[c-nsp] EIGRP Adversing Problem

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Wed Oct 27 13:28:05 EDT 2004 

> but net 10.0.0.0/16 is always advertised.
> 

strange.. just tried this in the lab (using 12.3(10)):

interface Loopback0
 ip address 11.0.1.1 255.255.255.0 secondary
 ip address 11.0.2.1 255.255.255.128 secondary
 ip address 11.0.3.1 255.255.255.255 secondary
 ip address 11.1.0.1 255.255.0.0 secondary
 ip address 11.0.0.1 255.255.0.0
!
router eigrp 1
 network 10.0.0.0
 network 11.0.0.0
 distribute-list prefix test out
 no auto-summary
!
ip prefix-list test seq 5 deny 11.0.0.0/16 le 32
ip prefix-list test seq 10 permit 0.0.0.0/0 le 32

before the prefix list is applied, the neighbor sees

     11.0.0.0/8 is variably subnetted, 5 subnets, 4 masks
D       11.0.3.1/32 [90/2297856] via 10.0.0.1, 00:00:26, Serial2
D       11.0.2.0/25 [90/2297856] via 10.0.0.1, 00:00:26, Serial2
D       11.1.0.0/16 [90/2297856] via 10.0.0.1, 00:00:26, Serial2
D       11.0.1.0/24 [90/2297856] via 10.0.0.1, 00:00:26, Serial2
D       11.0.0.0/16 [90/2297856] via 10.0.0.1, 00:00:26, Serial2

After I apply the above config list, I see

     11.0.0.0/16 is subnetted, 1 subnets
D       11.1.0.0 [90/2297856] via 10.0.0.1, 00:00:06, Serial2 

So we filter everything within 11.0.0.0/16, but let 11.1.0.0/16
through.. just what was intended..

	oli

> 
> 
> On Oct 27, 2004, at 1:51 PM, Oliver Boehmer ((oboehmer)) wrote:
> 
>> mark,
>> 
>> so you want to advertise everything *except* 10.0.0.0/16 (incl.
>> subnets of this range)? Then the following config should do what you
>> want 
>> 
>> ip prefix-list private_IP deny 10.0.0.0/16 le 32
>> ip prefix-list private_IP permit 0.0.0.0/0 le 32
>> !
>> router eigrp 1
>>  distribute-list prefix private_IP out
>> 
>> this should work..
>> 
>> 	oli
>> 
>> Mark <mailto:mac at telvia.it> wrote on Wednesday, October 27, 2004 1:42
>> PM:
>> 
>>> Thanks Oli,
>>> 
>>> But I  announce all my net and suppress 10.0.0.0/16 (and smaller in
>>> the net).
>>> Actually my prefix filter do the contrary. :-(
>>> 
>>> Where am I wrong?
>>> 
>>> Mark
>>> 
>>> 
>>> On Oct 27, 2004, at 11:43 AM, Oliver Boehmer ((oboehmer)) wrote:
>>> 
>>>> Mark <mailto:mac at telvia.it> wrote on Wednesday, October 27, 2004
>>>> 11:29 AM:
>>>> 
>>>>> I tried, without success, this config.
>>>>> 
>>>>> ip prefix-list private_IP permit 10.0.0.0/16
>>>>> router eigrp XXXX
>>>>> distribute-list prefix private_IP out
>>>>> 
>>>>> Now ALL my network are FILTERED.
>>>>> 
>>>>> Where i'm wrong???
>>>> 
>>>> what do you want to achieve exactly? announce only 10.0/16 networks
>>>> and suppress the rest? Your prefix list matches only the
>>>> 10.0.0.0/16 network, more specfics are suppressed.. In case you
>>>> want to announce the
>>>> more specifics subnets as well, use
>>>>   ip prefix-list private_IP permit 10.0.0.0/16 le 32
>>>> 
>>>> 	oli
>>>> 
>>>> 
>>>>> 
>>>>> On Oct 27, 2004, at 1:33 AM, Mark wrote:
>>>>> 
>>>>>> Oliver,
>>>>>> 
>>>>>> can you write down an example of distribute-lists out for a
>>>>>> specific network?
>>>>>> 
>>>>>> Mark
>>>>>> 
>>>>>> 
>>>>>> On Oct 26, 2004, at 7:59 PM, Oliver Boehmer ((oboehmer)) wrote:
>>>>>> 
>>>>>>> Jason Lixfeld <> wrote on Tuesday, October 26, 2004 7:38 PM:
>>>>>>> 
>>>>>>>> Use the eigrp router passive-interface command.
>>>>>>>> 
>>>>>>>> http://www.cisco.com/en/US/tech/tk365/tk207/
>>>>>>>> technologies_tech_note09186a0080093f0a.shtml
>>>>>>> 
>>>>>>> passive-interface will only prevent an EIGRP adjacency being
>>>>>>> formed over
>>>>>>> this link, the link address will still be advertised.. the only
>>>>>>> way to prevent this from happening was mentioned by Bruce
>>>>>>> earlier 
>>>>>>>> 
>>>>>>> 
>>>>>>>> Well, it depends.  You could adjust your "network" statements
>>>>>>>> in EIGRP
>>>>>>> to
>>>>>>>> not include that network or subnetwork.  Or you could use
>>>>>>> distribute-lists
>>>>>>>> to filter it out.
>>>>>>> 
>>>>>>> In halfway modern code (at least 12.2 and later, I think 12.1 as
>>>>>>> well) you can use "network <network> <wildcard>" to exactly
>>>>>>> specify the interfaces' addresses which you want to be covered
>>>>>>> by EIGRP.. works similar to the way you setup OSPF..
>>>>>>> 
>>>>>>> 	oli
>>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list