PG1X WIKI

My Knowledge Base

User Tools

Site Tools


tech:network:cisco:routing:distribute-list:distribute-list

Cisco: Route Filtering distribute-list

My Learning topics result may not be accurate because of my misunderstanding!!!!

I STRONGLY RECOMMENDED to read the Official Documents(cisco.com a.k.a. CCO) and RFCs, any other books, sites.

And learn foundation, create lab yourself, configure, and verify any topics.

TODO

  1. EIGRP distribute-list out w/ ACL permit
  2. EIGRP distribute-list in w/ ACL permit
  3. EIGRP distribute-list out w/ ACL deny
  4. EIGRP distribute-list in w/ ACL deny
  5. OSPF to EIGRP distribute-list w/ redistribute, ACL permit
  6. OSPF to EIGRP distribute-list w/ redistribute, ACL deny
  7. EIGRP to OSPF distribute-list w/ redistribute
  8. EIGRP distribute-list out w/ prefix-list permit
  9. EIGRP distribute-list in w/ prefix-list permit
  10. EIGRP distribute-list out w/ prefix-list deny
  11. EIGRP distribute-list in w/ prefix-list deny
  12. OSPF to EIGRP distribute-list w/ redistribute, prefix-list permit
  13. OSPF to EIGRP distribute-list w/ redistribute, prefix-list deny

Base Lab 1: distribute-list Lab cca1bf44-14bb-484d-a825-a952d9cef59d

Topology

Base Configuration

Common Configuration Snippet

R1

R2

Configuring distribute-list w/ ACL c410a5b2-0a68-4b33-ae14-0550fb382676

permit specific route

  • R1
configure terminal
!
access-list 10 permit 172.16.3.0 0.0.0.255
access-list 10 permit 172.16.4.0 0.0.0.255
!
router eigrp 1
 distribute-list 10 out GigabitEthernet 0/1
exit
!
end

or

  • R2
configure terminal
!
access-list 10 permit 172.16.3.0 0.0.0.255
access-list 10 permit 172.16.4.0 0.0.0.255
!
router eigrp 1
 distribute-list 10 in GigabitEthernet 0/1
exit
!
end

deny specific route

  • R1
configure terminal
!
access-list 20 deny 172.16.6.0 0.0.0.255
access-list 20 deny 172.16.7.0 0.0.0.255
access-list 20 permit any
!
router eigrp 1
 distribute-list 20 out GigabitEthernet 0/1
exit
!
end

or

  • R2
configure terminal
!
access-list 20 deny 172.16.6.0 0.0.0.255
access-list 20 deny 172.16.7.0 0.0.0.255
access-list 20 permit any
!
router eigrp 1
 distribute-list 20 in GigabitEthernet 0/1
exit
!
end

Verification

Base Lab 2: Route Redistribution Lab 9d1dbd46-d569-4c85-8b6d-753e1aeb2a4a

Topology

Base Configuration

Common Configuration Snippet

R1

R2

R3

Configuring distribute-list w/ redistribute, ACL bd917fcf-9412-4f27-b3bf-a12f3f65f0d3

This lab assumes that already OSPF, EIGRP redistributed bidirectionally.

allow specific route

  • R2
configure terminal
!
access-list 10 permit 172.16.4.0 0.0.0.255
access-list 10 permit 172.16.5.0 0.0.0.255
!
router eigrp 1
 distribute-list 10 out ospf 1
exit
!
end

deny specific route

  • R2
configure terminal
!
access-list 20 deny 172.16.6.0 0.0.0.255
access-list 20 deny 172.16.7.0 0.0.0.255
access-list 20 permit any
!
router eigrp 1
 distribute-list 20 out ospf 1
exit
!
end
  • R2
configure terminal
!
access-list 30 deny 172.16.4.0 0.0.3.255
access-list 30 permit any
!
router eigrp 1
 distribute-list 30 out ospf 1
exit
!
end

Verification

show ip route | include ^D|^O
show ip route ospf | include ^O
show ip route eigrp | include ^D
show access-lists
show running-config | section router eigrp
show running-config | section router ospf

R1 Console Log

R2 Console Log

R3 Console Log

distribute-list for OSPF

distribute-list out to interface is not works. But LSA5 route is applicable. Furthermore, distribute-list in only applied to routing table, cannot filter LSAs.

So, distribute-list for OSPF usage is limited.

Cisco: OSPF: Route Filtering: distribute-list

Configuring distribute-list w/ prefix-list 61d12004-3729-460b-b527-a22f074b7af1

  1. Using Lab ID: cca1bf44-14bb-484d-a825-a952d9cef59d

permit specific route

  • R1
configure terminal
!
ip prefix-list PRE01 permit 172.16.3.0/24
ip prefix-list PRE01 permit 172.16.4.0/24
!
router eigrp 1
 distribute-list prefix PRE01 out GigabitEthernet 0/1
exit
!
end

or

  • R2
configure terminal
!
ip prefix-list PRE01 permit 172.16.3.0/24
ip prefix-list PRE01 permit 172.16.4.0/24
!
router eigrp 1
 distribute-list prefix PRE01 in GigabitEthernet 0/1
exit
!
end

deny specific route

  • R1
configure terminal
!
ip prefix-list PRE02 deny 172.16.6.0/24
ip prefix-list PRE02 deny 172.16.7.0/24
ip prefix-list PRE02 permit 0.0.0.0/0 le 32
!
router eigrp 1
 distribute-list prefix PRE02 out GigabitEthernet 0/1
exit
!
end

or

  • R2
configure terminal
!
ip prefix-list PRE02 deny 172.16.6.0/24
ip prefix-list PRE02 deny 172.16.7.0/24
ip prefix-list PRE02 permit 0.0.0.0/0 le 32
!
router eigrp 1
 distribute-list prefix PRE02 in GigabitEthernet 0/1
exit
!
end

Verification

Configuring distribute-list w/ redistribute, prefix-list f3719bd9-b722-4056-8280-6237c7805db4

  1. Using Lab ID: 9d1dbd46-d569-4c85-8b6d-753e1aeb2a4a

This lab assumes that already OSPF, EIGRP redistributed bidirectionally.

allow specific route

  • R2
configure terminal
!
ip prefix-list PRE01 permit 172.16.4.0/24
ip prefix-list PRE01 permit 172.16.5.0/24
!
router eigrp 1
 distribute-list prefix PRE01 out ospf 1
exit
!
end

deny specific route

  • R2
configure terminal
!
ip prefix-list PRE02 deny 172.16.6.0/24
ip prefix-list PRE02 deny 172.16.7.0/24
ip prefix-list PRE02 permit 0.0.0.0/0 le 32
!
router eigrp 1
 distribute-list prefix PRE02 out ospf 1
exit
!
end
  • R2
configure terminal
!
ip prefix-list PRE03 deny 172.16.4.0/22 ge 24 le 24
ip prefix-list PRE03 permit 0.0.0.0/0 le 32
!
router eigrp 1
 distribute-list prefix PRE03 out ospf 1
exit
!
end

Verification

show ip route | include ^D|^O
show ip route ospf | include ^O
show ip route eigrp | include ^D
show ip prefix-list
show running-config | section router eigrp
show running-config | section router ospf

R1 Console Log

R2 Console Log

R3 Console Log

References

tech/network/cisco/routing/distribute-list/distribute-list.txt · Last modified: 2020/07/11 14:54 by wnoguchi