From: Larry (cc13lab@gmail.com)
Date: Tue Jul 22 2008 - 09:40:49 ART
Fahad,
Here is a link explaining it with RIP:
http://blog.internetworkexpert.com/category/ccie-routing-switching/interior-gateway-routing/page/2/
hth
On 7/22/08, Fahad Khan <fahad.khan@gmail.com> wrote:
>
> well, i am still unable to understand , how Ext ACL is used in RIP(with
> dist-list) and why? Can any one shed more light over it?
>
> Thanks and regards,
>
> On Tue, Jul 22, 2008 at 3:00 AM, Huan Pham <pnhuan@yahoo.com> wrote:
>
> > Hi Khan,
> >
> >
> >
> > Thanks for the example. Appearently, the use of extended ACL in the BGP
> > example is another hair pulling exersize.
> >
> >
> >
> > But we can use extended ACL for RIP as well, as shown in my example.
> >
> >
> >
> > Cheers,
> >
> >
> > --- On *Tue, 7/22/08, Fahad Khan <fahad.khan@gmail.com>* wrote:
> >
> > From: Fahad Khan <fahad.khan@gmail.com>
> > Subject: Re: RIP route filtering using Extended ACL
> > To: "Huan Pham" <Huan.Pham@peopletelecom.com.au>
> > Cc: ccielab@groupstudy.com
> > Date: Tuesday, July 22, 2008, 7:00 PM
> >
> > Futher more,
> >
> > Remember! IP access-list number <1-199> (shown below) is meaning full
> > *only*,
> > when you want to perform route filtering in *BGP*
> >
> > R1(config-router)#distribute-list ?
> > <1-199> IP access list number
> > <1300-2699> IP expanded access list number
> > WORD Access-list name
> > gateway Filtering incoming updates based on gateway
> > prefix Filter prefixes in routing updates
> >
> >
> > In rip and other IGPs, distribute-list works with standard ACL only
> but
> > in BGP it can work with extanded ACL as well.
> >
> > Go through the link below,
> >
> http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801310cb.shtml#acclists
> >
> >
> > Thanks and regards,
> >
> >
> > On Mon, Jul 21, 2008 at 11:26 PM, Huan Pham
> > <Huan.Pham@peopletelecom.com.au>
> > wrote:
> >
> > > Hi GS,
> > >
> > > I can not find the guide on the use of extended ACL to filter RIP
> > > routes. May someone please point me the link to this section. Many
> > > thanks.
> > >
> > > The following config is from a vendor workbook. It's to prevent the
> > > route 150.1.7.0/24 learnt via router 155.1.0.1 off interface Serial0.
> > >
> > > access-list 199 deny ip host 155.1.0.1 host 150.1.7.0
> > > access-list 199 permit ip any any
> > >
> > > router rip
> > > version 2
> > > network 150.1.0.0
> > > network 155.1.0.0
> > > distribute-list 199 in Serial0
> > > no auto-summary
> > >
> > >
> > > I usually make mistake with creating extended ACL for this purpose. I
> do
> > > tend to put subnet route first (source address portion), and the
> gateway
> > > after (destination address). The right ACL should be created in the
> > > reverse order, as above. I can not find relevant info in the RIP
> > > configuration guide, nor in command reference. Help in understanding
> > > this command is appreciated.
> > >
> > >
> > > Huan,
> > >
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > >
> > >
> > >
> >
> >
> > --
> > *FAHAD KHAN
> >
> > BE Computer Systems NED,
> >
> > CCNA,CCDA,CCNP,FOUNDFE,CLSE,
> > QOS,JNCIA,JNCIS,MCP,CCIE (Written)
> >
> > Systems Support Engineer, Premier Systems (Pvt) limited,
> >
> > Karachi, Pakistan
> >
> > 92-321-2370510*.
> >
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
> >
> >
>
>
> --
> *FAHAD KHAN
>
> BE Computer Systems NED,
>
> CCNA,CCDA,CCNP,FOUNDFE,CLSE,QOS,JNCIA,JNCIS,MCP,CCIE (Written)
>
> Systems Support Engineer, Premier Systems (Pvt) limited,
>
> Karachi, Pakistan
>
> 92-321-2370510.*
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART