Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

"distribute-list out" command and default route suppress

Posted on 2006-06-13
10
Medium Priority
?
515 Views
Last Modified: 2010-04-17
The scenario is

SW E0/1 is connected to RA FastEthernet 0/7. RA is connected to the rest of the world.

RIP is enabled between SW and RA, since SW’s only connection to the rest of the routing domain is through RA, therefore it does not need specific forwarding information about any prefixes.

Configure the network so that the only IGP route SW sees, is a default route from RA

RA:
router rip
no passive-interface Ethernet0/1
default-information originate
distribute-list prefix John out Ethernet0/1
no auto-summary
!
ip prefix-list John seq 10 permit 0.0.0.0/0



Here I am looking understand the concept for the command of the configuration above.

Since the command “distribute-list out” ,will suppress the network (0.0.0.0/0) from being advertised out the Ethernet 0/1,,,,Am I right ?,,,,this conclusion from the definition of the command "distribute-list out "from cisco :

"To suppress networks from being advertised in updates, use the distribute-list out "

If this the case that means I am going to suppress the default route, while the requirement is stating that SW should see default route!!!!!!!
0
Comment
Question by:zillah
  • 4
  • 3
10 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 252 total points
ID: 16897231
No, you have it backwards. What Cisco means is that like any other access list, whatever is not permitted will be implicitly denied. The prefix-list will permit the default route only, everything else will be denied.
0
 
LVL 12

Assisted Solution

by:Scotty_cisco
Scotty_cisco earned 248 total points
ID: 16897263
Mike has it dead right on this one.... I have used the distribute list with tunnels and GRE over cable setups and it works great but if it is not specified it will drop it.

Thanks
Scott
0
 

Author Comment

by:zillah
ID: 16897639
Thanks mikebernhardt

I have got similar to another scenario with 3 routers (R66 G0/1, R22 Fa0/0, BB) connected to each other through switch .

R66 :
G0/1: 205.13.1.6/24
S0/0 to Frame Relay cloud 55.2.8.0/24.
loopback is 160.1.1.1
G0/0 164.1.7.6/24

R22 :
Fa0/0: 205.13.1.2/24

BB:
205.13.1.200/24


"Configure R66 so that it does not advertise its route for the Frame
Relay network to either R22 or BB"



R66
router rip
distribute-list prefix Peter out GigabitEthernet0/1
distribute-list 20 in Virtual-Template1
!
ip prefix-list Peter seq 5 permit 164.1.7.0/24
ip prefix-list Peter seq 10 permit 160.1.1.0/24
!
access-list 20 deny any



Why do I need to use the statement below if the “distribute-list Peter” satisfy the requirement ?

distribute-list 20 in Virtual-Template1
access-list 20 deny any


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16897841
Distribute-list 20 has nothing to do with the question you're asking. that's an inbound list telling the router to ignore any routes coming in on Virtual-Template1. The question is about limiting what the router sends OUT to the other routers. That is managed by "Peter."

Incidentally this could have also been done more accurately with:
ip prefix-list Peter seq 5 deny 55.2.8.0/24
ip prefix-list Peter seq 10 permit 0.0.0.0/0 le 32 (permit any route with a mask of 32 bits or less)

This denies the frame relay network specifically but permits all other routes. The one in your text permits the 2 routes and implicitly denies everything else including the frame relay route, which is not exactly what they said they wanted to accomplish.
0
 

Author Comment

by:zillah
ID: 16900001
((Distribute-list 20 has nothing to do with the question you're asking))
In your opinion, why this has been used ?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16904009
No clue really. Virtual-Template1 normally comes up in a dialup configuration. It would deny any routing updates that came in over dialup, which may be good but isn't part of the question.
0
 

Author Comment

by:zillah
ID: 16904146
could you please send me an email to this address, because I was not able to send you private message.
 fmikeeo@aol.com
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16904256
Why do you need to send me a private message?
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question