We’ve got a switch with a number of layer 3 interfaces bound to networks which
we need in EIGRP. One solution is to use a
network statement, but this
introduces a few unwanted behaviors, the primary one being that this enables
EIGRP on these interfaces which is undesirable. The interfaces in question
should not send EIGRP advertisements, and should not listen for them either.
Using passive interface is an option, but this is a manual process I wanted to
We’ve handled this using
redistribute connected within the EIGRP
configuration. The one catch is that there are very few connected networks
which we don’t want advertised. This list isn’t likely to change so manual
updates shouldn’t be necessary.
To ensure these few networks are not advertised, a distribute list has been used. Distribute lists are ACLs which define which networks can or cannot be advertised. Like an ACL, they can be applied as either inbound (filter advertisements coming in) or outbound (filter routes being advertised).
The process is extremely simple.
Create the ACL
ip access-list standard EIGRP-Filter-Out deny 10.255.255.0 0.0.0.255 permit any
The above ACL will ensure the 10.255.255.0/24 network will not be advertised, while all other networks will be.
Apply the configuration to EIGRP
router eigrp 10 distribute-list EIGRP-Filter-Out out