Scribd
Upload
264 views3 pages

Route Manipulation

This document discusses three tools for route manipulation in networking: distribute lists, prefix lists, and route maps. Distribute lists and prefix lists can be used to filter routes based on access lists or prefix lists. Route maps provide more flexibility and allow matching routes based on criteria before setting actions like changing the next hop. They support AND/OR logic and can match IP addresses, interfaces, and other attributes.

Uploaded by

Amit kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
264 views3 pages

Route Manipulation

This document discusses three tools for route manipulation in networking: distribute lists, prefix lists, and route maps. Distribute lists and prefix lists can be used to filter routes based on access lists or prefix lists. Route maps provide more flexibility and allow matching routes based on criteria before setting actions like changing the next hop. They support AND/OR logic and can match IP addresses, interfaces, and other attributes.

Uploaded by

Amit kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

Three tools for Route Manipulation:-

1. Distribute List- Used for Route Filtering and Manipulation


Example-
command#router eigrp 12 - (Under eigrp process)
command(config-router)#distribute list ? - (options we can choose between an
access-list, a prefix-list or a route-map)
command(config-router)#distribute list 1 ?- (We have choosen Standard Access list)

a)in - inbound traffic


b)out -outbound traffic

command(config-router)#distribute list 1 in ? - (list of all interfaces where to


apply , if we do not choose any of them then it will apply on all interface(by
default)
command(config-router)#distribute-list 1 in FastEthernet 0/0 - We applied
distribute list on FastEthernet 0/0 inbound route

command(config)#access-list 1 deny [Link] [Link]


command(config)#access-list 1 permit any
(access-list that will filter [Link] /24 and permit all the other networks)

[Link] List
Example-
command#router eigrp 12 - (Under eigrp process)
command(config-router)#distribute list ? - (We choose prefix-list)
command(config-router)#distribute-list prefix FILTERTHIS in - (inbound prefix list)

command(config)#ip prefix-list FILTERTHIS seq 5 deny [Link]/24


command(config)#ip prefix-list FILTERTHIS seq 10 permit [Link]/0 le 32 -
( equivalent to permit any any in access list)
(As you can see we have the same result. [Link]/24 has been filtered and all
the other networks are permitted)

Note-The true power of the prefix list is in the ge (Greater than or Equal to) and
le (less than or equal to) operators.

a)Le Operator:-
command(config)#ip prefix-list RENETEST permit [Link]/8 le 18
*In this example I’m using the le operator. This prefix-list statement says that
all networks that fall within the [Link]/8 range
AND that have a subnet mask of /19 or less are permitted.
*If I have a network with [Link] /21 it will be denied by this prefix list. It
falls within the [Link] /8 range but it has a subnet mask of /21.
I’m using the le operator which says that the subnet mask should be /19 or smaller.

b)Ge Operator:-
command(config)#ip prefix-list RENETEST2 permit [Link]/8 ge 20
*This time I’m using the ge operator. Ge 20 means that the network needs to have a
subnet mask of /20 or larger in order to be permitted. [Link] /8 is the range we
are going to check.
*A network with [Link] /25 will be permitted because it falls within the
[Link] /8 range and has a subnet mask of /25 which is larger than /20.
*What about [Link] /19? It falls within the [Link] /8 range but it is not
permitted because it has a subnet mask of /19…our ge operator says it should be /20
or larger.

c) between le and ge operator:-


command(config)#ip prefix-list RENETEST3 permit [Link]/8 ge 16 le 18
*We can also combine the ge and le operators. Look at my prefix-list above. It’s
permitting all networks that fall within the [Link] /8 range and that have a
subnet mask of /16, /18 and everything in between.
*[Link] /18 will be permitted because it falls within the [Link] /8 range and
has a subnet mask of /18.
*[Link] / 26 will be denied. It falls within the [Link] /8 range but the
subnet mask is /26 which doesn’t match my ge or le operators.
*[Link] /14 will be denied. It falls within the [Link] /8 range but the subnet
mask is /14 which doesn’t match my ge or le operators.
*[Link] /18 will be denied. It matches my ge and le operators but it doesn’t
fall within the [Link] /8 range.

[Link] Map
Route-maps are very useful. They work with match and set statements. You can use a
route-map to match on a certain criteria and then configure it to take action. We
can use route-maps for filtering but they are also used for BGP policies and
policy-based routing (used to overrule routing protocols).
Example 1-
command#route-map TEST permit 10 (we can create route map using {route-map} command
and sequence number with route-map name and action {permit or deny})
command(config-route-map)#match ? (list of options what we want to match)
command(config-route-map)#match ip? (We chosed ip and then we have to select an
option from ip)
command(config-route-map)#match ip address? (we want to match ip address instead of
next hop or route-source)
command(config-route-map)#match ip address ?
<1-199> IP access-list
number
<1300-2699> IP access-list
number (expanded range)
WORD IP access-
list name
prefix-list Match
entries of prefix-lists
<cr>
(you can choose to match on an access-list or prefix-list! I’m going to match on an
access-list…let’s pick 7)

command(config-route-map)#match ip address 7
command(config)#access-list 7 permit [Link] [Link] - (created access list
which permits [Link]/16)

command(config)#router eigrp 12
command(config-router)#distribute-list route-map TEST in -( Enabled route map
inbound traffic)

Example 2-
command(config)#route-map PBR permit 40
command(config-route-map)#match ip address 7 8 9
command(config-route-map)#set ip next-hop [Link]
(We can also have multiple match statements in a single sequence. In the example
above it has to match access-list 7 OR 8 OR 9)

Example 3-
command(config)#route-map PBR permit 50
command(config-route-map)#match ip address 7
command(config-route-map)#match interface FastEthernet 0/0
command(config-route-map)#set ip next-hop [Link]
(This route-map is different. The match statements are not OR but AND. In this
example it has to match access-list 7
and the interface has to be FastEthernet0/0 before we set the next-hop IP address
to [Link])

I still have to activate the route-map, there are two methods how we can do this-
command(config)#ip local policy route-map PBR

(A router makes a difference between traffic that is originating from the router
and traffic that is flowing through the router.
The command above will activate policy based routing for traffic that I originate
from router command)

You might also like