Soloman,
Thanks for responded to my post.
Everything else understandable. However, I kinda remember that I have issue
with "access list can not filter traffic originating from the router"
So I guest we can create a route-map match acl and interface -> then drop that
traffic.
Apply this service policy-map to global on the router.
What do you think of this?
Thanks,
Nhan
Date: Wed, 19 Aug 2009 07:45:38 -0700
From: [email protected]
Subject: Re: [OSL | CCIE_RS] Help with OSPF
To: [email protected]; [email protected]
Hi,
I have the following comments.
Scenario 1
interface fa0/1 will not send and receive ospf and 10.10.20.0 network will not
be advertised by ospf.
Scenario 2
nterface fa0/1 will not send ospf and adjacency can not be formed with this
interface. But note that 10.10.20.0 will be advertised.
Scenario 3
two points here
- in standard access list protocol can not be specified
- access list can not filter traffic originating from the router
Rs
Solomon
From: Nhan Duong <[email protected]>
To: [email protected]
Sent: Tuesday, August 18, 2009 4:06:25 PM
Subject: [OSL | CCIE_RS] Help with OSPF
Please help to verify these scenarios
=======Scenario 1==============
-----------R1---------------------
int f0/0
ip address 10.10.10.1 255.255.255.0
int f0/1
ip address 10.10.20.1 255.255.255.0
router ospf 1
no auto
network 10.10.10.0 0.0.0.255
-----------------------------------
"network" is controlling which interface to join ospf. Which mean int f0/1
wills not send or receive any ospf?
=======Scenario 2 ===============
-----------R1---------------------
int f0/0
ip address 10.10.10.1 255.255.255.0
int f0/1
ip address 10.10.20.1 255.255.255.0
router ospf 1
no auto
network 10.10.0.0 0.0.255.255
passive int f0/1
-----------------------------------
"network" will allow 10.10/16 to join ospf, however "passive int f0/1" wills
stop the int f0/1 to send ospf.
======== Scenario 3 ============
-----------R1---------------------
int f0/0
ip address 10.10.10.1 255.255.255.0
int f0/1
ip address 10.10.20.1 255.255.255.0
access-group 1 out
access-list 1 deny ip 224..0.0.5 any
access-list 1 deny ip 224.0.0.6 any
access-list 1 deny ip any 224.0.0.5
access-list 1 deny ip any 224.0.0.6
access-list 1 permit ip any
router ospf 1
no auto
network 10.10.0.0 0.0.255.255
-----------------------------------
"network" will allow 10.10/16 to join ospf, however "access-list 1" wills stop
the int f0/1 to send or receive ospf.
======== Scenario 4 =============
-----------R1---------------------
int f0/0
ip address 10.10.10.1 255.255.255.0
int f0/1
ip address 10.10.20.1 255.255.255.0
access-group 1 out
access-list 1 deny ospf any any
access-list 1 permit ip any
router ospf 1
no auto
network 10.10.10.0 0.0.255.255
-----------------------------------
"network" will allow 10.10/16 to join ospf, however "access-list 1" deny ospf
protocol..
Hotmail® is up to 70% faster. Now good news travels really fast. Try it now.
_________________________________________________________________
Windows Live: Make it easier for your friends to see what you’re up to on
Facebook.
http://windowslive.com/Campaign/SocialNetworking?ocid=PID23285::T:WLMTAGL:ON:WL:en-US:SI_SB_facebook:082009
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
