7-7 distribute-list access-list-name in interface-type interface-number

Previous page
Table of content
Next page
 <  Free Open Study  >  

7-7 distribute-list access-list- name in interface-type interface-number

Syntax Description:

  • access-list-name ” Named IP access used to determine which routes learned via OSPF will be prevented from being installed in the IP routing table.

  • interface-type ” Optional parameter, along with the interface-number, used to apply the distribute list to OSPF routes learned through a particular interface.

  • interface-number ” Number of the interface type.

Purpose: To prevent OSPF routes learned over a specific interface from being installed in the IP routing table. Even though an OSPF route may be prevented from being installed in the IP routing table, the route will still be in the OSPF database. The route could be learned via another OSPF interface and would therefore appear in the IP routing table.

Initial Cisco IOS Software Release: 10.0. The interface-type and interface-number parameters were added in Release 11.2.

Configuration Example: Preventing Routes Learned via OSPF Over a Specific Interface from Being Installed in the IP Routing Table

In Figure 7-5, Router A is receiving the OSPF routes 2.2.2.2, 3.3.3.3, and 4.4.4.4 from Router B over two serial interfaces. Start by configuring routes A and B as shown in the listing that follows the figure.

Figure 7-5. A Distribute List/Named Access List Is Used to Control Which OSPF Routes, Learned Over a Specific Interface, Are Transferred from the OSPF Database into the IP Routing Table

graphics/07fig05.gif 

 Router A  interface Loopback0   ip address 1.1.1.1 255.255.255.255   !   interface Serial0/0   ip address 10.1.1.6 255.255.255.252   no ip mroute-cache   !   interface Serial0/1   ip address 10.1.1.1 255.255.255.252   clockrate 64000   !   router ospf 1   network 1.1.1.1 0.0.0.0 area 1   network 10.1.1.0 0.0.0.3 area 0   network 10.1.1.4 0.0.0.3 area 0  ________________________________________________________________________________ Router B  interface Loopback0   ip address 2.2.2.2 255.255.255.255   !   interface Loopback1   ip address 3.3.3.3 255.255.255.255   !   interface Loopback2   ip address 4.4.4.4 255.255.255.255   !   interface Serial0   ip address 10.1.1.2 255.255.255.252   !   interface Serial1   bandwidth 64   ip address 10.1.1.5 255.255.255.252   clockrate 64000   !   router ospf 1   router-id 2.2.2.2   network 2.2.2.2 0.0.0.0 area 2   network 3.3.3.3 0.0.0.0 area 0   network 4.4.4.4 0.0.0.0 area 4   network 10.1.1.0 0.0.0.3 area 0   network 10.1.1.4 0.0.0.3 area 0

Verify that Routers A and B have established a FULL OSPF neighbor relationship. 

 rtrA#  show ip ospf neighbor  Neighbor ID     Pri   State           Dead Time   Address         Interface 2.2.2.2           1  FULL/  -  00:00:34    10.1.1.5        Serial0/0 2.2.2.2           1  FULL/  -  00:00:38    10.1.1.2        Serial0/1 rtrB#  show ip ospf neighbor  Neighbor ID     Pri   State           Dead Time   Address         Interface 1.1.1.1           1  FULL/  -  00:00:32    10.1.1.1        Serial0 1.1.1.1           1  FULL/  -  00:00:30    10.1.1.6        Serial1

Verify that Router A is receiving the routes 2.2.2.2, 3.3.3.3, and 4.4.4.4 from Router B. 

 rtrA#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area        * - candidate default, U - per-user static route, o - ODR        P - periodic downloaded static route Gateway of last resort is not set      1.0.0.0/32 is subnetted, 1 subnets C       1.1.1.1 is directly connected, Loopback0      2.0.0.0/32 is subnetted, 1 subnets  O IA    2.2.2.2 [110/65] via 10.1.1.5, 00:00:10, Serial0/0   [110/65] via 10.1.1.2, 00:00:10, Serial0/1  3.0.0.0/32 is subnetted, 1 subnets  O       3.3.3.3 [110/65] via 10.1.1.5, 00:00:10, Serial0/0   [110/65] via 10.1.1.2, 00:00:10, Serial0/1  4.0.0.0/32 is subnetted, 1 subnets  O IA    4.4.4.4 [110/65] via 10.1.1.5, 00:00:10, Serial0/0   [110/65] via 10.1.1.2, 00:00:11, Serial0/1  172.16.0.0/24 is subnetted, 1 subnets C       172.16.1.0 is directly connected, Ethernet0/0      10.0.0.0/30 is subnetted, 2 subnets C       10.1.1.0 is directly connected, Serial0/1 C       10.1.1.4 is directly connected, Serial0/0

For illustrative purposes, verify that these three routes are in the OSPF database on Router A. 

 rtrA#  show ip ospf database  OSPF Router with ID (1.1.1.1) (Process ID 1)                 Router Link States (Area 0) 1.1.1.1         1.1.1.1         1423        0x800000C1 0xE80E   4  2.2.2.2         2.2.2.2         1451        0x80000050 0xA7E3   5  Summary Net Link States (Area 0) Link ID         ADV Router      Age         Seq#       Checksum 1.1.1.1         1.1.1.1         165         0x80000044 0xC030  2.2.2.2         2.2.2.2         707         0x80000057 0x4E87   4.4.4.4         2.2.2.2         707         0x8000000F 0x8293  Router Link States (Area 1) Link ID         ADV Router      Age         Seq#       Checksum Link count 1.1.1.1         1.1.1.1         1666        0x80000008 0xC558   1                 Summary Net Link States (Area 1) Link ID         ADV Router      Age         Seq#       Checksum  2.2.2.2         1.1.1.1         1423        0x80000006 0x9159   3.3.3.3         1.1.1.1         1669        0x80000009 0x5D86   4.4.4.4         1.1.1.1         1669        0x80000009 0x2FB0  10.1.1.0        1.1.1.1         168         0x80000007 0x36B3 10.1.1.4        1.1.1.1         1425        0x80000008 0xCD8

Modify the configuration on Router A to prevent the OSPF routes 2.2.2.2 and 3.3.3.3, received over interface Serial 0/0, and the routes 3.3.3.3 and 4.4.4.4, received over Serial 0/1, from being installed in the IP routing table. 

 Router A  router ospf 1   network 1.1.1.1 0.0.0.0 area 1   network 172.16.1.0 0.0.0.255 area 0    distribute-list filter-ospf1 in Serial0/0     distribute-list filter-ospf2 in Serial0/1    !    ip access-list standard filter-ospf1     deny   2.2.2.0 0.0.0.255     deny   3.3.3.0 0.0.0.255     permit any     ip access-list standard filter-ospf2     deny   3.3.3.0 0.0.0.255     deny   4.4.4.0 0.0.0.255     permit any
Verification

Determine which routes have been prevented from reaching the IP routing table on Router A. 

 rtrA#  show ip route  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP        D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area        * - candidate default, U - per-user static route, o - ODR        P - periodic downloaded static route Gateway of last resort is not set      1.0.0.0/32 is subnetted, 1 subnets C       1.1.1.1 is directly connected, Loopback0      2.0.0.0/32 is subnetted, 1 subnets  O IA    2.2.2.2 [110/65] via 10.1.1.2, 00:01:15, Serial0/1  4.0.0.0/32 is subnetted, 1 subnets  O IA    4.4.4.4 [110/65] via 10.1.1.5, 00:01:15, Serial0/0  172.16.0.0/24 is subnetted, 1 subnets C       172.16.1.0 is directly connected, Ethernet0/0      10.0.0.0/30 is subnetted, 2 subnets C       10.1.1.0 is directly connected, Serial0/1 C       10.1.1.4 is directly connected, Serial0/0

Named access list filter-ospf1 denies networks 2.2.2.0 and 3.3.3.0. Named access list filter-ospf2 denies networks 3.3.3.0 and 4.4.4.0. The only network that is filtered by both access lists is 3.3.3.0. Verify that routes 2.2.2.2, 3.3.3.3, and 4.4.4.4 are still in the OSPF database on Router A. 

 rtrA#  show ip ospf database  OSPF Router with ID (1.1.1.1) (Process ID 1)                 Router Link States (Area 0) Link ID         ADV Router      Age         Seq#       Checksum Link count 1.1.1.1         1.1.1.1         1815        0x800000C1 0xE80E   4  2.2.2.2         2.2.2.2         1843        0x80000050 0xA7E3   5  Summary Net Link States (Area 0) Link ID         ADV Router      Age         Seq#       Checksum 1.1.1.1         1.1.1.1         557         0x80000044 0xC030  2.2.2.2         2.2.2.2         1099        0x80000057 0x4E87   4.4.4.4         2.2.2.2         1099        0x8000000F 0x8293  Router Link States (Area 1) Link ID         ADV Router      Age         Seq#       Checksum Link count 1.1.1.1         1.1.1.1         43          0x80000009 0xC359   1                 Summary Net Link States (Area 1) Link ID         ADV Router      Age         Seq#       Checksum  2.2.2.2         1.1.1.1         1815        0x80000006 0x9159   3.3.3.3         1.1.1.1         45          0x8000000A 0x5B87   4.4.4.4         1.1.1.1         45          0x8000000A 0x2DB1  10.1.1.0        1.1.1.1         559         0x80000007 0x36B3 10.1.1.4        1.1.1.1         1816        0x80000008 0xCD8
Troubleshooting
Step 1. Verify that there is a neighbor relationship between the OSPF routers by using the show ip ospf neighbor command.

Step 2. Verify that the distribute-list command is referencing the correctly named access list and interface.

Step 3. Verify the syntax of the named access list.

 <  Free Open Study  >  

Previous page
Table of content
Next page
Cisco[r] OSPF Command and Configuration Handbook
Cisco OSPF Command and Configuration Handbook (paperback)
ISBN: 1587055406
EAN: 2147483647
Year: 2002
Pages: 236
Authors: William R. Parkhurst
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Java for RPG Programmers, 2nd Edition
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
C++ How to Program (5th Edition)
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy