OUT to, from R5

r5.jpg

In this topology We want to filter the 192.168.100.0 network from being redistributed into the OSPF topology. We also want to filter the other 192.168.x.0 networks with an odd third octet. We could use a route-map in our redistribution statement, but that is not the method that we are going to use here.

We need to permit several routes out to the OSPF neighbors. In order to filter these networks, we will need to be very specific with our access list. If we have two deny statements, the third statement can be a permit statement to allow all other networks to pass. The networks that we need to block are 192.168.100.0, 192.168.1.0, 192.168.3.0, and 192.168.5.0. We will block the 192.168.100.0 by itself, and we will need to block the .1, .3, and .5 networks in a single line. Let’s take a look at the binary for these three, and see how we can match all three in a single line.

1 – 0 0 0 0 0 0 0 1
3 – 0 0 0 0 0 0 1 1
5 – 0 0 0 0 0 1 0 1

The only bits that are different are the sixth and seventh bits. If we set these as don’t care bits, our mask will be:
0 0 0 0 0 1 1 0

This converts to 6 in decimal. Our second access list statement will deny 192.168.1.0 with a mask of 0.0.6.0

R5#conf ter
Enter configuration commands, one per line.  End with CNTL/Z.
R5(config)#access-list 89 deny 192.168.100.0
R5(config)#access-list 89 deny 192.168.1.0 0.0.6.0
R5(config)#access-list 89 permit any
R5(config)#router ospf 1
R5(config-router)#distribute-list 89 out eigrp 55
R5(config-router)#red eigrp 55 sub
R5(config-router)#

Ordinarily, you would not use an outbound distribute list with OSPF, because all routers in the area need to have the same link-state information. Since R5 is a redistributing router, it will affect which routes are redistributed from EIGRP into OSPF.

R1#show ip route 192.168.2.0
Routing entry for 192.168.2.0/24
Known via "ospf 1", distance 110, metric 20, type extern 2, forward metric 64
Last update from 143.2.153.5 on Serial0/0/0.1, 00:00:29 ago
Routing Descriptor Blocks:
* 143.2.153.5, from 100.5.5.5, 00:00:29 ago, via Serial0/0/0.1
Route metric is 20, traffic share count is 1

R1#show ip route 192.168.1.0
% Network not in table

A Networker Blog

Advertisements

One thought on “OUT to, from R5

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s