Route Filtering Using the distribute-list Command
Router(config)#router eigrp 10 |
Starts the EIGRP routing process for autonomous system 10 |
Router(config-router)#distribute-list 1 in |
Creates an incoming global distribute list that refers to access control list (ACL) 1 |
Router(config-router)#distribute-list 2 out |
Creates an outgoing global distribute list that refers to ACL 2 |
Router(config-router)#distribute-list 3 in fastethernet0/0 |
Creates an incoming distribute list for interface FastEthernet0/0 and refers to ACL 3 |
Router(config-router)#distribute-list 4 out serial0/0/0 |
Creates an outgoing distribute list for interface Serial0/0/0 and refers to ACL 4 |
Router(config-router)#distribute-list 5 out ospf 1 |
Filters updates advertised from OSPF process ID 1 into EIGRP autonomous system 10 according to ACL 5 |
Configuration Example: Inbound and Outbound Distribute List Route Filters
Figure 4-5 shows the network topology for the configuration that follows, which demonstrates how to configure inbound and outbound route filters to control routing updates using the commands covered in this chapter. Assume that all basic configurations and EIGRP routing have been configured correctly.
Figure 4-5 Network Topology for Inbound and Outbound Distribute List Route Filters
The first objective is to prevent router AYLMER from learning the 10.0.0.0/8 network using an outbound distribute list on router HULL.
HULL(config)#access-list 10 deny 10.0.0.0 0.255.255.255 |
Creates a standard ACL number 10 and explicitly denies the 10.0.0.0/8 network |
HULL(config)#access-list 10 permit any |
Adds a second line to ACL 10 which permits all other networks |
HULL(config)#router eigrp 1 |
Enters EIGRP autonomous system 1 routing process |
HULL(config-router)#distribute-list 10 out Or |
Creates an outbound global distribute list that refers to ACL 10 |
HULL(config-router)#distribute-list 10 out serial0/0/0 |
Creates an outgoing distribute list for interface Serial0/0/0 that refers to ACL 10 |
The second objective is to prevent router OTTAWA from learning the 192.168.6.0/24 network using an inbound distribute list on router OTTAWA.
OTTAWA(config)#access-list 20 deny 192.168.6.0 0.0.0.255 | Creates a standard ACL number 20 and explicitly denies the 192.168.6.0/24 network |
OTTAWA(config)#access-list 20 permit any |
Adds a second line to ACL 20 which permits all other networks |
OTTAWA (config)#router eigrp 1 |
Enters EIGRP autonomous system 1 routing process |
OTTAWA(config-router)#distribute-list 20 in Or |
Creates an inbound global distribute list that refers to ACL 20 |
OTTAWA(config-router)#distribute-list 20 in serial0/0/0 |
Creates an inbound distribute list for interface Serial0/0/0 that refers to ACL 20 |
Configuration Example: Controlling Redistribution with Outbound Distribute Lists
Figure 4-6 shows the network topology for the configuration that follows, which demonstrates how to control redistribution with an outbound distribute list using the commands covered in this chapter. Assume that all basic configurations and EIGRP and OSPF routing have been configured correctly.
Figure 4-6 Network Topology for Controlling Redistribution with Outbound Distribute Lists
The objective is to prevent networks 172.16.3.0/24 and 172.16.4.0/24 from being redistributed into the OSPF domain.
HULL(config)#access-list 30 permit 172.16.1.0 0.0.0.255 |
Creates a standard ACL number 30 and explicitly permits the 172.16.1.0/24 network. |
HULL (config)#access-list 30 permit 172.16.2.0 0.0.0.255 |
Adds a second line to ACL 30 that explicitly permits the 172.16.2.0/24 network. |
HULL(config)#router ospf 1 |
Enters OSPF process ID 1 routing process. |
HULL(config-router)#redistribute eigrp 10 subnets |
Redistributes all EIGRP networks into OSPF. |
HULL(config-router)#distribute-list 30 out eigrp 10 |
Creates an outbound distribute list to filter routes being redistributed from EIGRP into OSPF. |
NOTE: The implicit “deny any” state-ment at the end of the access list pre-vents routing updates about any other network from being advertised. As a result, networks 172.16.3.0/24 and 172.16.4.0/24 will not be redistributed into OSPF. |
Verifying Route Filters
Router#show ip protocols |
Displays the parameters and current state of active routing protocols |
Routing Protocol is "eigrp 10" Outgoing update filter list for all interfaces is 2 Redistributed ospf 1 filtered by 5 Serial 0/0/0 filtered by 4 Incoming update filter list for all interfaces is 1 FastEthernet0/0 filtered by 3
The command distribute-list out works only on the routes being redistributed by the ASBR into OSPF. It can be applied to external type 2 and external type 1 routes but not to intra-area and interarea routes.