0 area 1 network 172.16.1.0 0.0.0.255 area 0 ________________________________________________________________________________ Router B interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface Loopback1 ip address 3.3.3.3 255.255.255.255 ! interface Loopback2 ip address 4.4.4.4 255.255.255.255 ! interface Ethernet0 ip address 172.16.1.2 255.255.255.0 ! router ospf 1 router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 2 network 3.3.3.3 0.0.0.0 area 0 network 4.4.4.4 0.0.0.0 area 4 network 172.16.1.2 0.0.0.0 area 0 Verify that Routers A and B have established a FULL OSPF neighbor relationship. rtrA# show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 2.2.2.2 1 FULL/BDR 00:00:30 172.16.1.2 Ethernet0/0 ________________________________________________________________________________ rtrB# show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 1.1.1.1 1 FULL/DR 00:00:38 172.16.1.1 Ethernet0 Verify that Router A is receiving the routes 2.2.2.2, 3.3.3.3, and 4.4.4.4 from Router B. rtrA# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback0 2.0.0.0/32 is subnetted, 1 subnets O IA 2.2.2.2 [110/11] via 172.16.1.2, 00:04:28, Ethernet0/0 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/11] via 172.16.1.2, 00:04:28, Ethernet0/0 4.0.0.0/32 is subnetted, 1 subnets O IA 4.4.4.4 [110/11] via 172.16.1.2, 00:04:28, Ethernet0/0 172.16.0.0/24 is subnetted, 1 subnets C 172.16.1.0 is directly connected, Ethernet0/0 For illustrative purposes, verify that these three routes are in the OSPF database on Router A. rtrA# show ip ospf database OSPF Router with ID (1.1.1.1) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 493 0x800000A5 0x8F6F 1 2.2.2.2 2.2.2.2 489 0x80000030 0x7ECF 2 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 172.16.1.1 1.1.1.1 496 0x80000001 0x6DFD Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 1.1.1.1 1.1.1.1 714 0x80000033 0xE21F 2.2.2.2 2.2.2.2 487 0x80000049 0x6A79 4.4.4.4 2.2.2.2 490 0x80000001 0x9E85 Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 726 0x80000001 0xD351 1 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 2.2.2.2 1.1.1.1 492 0x80000001 0x7DA8 3.3.3.3 1.1.1.1 492 0x80000001 0x4FD2 4.4.4.4 1.1.1.1 492 0x80000001 0x21FC 172.16.1.0 1.1.1.1 496 0x80000003 0x3B34 Modify the configuration on Router A to prevent the OSPF routes 2.2.2.2 and 3.3.3.3 from being installed in the IP routing table. Router A router ospf 1 network 1.1.1.1 0.0.0.0 area 1 network 172.16.1.0 0.0.0.255 area 0 distribute-list 1 in ! access-list 1 deny 2.2.2.0 0.0.0.255 access-list 1 deny 3.3.3.0 0.0.0.255 access-list 1 permit any VerificationVerify that the OSPF routes 2.2.2.2 and 3.3.3.3 have been blocked from entering the IP routing table on Router A. They should be absent from the IP routing table. rtrA# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback0 4.0.0.0/32 is subnetted, 1 subnets O IA 4.4.4.4 [110/11] via 172.16.1.2, 00:03:39, Ethernet0/0 172.16.0.0/24 is subnetted, 1 subnets C 172.16.1.0 is directly connected, Ethernet0/0 Verify that the routes 2.2.2.2 and 3.3.3.3 are still in the OSPF database on Router A. rtrA# show ip ospf database OSPF Router with ID (1.1.1.1) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 951 0x800000A5 0x8F6F 1 2.2.2.2 2.2.2.2 947 0x80000030 0x7ECF 2 Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 172.16.1.1 1.1.1.1 954 0x80000001 0x6DFD Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 1.1.1.1 1.1.1.1 1172 0x80000033 0xE21F 2.2.2.2 2.2.2.2 945 0x80000049 0x6A79 4.4.4.4 2.2.2.2 948 0x80000001 0x9E85 Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1184 0x80000001 0xD351 1 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 3.3.3.3 1.1.1.1 946 0x80000001 0x4FD2 4.4.4.4 1.1.1.1 946 0x80000001 0x21FC 172.16.1.0 1.1.1.1 950 0x80000003 0x3B34 Troubleshooting
|
< Free Open Study > |