Monday, 26 October 2015

RIPv2 filtering with Passive interface

RIP filtering with Passive interface 



We can consider passive-interface an indirect form of filtering.

R1#sh run | s rou
router rip
 version 2
 offset-list 10 in 5 Serial0/0
 network 1.0.0.0
 network 12.0.0.0
 no auto-summary
R1#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#router rip
R1(config-router)#pass
R1(config-router)#passive-interface s0/0 -===condition 1

in this router we have

R1(config-router)#do sh ip int brief
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            unassigned      YES NVRAM  administratively down down
Serial0/0                  12.1.1.1        YES NVRAM  up                    up
FastEthernet0/1            unassigned      YES NVRAM  administratively down down
Serial0/1                  unassigned      YES NVRAM  administratively down down
Loopback0                  1.1.0.1         YES NVRAM  up                    up
Loopback1                  1.1.1.1         YES NVRAM  up                    up
Loopback2                  1.1.2.1         YES NVRAM  up                    up
Loopback3                  1.1.3.1         YES NVRAM  up                    up

before condition 1


R2#sh ip route 1.0.0.0
Routing entry for 1.0.0.0/24, 4 known subnets
  Redistributing via rip

R       1.1.0.0 [120/1] via 12.1.1.1, 00:02:46, Serial0/0
R       1.1.1.0 [120/1] via 12.1.1.1, 00:02:46, Serial0/0
R       1.1.2.0 [120/1] via 12.1.1.1, 00:02:46, Serial0/0
R       1.1.3.0 [120/1] via 12.1.1.1, 00:02:46, Serial0/0

after condition 1 applied i a few minutes



R2#sh ip route 1.0.0.0
% Network not in table
R2#

if we run debup ip rip we will see  that s0/0 is rx routes but not sending over the interface

after so time we will not see any route from R1 or any other interface behind it .

if we applied in R2

R1# sh ip route 2.0.0.0
Routing entry for 2.0.0.0/24, 4 known subnets
  Redistributing via rip

R       2.2.4.0/24 is possibly down,
          routing via 12.1.1.2, Serial0/0
R       2.2.5.0/24 is possibly down,
          routing via 12.1.1.2, Serial0/0
R       2.2.6.0/24 is possibly down,
          routing via 12.1.1.2, Serial0/0
R       2.2.7.0/24 is possibly down,
          routing via 12.1.1.2, Serial0/0
R1# sh ip route 2.0.0.0