Route Manipulation
Route Manipulation
Route Manipulation
2.Prefix List
Example-
command#router eigrp 12 - (Under eigrp process)
command(config-router)#distribute list ? - (We choose prefix-list)
command(config-router)#distribute-list prefix FILTERTHIS in - (inbound prefix list)
Note-The true power of the prefix list is in the ge (Greater than or Equal to) and
le (less than or equal to) operators.
a)Le Operator:-
command(config)#ip prefix-list RENETEST permit 10.0.0.0/8 le 18
*In this example I’m using the le operator. This prefix-list statement says that
all networks that fall within the 10.0.0.0/8 range
AND that have a subnet mask of /19 or less are permitted.
*If I have a network with 10.0.0.0 /21 it will be denied by this prefix list. It
falls within the 10.0.0.0 /8 range but it has a subnet mask of /21.
I’m using the le operator which says that the subnet mask should be /19 or smaller.
b)Ge Operator:-
command(config)#ip prefix-list RENETEST2 permit 10.0.0.0/8 ge 20
*This time I’m using the ge operator. Ge 20 means that the network needs to have a
subnet mask of /20 or larger in order to be permitted. 10.0.0.0 /8 is the range we
are going to check.
*A network with 10.55.55.0 /25 will be permitted because it falls within the
10.0.0.0 /8 range and has a subnet mask of /25 which is larger than /20.
*What about 10.60.0.0 /19? It falls within the 10.0.0.0 /8 range but it is not
permitted because it has a subnet mask of /19…our ge operator says it should be /20
or larger.
3.Route Map
Route-maps are very useful. They work with match and set statements. You can use a
route-map to match on a certain criteria and then configure it to take action. We
can use route-maps for filtering but they are also used for BGP policies and
policy-based routing (used to overrule routing protocols).
Example 1-
command#route-map TEST permit 10 (we can create route map using {route-map} command
and sequence number with route-map name and action {permit or deny})
command(config-route-map)#match ? (list of options what we want to match)
command(config-route-map)#match ip? (We chosed ip and then we have to select an
option from ip)
command(config-route-map)#match ip address? (we want to match ip address instead of
next hop or route-source)
command(config-route-map)#match ip address ?
<1-199> IP access-list
number
<1300-2699> IP access-list
number (expanded range)
WORD IP access-
list name
prefix-list Match
entries of prefix-lists
<cr>
(you can choose to match on an access-list or prefix-list! I’m going to match on an
access-list…let’s pick 7)
command(config-route-map)#match ip address 7
command(config)#access-list 7 permit 172.16.0.0 0.0.255.255 - (created access list
which permits 172.16.0.0/16)
command(config)#router eigrp 12
command(config-router)#distribute-list route-map TEST in -( Enabled route map
inbound traffic)
Example 2-
command(config)#route-map PBR permit 40
command(config-route-map)#match ip address 7 8 9
command(config-route-map)#set ip next-hop 192.168.23.3
(We can also have multiple match statements in a single sequence. In the example
above it has to match access-list 7 OR 8 OR 9)
Example 3-
command(config)#route-map PBR permit 50
command(config-route-map)#match ip address 7
command(config-route-map)#match interface FastEthernet 0/0
command(config-route-map)#set ip next-hop 192.168.23.3
(This route-map is different. The match statements are not OR but AND. In this
example it has to match access-list 7
and the interface has to be FastEthernet0/0 before we set the next-hop IP address
to 192.168.23.3)
I still have to activate the route-map, there are two methods how we can do this-
command(config)#ip local policy route-map PBR
(A router makes a difference between traffic that is originating from the router
and traffic that is flowing through the router.
The command above will activate policy based routing for traffic that I originate
from router command)