Tag Archives: 3.3g

3.3.g Implement, optimize and troubleshoot filtering with any routing protocol

Route filtering works by regulating the routes that are entered into or advertised out of the route table, they have different effects on link state routing protocols than they do on distance vector protocols. A router running a distance vector protocol advertises routes based on what is in its route table. As a result, a route filter influences which routes the router advertises to its neighbors.

On the other hand, routers running link state protocols determine their routes based on information in their link state database, rather than on the advertised route entries of its neighbors. Route filters have no effect on links state advertisements or on the link state database. For this reason, the information in this document only applies to distance vector IP Routing Protocols such as Routing Information Protocol (RIP), RIP version 2, Interior Gateway Routing Protocol (IGRP), and Enhanced IGRP (EIGRP).

In order to control the advertising and processing of routes in routing updates, use the distribute-list command. There are two distribute-list commands: distribute-list in and distribute-list out. They are similar in syntax, but the options available to each and their behavior are very different.

The syntax for the distribute-list in command is: distribute-list access-list-number in [interface-name]

where access-list-number is the standard IP access-list against which the contents of the incoming routing update are matched. The [interface-name] argument is optional and specifies the interface on which the update is expected. It is important to note that the access-list referred to in access-list-number is applied to the contents of the update, not to the source or destination of the routing update packets.

The router decides whether or not to include the contents in its routing table based on the access-lists. For example:

access-list 1 permit

router rip

distribute-list 1 in

The syntax for the distribute-list out command is:

distribute-list access-list-number out [interface-name | routing process | autonomous-system-number]

where access-list-number is the standard IP access-list against which the contents of the outgoing routing updates are matched. The [interface-name] argument is optional, and specifies on which interface the update is going out. The [routing process | autonomous-system-number] arguments are used when redistribution from another routing process or autonomous system number has been specified. The list is applied to any routes imported from the specified process into the current one.

Note that checking the distribute list is only one of the many checks that are done against a distance vector route before a router includes it in the routing table or in an update. Checks are also made for desirability, policies, split horizon, and other factors.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 2723-2725).  . Kindle Edition.