Filtering EIGRP redistributed routes
Posted on December 13, 2016
- and tagged as
- cisco
We’ve got a switch with a number of layer 3 interfaces bound to networks which
we need in EIGRP. One solution is to use a network
statement, but this
introduces a few unwanted behaviors, the primary one being that this enables
EIGRP on these interfaces which is undesirable. The interfaces in question
should not send EIGRP advertisements, and should not listen for them either.
Using passive interface is an option, but this is a manual process I wanted to
avoid.
We’ve handled this using redistribute connected
within the EIGRP
configuration. The one catch is that there are very few connected networks
which we don’t want advertised. This list isn’t likely to change so manual
updates shouldn’t be necessary.
To ensure these few networks are not advertised, a distribute list has been used. Distribute lists are ACLs which define which networks can or cannot be advertised. Like an ACL, they can be applied as either inbound (filter advertisements coming in) or outbound (filter routes being advertised).
The process is extremely simple.
Create the ACL
ip access-list standard EIGRP-Filter-Out
deny 10.255.255.0 0.0.0.255
permit any
The above ACL will ensure the 10.255.255.0/24 network will not be advertised, while all other networks will be.
Apply the configuration to EIGRP
router eigrp 10
distribute-list EIGRP-Filter-Out out