Solved

"distribute-list out" command and default route suppress

Posted on 2006-06-13
10
473 Views
Last Modified: 2010-04-17
The scenario is

SW E0/1 is connected to RA FastEthernet 0/7. RA is connected to the rest of the world.

RIP is enabled between SW and RA, since SW’s only connection to the rest of the routing domain is through RA, therefore it does not need specific forwarding information about any prefixes.

Configure the network so that the only IGP route SW sees, is a default route from RA

RA:
router rip
no passive-interface Ethernet0/1
default-information originate
distribute-list prefix John out Ethernet0/1
no auto-summary
!
ip prefix-list John seq 10 permit 0.0.0.0/0



Here I am looking understand the concept for the command of the configuration above.

Since the command “distribute-list out” ,will suppress the network (0.0.0.0/0) from being advertised out the Ethernet 0/1,,,,Am I right ?,,,,this conclusion from the definition of the command "distribute-list out "from cisco :

"To suppress networks from being advertised in updates, use the distribute-list out "

If this the case that means I am going to suppress the default route, while the requirement is stating that SW should see default route!!!!!!!
0
Comment
Question by:zillah
  • 4
  • 3
10 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 63 total points
ID: 16897231
No, you have it backwards. What Cisco means is that like any other access list, whatever is not permitted will be implicitly denied. The prefix-list will permit the default route only, everything else will be denied.
0
 
LVL 12

Assisted Solution

by:Scotty_cisco
Scotty_cisco earned 62 total points
ID: 16897263
Mike has it dead right on this one.... I have used the distribute list with tunnels and GRE over cable setups and it works great but if it is not specified it will drop it.

Thanks
Scott
0
 

Author Comment

by:zillah
ID: 16897639
Thanks mikebernhardt

I have got similar to another scenario with 3 routers (R66 G0/1, R22 Fa0/0, BB) connected to each other through switch .

R66 :
G0/1: 205.13.1.6/24
S0/0 to Frame Relay cloud 55.2.8.0/24.
loopback is 160.1.1.1
G0/0 164.1.7.6/24

R22 :
Fa0/0: 205.13.1.2/24

BB:
205.13.1.200/24


"Configure R66 so that it does not advertise its route for the Frame
Relay network to either R22 or BB"



R66
router rip
distribute-list prefix Peter out GigabitEthernet0/1
distribute-list 20 in Virtual-Template1
!
ip prefix-list Peter seq 5 permit 164.1.7.0/24
ip prefix-list Peter seq 10 permit 160.1.1.0/24
!
access-list 20 deny any



Why do I need to use the statement below if the “distribute-list Peter” satisfy the requirement ?

distribute-list 20 in Virtual-Template1
access-list 20 deny any


0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16897841
Distribute-list 20 has nothing to do with the question you're asking. that's an inbound list telling the router to ignore any routes coming in on Virtual-Template1. The question is about limiting what the router sends OUT to the other routers. That is managed by "Peter."

Incidentally this could have also been done more accurately with:
ip prefix-list Peter seq 5 deny 55.2.8.0/24
ip prefix-list Peter seq 10 permit 0.0.0.0/0 le 32 (permit any route with a mask of 32 bits or less)

This denies the frame relay network specifically but permits all other routes. The one in your text permits the 2 routes and implicitly denies everything else including the frame relay route, which is not exactly what they said they wanted to accomplish.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:zillah
ID: 16900001
((Distribute-list 20 has nothing to do with the question you're asking))
In your opinion, why this has been used ?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16904009
No clue really. Virtual-Template1 normally comes up in a dialup configuration. It would deny any routing updates that came in over dialup, which may be good but isn't part of the question.
0
 

Author Comment

by:zillah
ID: 16904146
could you please send me an email to this address, because I was not able to send you private message.
 fmikeeo@aol.com
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 16904256
Why do you need to send me a private message?
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now