Route filtering: EIGRP and RIP mixed protocol lab.

Posted on November 6, 2010 by

Objective: Configure a route filter at A (R1) that will prevent D (R4) from learning about subnet 172.16.10.0/24

D#sh ip route
172.16.0.0/24 is subnetted, 14 subnets
C       172.16.252.0 is directly connected, FastEthernet0/0
R       172.16.253.0 [120/1] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.254.0 [120/1] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.251.0 [120/1] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.8.0 [120/3] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.9.0 [120/3] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.10.0 [120/2] via 172.16.252.1, 00:02:34, FastEthernet0/0
R       172.16.11.0 [120/2] via 172.16.252.1, 00:00:13, FastEthernet0/0
C       172.16.4.0 is directly connected, Loopback1
C       172.16.6.0 is directly connected, Loopback2
R       172.16.7.0 [120/3] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.1.0 [120/3] via 172.16.252.1, 00:00:13, FastEthernet0/0
R       172.16.2.0 [120/3] via 172.16.252.1, 00:00:14, FastEthernet0/0
R       172.16.3.0 [120/3] via 172.16.252.1, 00:00:14, FastEthernet0/0

Route filter has been implemented to prevent D router from learning 172.16.10.0/24 subnet, the default hold down time for RIP is 3mins (180s)

3mins later:

D#sh ip route

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 14 subnets
C       172.16.252.0 is directly connected, FastEthernet0/0
R       172.16.253.0 [120/1] via 172.16.252.1, 00:00:09, FastEthernet0/0
R       172.16.254.0 [120/1] via 172.16.252.1, 00:00:09, FastEthernet0/0
R       172.16.251.0 [120/1] via 172.16.252.1, 00:00:09, FastEthernet0/0
R       172.16.8.0 [120/3] via 172.16.252.1, 00:00:09, FastEthernet0/0
R       172.16.9.0 [120/3] via 172.16.252.1, 00:00:09, FastEthernet0/0
R       172.16.10.0/24 is possibly down,
routing via 172.16.252.1, FastEthernet0/0
R       172.16.11.0 [120/2] via 172.16.252.1, 00:00:09, FastEthernet0/0
C       172.16.4.0 is directly connected, Loopback1
C       172.16.6.0 is directly connected, Loopback2
R       172.16.7.0 [120/3] via 172.16.252.1, 00:00:09, FastEthernet0/0
R       172.16.1.0 [120/3] via 172.16.252.1, 00:00:14, FastEthernet0/0
R       172.16.2.0 [120/3] via 172.16.252.1, 00:00:14, FastEthernet0/0
R       172.16.3.0 [120/3] via 172.16.252.1, 00:00:14, FastEthernet0/0

D#sh ip route rip
172.16.0.0/24 is subnetted, 13 subnets
R       172.16.253.0 [120/1] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.254.0 [120/1] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.251.0 [120/1] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.8.0 [120/3] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.9.0 [120/3] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.11.0 [120/2] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.7.0 [120/3] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.1.0 [120/3] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.2.0 [120/3] via 172.16.252.1, 00:00:21, FastEthernet0/0
R       172.16.3.0 [120/3] via 172.16.252.1, 00:00:21, FastEthernet0/0

172.16.10.0/24 is removed from RIP routing table.

A#sh run | s router rip
router rip
redistribute eigrp 100 metric 3
passive-interface FastEthernet0/0
passive-interface FastEthernet0/1
network 172.16.0.0
distribute-list 2 out FastEthernet1/0
distribute-list 1 in FastEthernet1/1

A#sh access-list 2
Standard IP access list 2
10 deny   172.16.10.0, wildcard bits 0.0.0.255 (36 matches)
20 permit any (366 matches)

Advertisements
This entry was posted in EIGRP, Path Control, Route and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Cancel

Connecting to %s