We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 618 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

 

408 New Members signed up the last 30 days!

satisfaction-guaranteed

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!


Forum Replies

  1. Rene what will happen if both router-map and access-list are deny?

    route-map NAME deny 10
    match ip address 1
    
    ip access-list standard 1
    deny 1.1.1.0
    permit any 
    

    thanks!

  2. Hi George,

    Sure, here’s an example. We have a router that has learned some EIGRP routes on different interfaces:

    R1#show ip route eigrp 
    Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
           D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
           N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
           E1 - OSPF external type 1, E2 - OSPF external type 2
           i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
           ia - IS-IS inter area, * - candidate default, U - per-user static route
    ... Continue reading in our forum

  3. Derek,
    Route-Maps are the swiss-army knife of Cisco. You can use them for all kinds of things in many different ways depending on the situation. With EIGRP, access-lists, prefix-lists, and route-maps are all options of a distribute-list. In other words, the “distribute-list” keyword is entered first, then you can choose which option you want after. Check out the available options below:

    R1(config-router)#distribute-list ?
      <1-199>      IP access list number
      <1300-2699>  IP expanded access list number
      WORD               Access-list name
      ga
    ... Continue reading in our forum

  4. Mounir,
    You are right that your NET_192 access list would match 192.168.1.0/24 and not match anything else (because of an implicit “deny” at the end of an access-list).

    Now, in order for a prefix-list to do the same thing, you must also use the prefix-list with something else, say a route-map. A prefix-list by itself will only match or not match a particular network prefix–it won’t perform an action such as permit or deny.

    Let’s start by writing the prefix list that will match only 192.168.1.0/24, since you are asking about this:

    (config)#ip prefix-list PL_MAT

    ... Continue reading in our forum

  5. Hi Rene,

    I have a quick question on EIGRP filtering in general. Say I have 3 routers, R1, R2, and R3 all running EIGRP and connected.

    R1 has 10.10.10.0/24 and 20.20.20.0/24
    If I want to advertise 10.10.10.0/24 only to R3 but not R2…
    From reading your lesson, I learned that I can apply a distribute-list acl in on R3 to block the advertisement of 10.10.10.0/24…

    Can this be done on R1 to filter outbound EIGRP advertisement of 10.10.10.0/24 only to R3 but not R2?

    Thanks!

    Barry

18 more replies! Ask a question or join the discussion by visiting our Community Forum