Friday, December 12, 2008
rip - neighbor filtering options
In the above topology i want R6 to only allow routes from R2. Similarly i want R2 to only allow routes from R6.
To meet this requirement i use different methods on each router to achieve the same net result. Both methods require use of the distribute-list command.
On R6 i use and extended acl to first deny the RIP neighbors i do not require and allow the rest. On R2 i make use of the distribute-list gateway command in conjunction with a prefix-list to only allow the neighbors i require.
R6
router rip
version 2
network 54.0.0.0
network 150.1.0.0
network 204.12.1.0
distribute-list 100 in
no auto-summary
!
access-list 100 deny ip host 54.1.7.254 any
access-list 100 deny ip host 204.12.1.254 any
access-list 100 permit ip any any
R2
router rip
version 2
network 204.12.1.0
distribute-list gateway RICH in
no auto-summary
!
ip prefix-list RICH seq 5 permit 204.12.1.6/32
The IP prefix-list in the distribute-list gateway statement allows prefixes to be filtered as they are received based on the source of the update. This allows updates learned from BB3 to be denied, but still allows updates to be received from R6.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment