|  | 
| Figure 1 | 
Routing Table Before Any Filtering:
R4#show ip routeed static route
Gateway of last resort is not set
R 200.200.200.0/24 [120/1] via 192.168.100.2, 00:00:07, FastEthernet0/0
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R 100.100.100.0/24 [120/1] via 192.168.100.2, 00:00:07, FastEthernet0/0
R 100.0.0.0/8 is possibly down,
routing via 192.168.100.2, FastEthernet0/0
C 192.168.100.0/24 is directly connected, FastEthernet0/0
Offset List: Lets mark 100.100.100.0/24 invalid by setting an offset of 15. We could of configured 16 as well. I went with 15 since we are already adding 1 hop count by default so it gives us 16.
- Create an ACL to identify which routes should be filtered.
- access-list 1 permit 100.100.100.0 0.0.0.255
- Configure the offset-list under the rip process
- router rip
- offset-list 1 in 15
R4#debug ip rip
RIP protocol debugging is on
R4#
*Mar 1 00:37:36.811: RIP: received v2 update from 192.168.100.2 on FastEthernet0/0
*Mar 1 00:37:36.815: 100.100.100.0/24 via 0.0.0.0 in 16 hops (inaccessible)
*Mar 1 00:37:36.815: 200.200.200.0/24 via 0.0.0.0 in 1 hops
*Mar 1 00:37:37.659: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (192.168.100.1)
*Mar 1 00:37:37.659: RIP: build update entries - suppressing null update
Passive Interface: Lets enable passive interface default on R4 F0/0.
- Configure passive-interface default under the rip process
- router rip
- passive-interface default
*Mar 1 00:47:45.955: RIP: received v2 update from 192.168.100.2 on FastEthernet0/0
*Mar 1 00:47:45.955: 100.100.100.0/24 via 0.0.0.0 in 16 hops (inaccessible)
*Mar 1 00:47:45.959: 200.200.200.0/24 via 0.0.0.0 in 1 hops
Administrative Distance: Lets increase the Administrative distance for subnet 100.100.100.0/24
- Create an ACL to identify which routes should be filtered.
- access-list 1 permit 100.100.100.0 0.0.0.255
- Configure the distance value under the rip process
- router rip
- distance 200 192.168.100.2 0.0.0.0 1 (The way to read this is apply admin distance 200 for any routes in access-list 1 coming from 192.168.100.2).
R 200.200.200.0/24 [120/1] via 192.168.100.2, 00:00:17, FastEthernet0/0
100.0.0.0/24 is subnetted, 1 subnets
R 100.100.100.0 [200/1] via 192.168.100.2, 00:00:17, FastEthernet0/0
C 192.168.100.0/24 is directly connected, FastEthernet0/0
R4#
distribute-list: Lets filter 100.100.100.0/24 from the routing table.
- Create a prefix-list to identify which routes we want to only allow in.
- ip prefix-list filter_rip permit 200.200.200.0/24
- Configure the distribute-list under the rip process
- router rip
- distribute-list prefix filter_rip in
that we are filtering routes inbound via show ip protocols.
Gateway of last resort is not set
R 200.200.200.0/24 [120/1] via 192.168.100.2, 00:00:06, FastEthernet0/0
C 192.168.100.0/24 is directly connected, FastEthernet0/0
R4#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is (prefix-list) filter_rip
Sending updates every 30 seconds, next due in 13 seconds
 
Hey Joel, very interesting posts!
ReplyDeleteI was wondering, what do you use for setting up all these labs/tests, do you have physical setup or virtual, if so what?
If you can email me joshua AAAAT railgun.com.au that'd be great!!