Job Search, Job Listing, Opportunity
Work at home job, job vacancy
find a job, vacancy list, cari lowongan
Butuh, Segera, secretary, director
« BAD Santa,
Need advice for next CCIE track.. »

rip networks filtering

December 19, 2007 @ 7:09 pm · Filed under CCIE Study


Lora,

Scott is making a reasonable request. Many CCIE candidates fail because they read the task but they don’t fully understand it.
In the candidate’s head, the candidate thinks the task is asking to perform ‘x’ while if you read closely, the task is asking to perform ‘y’.

If you were to post the task (verbatim) as Scott requested, we can come up with a solution. Is this from one of the workbooks?

I haven’t had the time to lab it but based on other replies (including mine) you can’t do what’s asked with 2 ACLs.
It seems you either interpreted the task incorrectly or something else is missing

Edison Ortiz
Routing and Switching, CCIE # 17943
_____
From: Lora Ganeva [mailto:lganeva@mobiltel.bg] Sent: Wednesday, December 19, 2007 4:16 PM To: Scott Vermillion; Edison Ortiz; shiran guez Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

Hi Scott,

When i meant i was thinking about R1. I don’t think that the goal of this task is to write down some tricky ACL. That is actually the reason why i have asked for help - i thought there was some more clever solution than simple arithmetics. I was thinking of either enabling RIP auto-summary or with the no ip subnet zero command…and of course, putting some distribution list. Unfortunately neither of the two solutions led to result - routes always appeared in the routing table…

Rgrds,
Lora

_____
From: Scott Vermillion [mailto:scott_ccie_list@it-ag.com] Sent: Wed 12/19/2007 7:41 PM To: Lora Ganeva; ‘Edison Ortiz’; ’shiran guez’ Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering
Perhaps you should quote the task word-for-word, as we seem to be having difficulty tracking what you are trying to accomplish. I could have swore that you said that the configuration was to be done on R1, which I would think would qualify as “our device,” but now I’m just totally confused. As for your statement regarding route updates, naturally ‘no ip subnet-zero’ doesn’t impact those *directly*. But sometimes you have to think about what the task is really trying to get you to accomplish and then think creatively to try to get to that place. If the task is about what ends up in the route table, then your solution doesn’t necessarily have to deal directly with route updates. Looking at this strictly from a binary perspective, I’m not sure how you can accomplish the task with a two-line ACL. That’s why it might be helpful for you to quote the task directly…
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Lora Ganeva Sent: Wednesday, December 19, 2007 9:10 AM To: Edison Ortiz; shiran guez Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering
Hi,

Subnet zero work only when configuring our device. It does not change the route updatesL

From: Edison Ortiz [mailto:edisonmortiz@gmail.com] Sent: 19 ‘%’V'\’V'^’S'b’Z 2007 ‘T. 17:59 To: Lora Ganeva; ’shiran guez’ Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

Yes, makes sense now. Always nice to lab-up this XOR ACLs J

From the top of my head, I don!/t see how can we make this in 2 lines unless there is something in the requirement that we are missing.

As other suggested, ip subnet-zero may just do it along with

199.16.0.0 0.0.7.255
199.16.8.0 0.0.0.255

Edison Ortiz
Routing and Switching, CCIE # 17943
________________________________
From: Lora Ganeva [mailto:lganeva@mobiltel.bg] Sent: Wednesday, December 19, 2007 10:39 AM To: Edison Ortiz; shiran guez Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

Hi,

See below:

199.16.1.0 —-199.16.00000001.0
Wildcard:

0.0.6.255 –($0.0.00000110.0 (0 (Cexact match, 1 (C don!/ care)!-so, with this wildcard mask you say that the last bit should be always zero..(no even subnets)

BR,
Lora

From: Edison Ortiz [mailto:edisonmortiz@gmail.com] Sent: 19 ‘%’V'\’V'^’S'b’Z 2007 ‘T. 17:34 To: Lora Ganeva; ’shiran guez’ Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

I!/m on the road. I!/ll try it when I get some time and equipment to test on.
If someone else has any suggestion in the meantime, feel free to contribute.

Edison Ortiz
Routing and Switching, CCIE # 17943
________________________________
From: Lora Ganeva [mailto:lganeva@mobiltel.bg] Sent: Wednesday, December 19, 2007 10:12 AM To: Edison Ortiz; shiran guez Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

Hi, Just try it.

And you!/ll seeL

From: Edison Ortiz [mailto:edisonmortiz@gmail.com] Sent: 19 ‘%’V'\’V'^’S'b’Z 2007 ‘T. 17:11 To: Lora Ganeva; ’shiran guez’ Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

No, that filters network 199.16.1.0-199.16.7.255 on the first ACL and 199.16.8.0-.255 on the second ACL (C not just even networks.

Unless I misunderstood the requirement, that should cover it.

Edison Ortiz
Routing and Switching, CCIE # 17943
________________________________
From: Lora Ganeva [mailto:lganeva@mobiltel.bg] Sent: Wednesday, December 19, 2007 9:53 AM To: Edison Ortiz; shiran guez Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

This filters all even networksL

From: Edison Ortiz [mailto:edisonmortiz@gmail.com] Sent: 19 ‘%’V'\’V'^’S'b’Z 2007 ‘T. 16:43 To: Lora Ganeva; ’shiran guez’ Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

199.16.1.0 0.0.6.255
199.16.8.0 0.0.0.255

Edison Ortiz
Routing and Switching, CCIE # 17943
—–Original Message—– From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Lora Ganeva Sent: Wednesday, December 19, 2007 8:44 AM To: shiran guez Cc: ccielab@groupstudy.com Subject: RE: rip networks filtering

Hi all,

But 199.16.1.0 0.0.7.255??? this is actually 199.16.0.0 0.0.7.255 and the zero
subnet has to be filtered.

BR,

Lora

From: shiran guez [mailto:shiranp3@gmail.com]
Sent: 19 dEKEMWRI 2007 G. 15:15
To: Lora Ganeva
Cc: ccielab@groupstudy.com
Subject: Re: rip networks filtering

my mistake didnt saw the range sign

Subodh given you the correct answer!

On Dec 19, 2007 2:11 PM, Lora Ganeva wrote:

Hi experts,

I am experiencing some problems with the following task:

Two routers , let’s say R1 and R2 are connected (media is not important,
let’s say it is Ethernet)

R1 Eth1/0—————150.1.1.0/24————- Eth1/0 R2

R1:

Eth1/0

Ip add 150.1.1.1 255.255.255.0

R2:

Eth1/0

Ip add 150.1.1.2 255.255.255.0

Routers are running rip and R2 is advertising the following networks to
R1

199.16.0.0/24

199.16.1.0/24

199.16.2.0/24

199.16.3.0/24

199.16.4.0/24

199.16.5.0/24

199.16.6.0/24

199.16.7.0/24

199.16.8.0/24

199.16.10.0/24

199.16.11.0/24

199.16.12.0/24

199.16.13.0/24

199.16.14.0/24

199.16.15.0/24

The task requires by configuring only R1 (not interface level command)
to allow with an ACL with only 2 lines the following subnets:

199.16.1.0/24 - 199.16.8.0/24

I have though a lot of any kind of ACLs but i still haven’t come to a
good solution.

Any help will be appreciated,

Thanks,

Lora

Bookmark this post:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • blinkbits
  • BlinkList
  • blogmarks
  • co.mments
  • connotea
  • del.icio.us
  • De.lirio.us
  • digg
  • Fark
  • feedmelinks
  • Furl
  • LinkaGoGo
  • Ma.gnolia
  • NewsVine
  • Netvouz
  • RawSugar
  • Reddit
  • scuttle
  • Shadows
  • Simpy
  • Smarking
  • Spurl
  • TailRank
  • Wists
  • YahooMyWeb
keywords found: ganeva actually would unless change clever routes 

Leave a Comment

Related Post