.jpg "Opportunities, Appliacation, Openings"){kind=small}
.jpg "pusat resume, daftar kerja, cari kerja"){kind=small}
.jpg "Project Manager, SOftware Engineer, SAP Consultant"){kind=small}
Problem in restrcting a Device to Intercept EIGRP updates
Think about NAT as one possible solution to solve this type of problems:
+++++++++++++++++++++++++ R9# 00:36:32: IP: s=9.9.9.9 (local), d=224.0.0.10 (FastEthernet0/0), len 60, sending broad/multicast, proto=88 00:36:32: NAT: s=9.9.9.9, d=224.0.0.10->9.9.9.10 [0] R9# 00:36:37: IP: s=9.9.9.9 (local), d=224.0.0.10 (FastEthernet0/0), len 60, sending broad/multicast, proto=88 00:36:37: NAT: s=9.9.9.9, d=224.0.0.10->9.9.9.10 [0] R9# 00:36:41: IP: s=9.9.9.9 (local), d=224.0.0.10 (FastEthernet0/0), len 60, sending broad/multicast, proto=88 00:36:41: NAT: s=9.9.9.9, d=224.0.0.10->9.9.9.10 [0] R9# +++++++++++++++++++++++++
I’m not posting the NAT config because it’s a very interesting challenge 
Regards,
Antonio Soares CCIE #18473 (R&S),CCNP,CCIP,JNCIA-ER,JNCIS-ER http://pwp.netcabo.pt/amsoares/
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of steveaggie@gmail.com Sent: quinta-feira, 7 de Fevereiro de 2008 21:15 To: ‘Anshuk Kesarwani’; ccielab@groupstudy.com Subject: RE: Problem in restrcting a Device to Intercept EIGRP updates
I am in the process of doing this lab now. I haven’t looked at the solution guide, but my solution was to use EIGRP authentication. I can’t make the packets unicast without the neighbor command. I think in another lab they asked for the same thing, and by “receive” they meant “interpret.” So I’m going to hope that’s the answer.
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Anshuk Kesarwani Sent: Tuesday, February 05, 2008 3:56 AM To: ccielab@groupstudy.com Subject: Problem in restrcting a Device to Intercept EIGRP updates
Hi ,
I come across a scenario in which i was needed to restict Interceepting of EIGRP updates by backbone router without using neighbor command.
Scenario is Backbone is connected on Ethernet with many routers in EIGRP domain. and we want to restrict only Backbone from interceting the EIGRP packets
I mean I have few solutions in mind please comment whthere they are corect or not
1) I can use authentication on all the routers this will stop Backbone frm getting the EIGRP updates. But Backbone is getting the EIGRP updates in this case. The only fact is that is in Encrypted format. Which i think may b a wrong solution as Backbone is recieving the Updates though it is not able to install routes.
2) I thought of putting vlan access-map and dropping EIGRP packets to IP of backbone in the vlan in which all the routers are. Then there is problem that the EIGRP updates are sent to Multicast address not as Unicast. Again I am confused as nw this will also nt solve the purpose.
3) I can think of just putting an extended *access list deny eigrp any any*and putting to the port where the Backbone is connected.
I may sound a bit confused to a few of you.
Please pour in your valuable comments .
Regards
Anshuk Kesarwani
