Wheather forecast

samedi 6 novembre 2010

Working with prefix lists

   
Workspace
Goal: have R2 receive only a default route 0.0.0.0/32 and private adresses
R1 sends all of its routes (static and connected)
R2 wants to receive only a default route (192.168.0.0/16 added for demo purpose though)








1/ configuring prefix-list

R1(config)#ip prefix-list rfc1918 seq 10 permit 0.0.0.0/32 ge 32
% Invalid prefix range for 0.0.0.0/32, make sure: len < ge-value <= le-value

R1(config)#ip prefix-list rfc1918 seq 20 permit 172.16.0.0/12 le 32
%Insertion failed - seq # exists with different policy: 20

Without inserting sequence numbers the default sequence is made automatically by increments of 5
It is better to explicitly write the sequence :
    - This allows an exact control and makes room to quickly insert lines
    - There is no renumbering capabilities as with access lists

2/ Configuration on R2:
router eigrp 1
 network 172.16.0.0 0.0.0.3
 distribute-list prefix rfc1918 in
 no auto-summary
!
ip prefix-list rfc1918 seq 10 permit 0.0.0.0/0
ip prefix-list rfc1918 seq 40 permit 192.168.0.0/16 le 32
!


Debugging:
R2#sh debugging
  IP-EIGRP Route Events debugging is on
  IP-EIGRP Event notification debugging is on

Routes:
R2#sh ip route eigrp
     192.168.0.0/32 is subnetted, 1 subnets
D EX    192.168.0.1 [170/2297856] via 172.16.0.1, 00:11:04, Serial0/0
D*EX 0.0.0.0/0 [170/2172416] via 172.16.0.1, 00:11:04, Serial0/0

Conform to waht was expected then

Without the prefix list:
R2#sh ip route eigrp
     172.31.0.0/32 is subnetted, 1 subnets
D EX    172.31.255.1 [170/2297856] via 172.16.0.1, 00:00:08, Serial0/0
     10.0.0.0/32 is subnetted, 2 subnets
D EX    10.1.1.1 [170/2297856] via 172.16.0.1, 00:00:08, Serial0/0
     192.168.0.0/32 is subnetted, 1 subnets
D EX    192.168.0.1 [170/2297856] via 172.16.0.1, 00:12:12, Serial0/0
D EX 212.151.98.0/24 [170/2172416] via 172.16.0.1, 00:00:08, Serial0/0
     194.157.0.0/29 is subnetted, 1 subnets
D EX    194.157.0.8 [170/2297856] via 172.16.0.1, 00:00:08, Serial0/0
     194.1.1.0/29 is subnetted, 1 subnets
D EX    194.1.1.0 [170/2297856] via 172.16.0.1, 00:00:08, Serial0/0
D*EX 0.0.0.0/0 [170/2172416] via 172.16.0.1, 00:12:12, Serial0/0



Mistake:
    typed distribute-list <NAME> instead of distribute-list prefix <NAME>
        - a standard empty ACL comes up in the config
        - the result is no filtering
Solution:
    No debug helped here, only reading did

Aucun commentaire:

Enregistrer un commentaire