Hi Steve, Assuming the config is:
access-list 1 permit 1.0.0.0 0.255.255.255 Router rip Redistribute ospf 100 metric 4 Distribute-list 1 out ospf 1 It's incorrect to say that the distribute list command does nothing at this point. The redistribute command adds the ospf routes to the rip process. Then the distribute list command filters outbound rip updates according to access list 1 but is only applied to routes that came in from ospf via the redistribute command. You might need to clear the routing tables on connected routers to see the filtered routes have been removed. Redistributing RIP under the OSPF process has nothing to do with a distribute list under the RIP process. At least this is my understanding. Cheers, Ben. From: "Di Bias, Steve" <[email protected]<mailto:[email protected]>> Date: Mon, 17 Oct 2011 04:19:45 +1100 To: "Matlock, Kenneth L" <[email protected]<mailto:[email protected]>>, "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [OSL | CCIE_RS] convoluted logic Hi Ken - I understand how this works my question is why to logic is backwards with the distribute-list out <protocol> command? So basically the distribute-list syntax is just a little confusing since the in and out parameters are basically the reverse of what you would expect them to be. The distribute-list out command filters updates going out of the interface or routing protocol specified in the command, into the routing process under which it is configured. In other words when I do the following: Router rip Redistribute ospf 100 metric 4 Distribute-list 1 out ospf The command does absolutely nothing until I go over to OSPF and redistribute RIP Router ospf 100 Redistribute rip subnets So the command under RIP checks the routes coming back into RIP from OSPF and filters them based on this outbound distribute-list. Make sense? Here is from Cisco on this Using distribute-list out: The syntax for the distribute-list out command is: distribute-list access-list-number out [interface-name|routing process|autonomous-system-number] where access-list-number is the standard IP access-list against which the contents of the outgoing routing updates are matched. The [interface-name] argument is optional, and specifies on which interface the update is going out. The [routing process|autonomous-system-number] arguments are used when redistribution from another routing process or autonomous system number has been specified. The list is applied to any routes imported from the specified process into the current one. For example: access-list 1 permit 1.0.0.0 0.255.255.255 router rip default-metric 1 redistribute igrp 20 distribute-list 1 out igrp 20 Here, routes from igrp 20 are being redistributed into RIP. Any outbound routing update that was originally sourced from igrp 20is checked against access-list 1. Only routes that match a 1.xxx.xxx.xxx format are sent. -----Original Message----- From: Matlock, Kenneth L [mailto:[email protected]] Sent: Sunday, October 16, 2011 9:38 AM To: Di Bias, Steve; [email protected]<mailto:[email protected]> Subject: RE: [OSL | CCIE_RS] convoluted logic Think of it this way. Each routing protocol is basically seperate from each other. When you put distribute-lists in, you're telling *that protocol only* what to announce or accept, for that protocol only. So by putting the distribute-list under the 'router rip' process, you're telling RIP to take any OSPF 1 routes, and send them out in RIP. But that will not affect anything in the OSPF process itself. If you want to announce RIP routes into OSPF, you need to add distribute-lists into the 'router ospf 1' process. Make sense? Ken ________________________________ From: [email protected]<mailto:[email protected]> on behalf of Di Bias, Steve Sent: Sun 10/16/2011 12:03 AM To: [email protected]<mailto:[email protected]> Subject: [OSL | CCIE_RS] convoluted logic Hey Experts! It's really not that difficult but I'm trying to understand Cisco's convoluted logic with the following commands/scenario. Let's say we are doing mutual redistribution between OSPF and RIP on R1 (and possibly some other redistribution point as well) - For the sake of sanity we'll just look at the commands on R1. The main focus here is the "distribute-list RIP-ROUTES out ospf 1" which causes some confusion for me. router rip redistribute ospf 1 metric 3 distribute-list RIP-ROUTES out ospf 1 ip access-list standard RIP-ROUTES deny 10.10.10 0.0.0.255 deny 10.10,11.0 0.0.0.255 permit any >From the looks of it this command would prevent the 10 dot networks from being >advertised over to OSPF, however the opposite seems to be true. In other words >this command seems to control what RIP receives in from OSPF. This to me is convoluted and kind of gives me a headache. Can someone shed some light as to why it's this way and why I would use it? Thanks! UHS Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient (s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of this information is prohibited. If this was sent to you in error, please notify the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com *** Exempla Confidentiality Notice *** The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any other dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify me immediately by replying to the message and deleting it from your computer. Thank you. *** Exempla Confidentiality Notice *** UHS Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient (s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of this information is prohibited. If this was sent to you in error, please notify the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
