R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router rip
R4(config-router)#network 172.16.10.0
R4(config-router)#network 172.16.20.0
R4(config-router)#network 172.16.30.0
R4(config-router)#network 172.16.40.0
R4(config-router)#network 172.16.50.0
RIPv2 will summarize contiguous networks to their classful boundaries although no auto-summary is configured.
the result:
R4#show running-config | s rip
router rip
version 2
network 10.0.0.0
network 172.16.0.0
no auto-summary
Also the RIP database shows the following:
R4#show ip rip database
10.0.0.0/8 auto-summary
10.0.15.0/24
[1] via 10.0.45.5, 00:00:20, FastEthernet1/0
10.0.24.0/24 directly connected, FastEthernet0/0
10.0.34.0/24 directly connected, FastEthernet0/1
10.0.45.0/24 directly connected, FastEthernet1/0
10.0.123.0/24
[1] via 10.0.34.3, 00:00:13, FastEthernet0/1
[1] via 10.0.24.2, 00:00:06, FastEthernet0/0
172.16.0.0/16 auto-summary
172.16.10.0/24 directly connected, Loopback1
172.16.20.0/24 directly connected, Loopback2
172.16.30.0/24 directly connected, Loopback3
172.16.40.0/24 directly connected, Loopback4
172.16.50.0/24 directly connected, Loopback5
192.168.10.0/24 auto-summary
192.168.10.0/24
[2] via 10.0.45.5, 00:00:20, FastEthernet1/0
[2] via 10.0.34.3, 00:00:13, FastEthernet0/1
[2] via 10.0.24.2, 00:00:06, FastEthernet0/0
192.168.20.0/24 auto-summary
192.168.20.0/24
[2] via 10.0.45.5, 00:00:20, FastEthernet1/0
<Output omitted>
So now we will use distribute-list in order to decide what and to whom we will advertise networks, for example:
R4(config)#ip access-list standard 10
R4(config)#permit 172.16.10.0 0.0.0.255
R4(config)#permit 172.16.20.0 0.0.0.255
then add a distribute-list on router configuration, outbound interface toward R5 (Fa1/0):
router rip
version 2
network 10.0.0.0
network 172.16.0.0
distribute-list 10 out FastEthernet1/0
no auto-summary
version 2
network 10.0.0.0
network 172.16.0.0
distribute-list 10 out FastEthernet1/0
no auto-summary
the result:
R5#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
R 172.16.20.0 [120/1] via 10.0.45.4, 00:00:00, FastEthernet0/0
R 172.16.10.0 [120/1] via 10.0.45.4, 00:00:00, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.45.0 is directly connected, FastEthernet0/0
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
R 172.16.20.0 [120/1] via 10.0.45.4, 00:00:00, FastEthernet0/0
R 172.16.10.0 [120/1] via 10.0.45.4, 00:00:00, FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.45.0 is directly connected, FastEthernet0/0
R5 will have only 172.16.10.0/24 and 172.16.20.0/24 from R4.
Now with extended ACL the things are little bit different, first RIP will accept only numeric extended ACL's and the treatment to extended ACL is as follow:
1. The first host/network is reference as the next-hop
2. The second host/network is referene as the advertised network
For example:
R1#show ip access-lists 111
Extended IP access list 111
10 permit ip host 10.0.123.2 172.16.10.0 0.0.0.255
20 permit ip host 10.0.123.2 172.16.20.0 0.0.0.255
30 permit ip host 10.0.123.3 172.16.30.0 0.0.0.255
40 permit ip host 10.0.123.3 172.16.40.0 0.0.0.255
50 permit ip any 172.16.50.0 0.0.0.255
this ACL instruct to receive 172.16.10.0/24 and 172.16.20.0/24 only if the next-hop is 10.0.123.2 and 172.16.30.0/24 and 172.16.40.0/24 only if the next-hop is 10.0.123.3.
Network 172.16.50.0/24 will be accepted from any source and all other RIP updates will deny.
Configuring this extended ACL as R1 inbound filter:
R1#show running-config | s rip
router rip
version 2
network 10.0.0.0
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
network 192.168.50.0
distribute-list 111 in
no auto-summary
the result:
R1#show ip route rip
172.16.0.0/24 is subnetted, 5 subnets
R 172.16.50.0 [120/7] via 10.0.123.3, 00:00:25, FastEthernet0/0
[120/7] via 10.0.123.2, 00:00:22, FastEthernet0/0
[120/7] via 10.0.15.5, 00:00:17, FastEthernet0/1
R 172.16.40.0 [120/7] via 10.0.123.3, 00:00:25, FastEthernet0/0
R 172.16.30.0 [120/7] via 10.0.123.3, 00:00:25, FastEthernet0/0
R 172.16.20.0 [120/7] via 10.0.123.2, 00:00:22, FastEthernet0/0
R 172.16.10.0 [120/7] via 10.0.123.2, 00:00:22, FastEthernet0/0
172.16.0.0/24 is subnetted, 5 subnets
R 172.16.50.0 [120/7] via 10.0.123.3, 00:00:25, FastEthernet0/0
[120/7] via 10.0.123.2, 00:00:22, FastEthernet0/0
[120/7] via 10.0.15.5, 00:00:17, FastEthernet0/1
R 172.16.40.0 [120/7] via 10.0.123.3, 00:00:25, FastEthernet0/0
R 172.16.30.0 [120/7] via 10.0.123.3, 00:00:25, FastEthernet0/0
R 172.16.20.0 [120/7] via 10.0.123.2, 00:00:22, FastEthernet0/0
R 172.16.10.0 [120/7] via 10.0.123.2, 00:00:22, FastEthernet0/0
Note that network 172.16.50.0/24 is seen from both R2, R3 and R5, now let's say we want to prefer R5 as the next-hop to this network. For this case we will use offset-list.
First configure standard ACL for identify the network:
R1#show ip access-lists 50
Standard IP access list 50
10 permit 172.16.50.0, wildcard bits 0.0.0.255
Then configure the offset-list in RIP:
R1(config)#do sh run | s rip
router rip
version 2
offset-list 50 in 5 FastEthernet0/0
network 10.0.0.0
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
network 192.168.50.0
distribute-list 111 in
no auto-summary
I have configured offset-list 50, which refer to ACL 50, with offset of 5 - hence add 5 to the metric received from interface FastEthernet 0/0 for network 172.16.50.0/24
the result:
R1#show ip route rip
172.16.0.0/24 is subnetted, 5 subnets
R 172.16.50.0 [120/2] via 10.0.15.5, 00:00:08, FastEthernet0/1
R 172.16.40.0 [120/2] via 10.0.123.3, 00:00:12, FastEthernet0/0
R 172.16.30.0 [120/2] via 10.0.123.3, 00:00:12, FastEthernet0/0
R 172.16.20.0 [120/2] via 10.0.123.2, 00:00:14, FastEthernet0/0
R 172.16.10.0 [120/2] via 10.0.123.2, 00:00:14, FastEthernet0/0
We can also use the offset-list to add hop metric for advertised networks as well.
Another method for controlling RIP in/out routes is using the administrative-distance, note that i have removed the offset-list from the previous example:
R1(config-router)#distance 90 10.0.15.5 0.0.0.0 50
this will change the administrative distance for network 172.16.50.0/24, which defined by ACL 50, and received by source host 10.0.15.5 which is R5
the result:
R1#sh ip route rip
172.16.0.0/24 is subnetted, 5 subnets
R 172.16.50.0 [90/2] via 10.0.15.5, 00:00:02, FastEthernet0/1
R 172.16.40.0 [120/2] via 10.0.123.3, 00:00:01, FastEthernet0/0
R 172.16.30.0 [120/2] via 10.0.123.3, 00:00:01, FastEthernet0/0
R 172.16.20.0 [120/2] via 10.0.123.2, 00:00:01, FastEthernet0/0
R 172.16.10.0 [120/2] via 10.0.123.2, 00:00:01, FastEthernet0/0
RIPv2 is simple and easy to configure dynamic routing protocol which can be used even today in small networks or when there is demand to support customer's CPE like D-Link, Linksys etc.
No comments:
Post a Comment