EIGRP 拡張ACLを使ったルートフィルタリング

NOTE

  • 拡張ACL を使うと、Source にネイバー、Destination に経路を指定することで特定のネイバーから受信することができる

 

VERIFICATION

R1#sh ip ro ei | b Gate
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks
D        10.0.0.7/32 [90/1024640] via 10.1.7.7, 00:00:24, Ethernet1/0.17
D        10.0.0.9/32 [90/1024640] via 10.1.9.9, 00:00:24, Ethernet1/0.19
D        10.7.9.0/24 [90/1536000] via 10.1.9.9, 00:00:24, Ethernet1/0.19
                     [90/1536000] via 10.1.7.7, 00:00:24, Ethernet1/0.17
R1#

R1#conf t
R1(config)#access-list 100 permit ip host 10.1.9.9 host 10.7.9.0
R1(config)#router ei CCIE
R1(config-router)#add ipv4 uni auto 65000
R1(config-router-af)#topology base
R1(config-router-af-topology)#distribute-list 100 in
R1(config-router-af-topology)#end
R1#

R1#sh ip ro ei | b Gate
Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 10 subnets, 2 masks
D        10.7.9.0/24 [90/1536000] via 10.1.9.9, 00:00:22, Ethernet1/0.19
R1#

 

DIAGRAM & CONFIGURATION

!!! R1
router eigrp CCIE
 address-family ipv4 unicast autonomous-system 65000
  eigrp router-id 10.0.0.1
   net 10.1.7.1 0.0.0.0
   net 10.1.9.1 0.0.0.0
   net 10.0.0.1 0.0.0.0

!!! R7
router eigrp CCIE
 address-family ipv4 unicast autonomous-system 65000
  eigrp router-id 10.0.0.7
   net  10.1.7.7 0.0.0.0
   net  10.7.9.7 0.0.0.0
   net  10.0.0.7 0.0.0.0

!!! R9
router eigrp CCIE
 address-family ipv4 unicast autonomous-system 65000
  eigrp router-id 10.0.0.9
   net 10.1.9.9 0.0.0.0
   net 10.7.9.9 0.0.0.0
   net 10.0.0.9 0.0.0.0

 

 

コメント