I believe that when you use an extended ACL, the source fields match the source of the route and the second fields match the actual route. Also need to remember that ACLs use WildCard Bits and not Subnet Masks.
R3#conf t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#access-list 100 permit ip host 123.0.0.1 host 10.0.0.0 R3(config)#access-list 100 permit ip host 123.0.0.2 host 20.0.0.0 R3(config)#router rip R3(config-router)#distribute-list 100 in Ethernet0/0 R3(config-router)#end R3#clear ip route * R3#show ip route rip R 20.0.0.0/8 [120/1] via 123.0.0.2, 00:00:00, Ethernet0/0 R 10.0.0.0/8 [120/1] via 123.0.0.1, 00:00:00, Ethernet0/0 . From: [email protected] [mailto:[email protected]] On Behalf Of Kim Pedersen Sent: Wednesday, January 13, 2010 2:29 PM To: OSL CCIE Routing and Switching Lab Exam Subject: [OSL | CCIE_RS] Extended Access-lists in distribute-list command Hi All, Hope someone can help out with this little issue. I am trying to use an extended access-list in a distribute-list command in ospf. For some reason its never comming through the access-list. I am under the impression that a line like the one below, will match route 10.10.0.0 255.255.0.0 when used in conjunction with a distribute-list access-list 140 permit ip 10.10.0.0 0.0.0.0 255.255.0.0 0.0.0.0 or shorthand: access-list 140 permit ip host 10.10.0.0 host 255.255.0.0 If i create a standard access-list and just match the route (10.10.0.0 0.0.0.0) it works fine. Anyone care to comment? Sincerely, Kim Pedersen
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
