In order to filter routes in EIGRP update message we need
to configure Distribute list under EIGRP process. Distribute list can be
applied to all or specific interface.
In below example we are applying distribution list on
particular interface in order to filter route for particular neighbor.
There are three ways by which we can match routes to
apply filter.
1.
Access list
2.
Prefix list
3.
Route-map
Option 1:-
Access list
Below is the configuration example of distribution list
using access list.
R1:-
interface Loopback1
ip address 1.1.1.1
255.255.255.255
interface Loopback11
ip address
11.11.11.11 255.255.255.255
interface Loopback111
ip address
111.111.111.111 255.255.255.255
interface FastEthernet0/0
description “ Connected to R2”
ip address
12.12.12.1 255.255.255.0
no shut
router eigrp 1
distribute-list Block_111.111.111.111 out
FastEthernet0/0 \\ Will block
111.111.111.111/32 route advertisement\\
network 1.1.1.1
0.0.0.0
network
11.11.11.11 0.0.0.0
network 12.12.12.1
0.0.0.0
network
111.111.111.111 0.0.0.0
ip access-list standard Block_111.111.111.111
deny 111.111.111.111 \\Match 111.111.111.111/32 route which needs
to be filter\\
permit any \\ Allow all other routes\\
R2:-
interface FastEthernet0/0
ip address
12.12.12.2 255.255.255.0
no shut
router eigrp 1
network 12.12.12.2
0.0.0.0
Verification:-
R2:-
R2# sh ip route \\ No route for 111.111.111.111/32 \\
Codes: L - local, C - connected, S - static, R - RIP, M -
mobile, B - BGP
D - EIGRP,
EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P -
periodic downloaded static route, H - NHRP
+ -
replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
D 1.1.1.1
[90/156160] via 12.12.12.1, 00:50:13, FastEthernet0/0
2.0.0.0/32 is
subnetted, 1 subnets
C 2.2.2.2 is
directly connected, Loopback0
11.0.0.0/32
is subnetted, 1 subnets
D 11.11.11.11
[90/156160] via 12.12.12.1, 00:50:13, FastEthernet0/0
12.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
12.12.12.0/24 is directly connected, FastEthernet0/0
L
12.12.12.2/32 is directly connected, FastEthernet0/0
23.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
23.23.23.0/24 is directly connected, FastEthernet0/1
L
23.23.23.2/32 is directly connected, FastEthernet0/1
R2#sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT
RTO Q Seq
(sec) (ms) Cnt Num
0 12.12.12.1 Fa0/0 13 00:50:16 32
200 0 11
R2#
There is one issue while using access list to match the
routes. If we allow a supernet in access list then it will also allow all its
subnet by default.
In below example, we want to advertise only 11.11.11.11/24
from R2 to R3 and suppress all other routes.
There are two routes, one is 11.11.11.11/32 (advertised
from R1) and 11.11.11.11/24 (advertised
from R2).
We can see below that we have only allowed 11.11.11.11/24
from R2 but still 11.11.11.11/32 is the routing table of R3.
interface Loopback1
ip address 1.1.1.1
255.255.255.255
interface Loopback11
ip address
11.11.11.11 255.255.255.255
interface Loopback111
ip address
111.111.111.111 255.255.255.255
interface FastEthernet0/0
Description “ connected to R2”
ip address
12.12.12.1 255.255.255.0
no shut
router eigrp 1
network 1.1.1.1
0.0.0.0
network
11.11.11.11 0.0.0.0
network 12.12.12.0
0.0.0.255
network
111.111.111.111 0.0.0.0
R2:-
interface Loopback0
ip address 2.2.2.2
255.255.255.255
ip ospf network point-to-point
no shut
interface Loopback2
ip address
11.11.11.1 255.255.255.0
interface FastEthernet0/0
ip address
12.12.12.2 255.255.255.0
no shut
interface FastEthernet0/1
ip address
23.23.23.2 255.255.255.0
no shut
router eigrp 1
distribute-list
Route_Filter out FastEthernet0/1
network 11.11.11.1
0.0.0.0
network 12.12.12.0
0.0.0.255
network 23.23.23.2
0.0.0.0
ip access-list standard Route_Filter
permit 11.11.11.0 0.0.0.255 \\Only permit
11.11.11.0/24 \\
R3:-
interface FastEthernet0/1
ip address
23.23.23.3 255.255.255.0
no shut
router eigrp 1
network 23.23.23.3
0.0.0.0
Verification:-
R1:-
R1# sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M -
mobile, B - BGP
D - EIGRP,
EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P -
periodic downloaded static route, H - NHRP
+ -
replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is
subnetted, 1 subnets
C 1.1.1.1 is
directly connected, Loopback1
11.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
D 11.11.11.0/24 [90/156160] via
12.12.12.2, 02:20:21, FastEthernet0/0
\\Advertised from R2
C 11.11.11.11/32 is directly connected,
Loopback11
12.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
12.12.12.0/24 is directly connected, FastEthernet0/0
L
12.12.12.1/32 is directly connected, FastEthernet0/0
23.0.0.0/24
is subnetted, 1 subnets
D 23.23.23.0
[90/30720] via 12.12.12.2, 02:22:54, FastEthernet0/0
111.0.0.0/32
is subnetted, 1 subnets
C
111.111.111.111 is directly connected, Loopback111
R2:-
R2# sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M -
mobile, B - BGP
D - EIGRP,
EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P -
periodic downloaded static route, H - NHRP
+ -
replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is
subnetted, 1 subnets
D 1.1.1.1
[90/156160] via 12.12.12.1, 03:20:18, FastEthernet0/0
2.0.0.0/32 is
subnetted, 1 subnets
C 2.2.2.2 is
directly connected, Loopback0
11.0.0.0/8 is
variably subnetted, 3 subnets, 2 masks
C
11.11.11.0/24 is directly connected, Loopback2
L
11.11.11.1/32 is directly connected, Loopback2
D
11.11.11.11/32 [90/156160] via 12.12.12.1, 03:20:18, FastEthernet0/0
12.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
12.12.12.0/24 is directly connected, FastEthernet0/0
L
12.12.12.2/32 is directly connected, FastEthernet0/0
23.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
23.23.23.0/24 is directly connected, FastEthernet0/1
L
23.23.23.2/32 is directly connected, FastEthernet0/1
111.0.0.0/32
is subnetted, 1 subnets
D
111.111.111.111 [90/156160] via 12.12.12.1, 02:03:18, FastEthernet0/0
R3:-
R3# sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M -
mobile, B - BGP
D - EIGRP,
EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF
NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF
external type 1, E2 - OSPF external type 2
i - IS-IS,
su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS
inter area, * - candidate default, U - per-user static route
o - ODR, P -
periodic downloaded static route, H - NHRP
+ -
replicated route, % - next hop override
Gateway of last resort is not set
11.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
D 11.11.11.0/24 [90/156160] via
23.23.23.2, 02:20:39, FastEthernet0/1
D 11.11.11.11/32 [90/158720] via
23.23.23.2, 02:20:39, FastEthernet0/1
//R1 Route is also present
23.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
23.23.23.0/24 is directly connected, FastEthernet0/1
L
23.23.23.3/32 is directly connected, FastEthernet0/1
34.0.0.0/8 is
variably subnetted, 2 subnets, 2 masks
C
34.34.34.0/24 is directly connected, FastEthernet1/0
L
34.34.34.3/32 is directly connected, FastEthernet1/0
Other options are explained in upcoming blogs.
No comments:
Post a Comment