[c-nsp] Filtering incoming advertisements in RIP
Afsheen Bigdeli
afsheenb at gravityplaysfavorites.net
Tue Jan 23 18:05:41 EST 2007
How about setting "passive-interface default" in the router config, and
then "no passive-interface interface-name"? That way you can explicitly
define the interfaces that listen/respond to RIPv2 packets.
--afsheenb
Bernhard Schmidt wrote:
> Hi everyone,
>
> we are running a campus network with several 6500 Sup720-A boxes on
> 12.2(18)SXF7 mostly. We have a few connected entities (student dorms
> with laser links mostly) which have a backup connection through a tunnel
> (over DSL) to us.
>
> Due to the hardware being available on the student dorm side (mostly old
> hardware routers) RIPv2 was the choice of dynamic routing protocol to be
> used on the primary link. The switchover to the backup path is then done
> with static routes with a lower admin distance.
>
> Unfortunately, in this case we have a severe problem filtering incoming
> RIP advertisements. The network statements in the router rip context are
> classful (ewww), so when I want to enable RIP on the /30 transfer
> network within 10/8, I have 30 other interfaces also within 10/8
> suddenly speaking RIP. Great.
>
> So my next try was the obvious one
>
> | router rip
> | distribute-list prefix DORM in Vlan916
> | distribute-list prefix DENY-ALL in
>
> again, this obvious solution failed as the latter command seems to
> override the first one. At least, as soon as I add the second line,
> incoming RIP updates are ignored.
>
> Any other ideas? There are no usable RIP specific commands on the
> interface level, and I obviously don't want to list all interfaces on
> that router with a distribute-list line each.
>
> Regards,
> Bernhard
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list