7-8 distribute-list access-list-name out

 <  Free Open Study  >  

7-8 distribute-list access-list- name out

Syntax Description:

  • access-list-name ” Standard named IP access list that determines which routes learned via OSPF will be prevented from being installed in the IP routing table.

Purpose: For distance vector protocols (RIP, IGRP, EIGRP) this command prevents routes selected by the named access list from being advertised to a neighbor. OSPF is a link-state protocol and does not advertise routes to a neighbor but advertises a link-state database. The neighbor determines the routes from the information in the link-state database. Therefore, this command has no effect when used with OSPF.

Initial Cisco IOS Software Release: 11.2

 <  Free Open Study  >  
 <  Free Open Study  >  

7-9 distribute-list access-list- name out interface-type interface-number

Syntax Description:

  • access-list-name ” Named IP access list that determines which routes learned via OSPF will be prevented from being installed in the IP routing table.

  • interface-type ” Optional parameter, along with the interface-number, used to apply the distribute list to OSPF routes learned through a particular interface.

  • interface-number ” Number of the interface-type.

Purpose: For distance vector protocols (RIP, IGRP, EIGRP) this command prevents routes selected by the named access list from being advertised to a neighbor. OSPF is a link-state protocol and does not advertise routes to a neighbor, but advertises a link-state database. The neighbor determines the routes from the information in the link-state database. Therefore, this command has no effect when used with OSPF.

Initial Cisco IOS Software Release: 11.2.

 <  Free Open Study  >  
 <  Free Open Study  >  

7-10 distribute-list access-list- name out routing-process

Syntax Description:

  • access-list-name: ” Standard IP access list name that determines which routes redistributed into OSPF will be prevented from being installed in the OSPF database. This has the effect of preventing the blocked redistributed routes from being advertised to OSPF neighbors.

  • routing-process ” The routing process that has been redistributed into OSPF (RIP, IGRP, EIGRP, OSPF, BGP, EGP, static, or connected).

Purpose: To prevent routes, redistributed into OSPF from another routing rocess, from being installed in the OSPF database.

Initial Cisco IOS Software Release: 11.2

Configuration Example: Preventing Routes Redistributed into OSPF from Being Installed in the OSPF Database

In Figure 7-6, Router B is receiving the EIGRP routes 10.1.1.4/30, 3.3.3.0/24, and 4.4.4.0/24 from Router C. Router B is redistributing EIGRP into OSPF and these routes will be advertised to Router A as OSPF external type 2 routes. Start by configuring Routers A, B, and C as shown in the listing that follows the figure.

Figure 7-6. A Distribute List/Named Access List Prevents Redistributed Routes from Being Installed in the OSPF Database

graphics/07fig06.gif

Router A

interface Loopback0


ip address 1.1.1.1 255.255.255.255


!


interface Ethernet0/0


ip address 172.16.1.1 255.255.255.0


!


router ospf 1


network 172.16.1.0 0.0.0.255 area 0

________________________________________________________________________________



Router B

interface Loopback0


ip address 2.2.2.2 255.255.255.255


!


interface Ethernet0


ip address 172.16.1.2 255.255.255.0


!


interface Serial1


bandwidth 64


ip address 10.1.1.5 255.255.255.252


clockrate 64000


!


router eigrp 1


network 10.0.0.0


!


router ospf 1


redistribute eigrp 1 subnets


network 2.2.2.2 0.0.0.0 area 1


network 172.16.1.0 0.0.0.255 area 0

________________________________________________________________________________



Router C

interface Loopback0


ip address 3.3.3.3 255.255.255.0


!


interface Loopback1


ip address 4.4.4.4 255.255.255.0


!


interface Serial0


ip address 10.1.1.6 255.255.255.252


!


router eigrp 1


network 3.0.0.0


network 4.0.0.0


network 10.0.0.0


no auto-summary

Verify that Routers A and B have established a FULL OSPF neighbor relationship.

rtrA#

show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface

2.2.2.2           1

FULL/BDR

00:00:30    172.16.1.2      Ethernet0/0



rtrB#

show ip ospf neighbor

Neighbor ID     Pri   State           Dead Time   Address         Interface

1.1.1.1           1

FULL/DR

00:00:38    172.16.1.1      Ethernet0

Verify that Router B is receiving routes 3.3.3.0/24 and 4.4.4.0/24 from Router C via EIGRP.

rtrB#

show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

       U - per-user static route, o - ODR



Gateway of last resort is not set



     2.0.0.0/32 is subnetted, 1 subnets

C       2.2.2.2 is directly connected, Loopback0

     3.0.0.0/24 is subnetted, 1 subnets

D       3.3.3.0 [90/40640000] via 10.1.1.6, 00:38:45, Serial1

4.0.0.0/24 is subnetted, 1 subnets

D       4.4.4.0 [90/40640000] via 10.1.1.6, 00:38:45, Serial1

172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Ethernet0

     10.0.0.0/30 is subnetted, 1 subnets

C       10.1.1.4 is directly connected, Serial1

Verify that Router A is receiving routes 10.1.1.4/30, 3.3.3.0/24, and 4.4.4.0/24 from Router B as OSPF external type 2 routes.

rtrA#

show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1,

E2 - OSPF external type 2

, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route



Gateway of last resort is not set



     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/11] via 172.16.1.2, 00:27:48, Ethernet0/0

     3.0.0.0/24 is subnetted, 1 subnets

O E2    3.3.3.0 [110/20] via 172.16.1.2, 00:05:41, Ethernet0/0

4.0.0.0/24 is subnetted, 1 subnets

O E2    4.4.4.0 [110/20] via 172.16.1.2, 00:27:48, Ethernet0/0

172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Ethernet0/0

     10.0.0.0/30 is subnetted, 1 subnets

O E2    10.1.1.4 [110/20] via 172.16.1.2, 00:05:42, Ethernet0/0

For illustrative purposes, verify that these three routes are in the OSPF database on Router B.

rtrB#

show ip ospf database external

OSPF Router with ID (2.2.2.2) (Process ID 1)





                Type-5 AS External Link States



  LS age: 441

  Options: (No TOS-capability, DC)

  LS Type: AS External Link

Link State ID: 3.3.3.0 (External Network Number )

Advertising Router: 2.2.2.2

  LS Seq Number: 80000001

  Checksum: 0x3F50

  Length: 36

  Network Mask: /24

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 20

        Forward Address: 0.0.0.0

        External Route Tag: 0



  LS age: 1788

  Options: (No TOS-capability, DC)

  LS Type: AS External Link

Link State ID: 4.4.4.0 (External Network Number )

Advertising Router: 2.2.2.2

  LS Seq Number: 80000003

  Checksum: 0x1773

  Length: 36

  Network Mask: /24

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 20

        Forward Address: 0.0.0.0

        External Route Tag: 0



  LS age: 459

  Options: (No TOS-capability, DC)

  LS Type: AS External Link

Link State ID: 10.1.1.4 (External Network Number )

Advertising Router: 2.2.2.2

  LS Seq Number: 80000001

  Checksum: 0xD7B3

  Length: 36

  Network Mask: /30

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 20

        Forward Address: 0.0.0.0

        External Route Tag: 0

Modify the configuration on Router B to allow only the installation of the EIGRP route 4.4.4.0/24 into the OSPF database using a named access list.

Router B

router ospf 1


redistribute eigrp 1 subnets


network 2.2.2.2 0.0.0.0 area 1


network 172.16.1.0 0.0.0.255 area 0



distribute-list filter-eigrp out eigrp 1



!



ip access-list standard filter-eigrp




permit 4.4.4.0 0.0.0.255


Verification

Verify that the EIGRP routes 10.1.1.4/30 and 3.3.3.0/24 have been blocked from entering the OSPF database on Router B.

rtrB#

show ip ospf database external

OSPF Router with ID (2.2.2.2) (Process ID 1)





                Type-5 AS External Link States



  LS age: 419

  Options: (No TOS-capability, DC)

  LS Type: AS External Link




Link State ID: 4.4.4.0 (External Network Number )

Advertising Router: 2.2.2.2

  LS Seq Number: 80000004

  Checksum: 0x1574

  Length: 36

  Network Mask: /24

        Metric Type: 2 (Larger than any link state path)

        TOS: 0

        Metric: 20

        Forward Address: 0.0.0.0

        External Route Tag: 0

Verify that Router A is receiving only one external type 2 route from Router B.

rtrA#

show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route



Gateway of last resort is not set



     1.0.0.0/32 is subnetted, 1 subnets

C       1.1.1.1 is directly connected, Loopback0

     2.0.0.0/32 is subnetted, 1 subnets

O IA    2.2.2.2 [110/11] via 172.16.1.2, 00:38:45, Ethernet0/0

     4.0.0.0/24 is subnetted, 1 subnets

O E2    4.4.4.0 [110/20] via 172.16.1.2, 00:38:45, Ethernet0/0

172.16.0.0/24 is subnetted, 1 subnets

C       172.16.1.0 is directly connected, Ethernet0/0
Troubleshooting
Step 1. Verify that there is a neighbor relationship between the OSPF routers using the show ip ospf neighbor command.

Step 2. Verify that the distribute-list command is referencing the correct access list name and routing process.

Step 3. Verify the syntax of the named access list.

Step 4. Verify that the intended routes are in the OSPF database using the command show ip ospf database external.

 <  Free Open Study  >