per interface route filtering
olivier a
oatech7402 at gmail.com
Wed Apr 8 12:57:34 CEST 2015
Thanks for your explaination. I understand, and it seems to be functioning
OK with the following config. Is this the right way ? :
protocol rip rip1 {
#debug all;
interface "eth0" { mode multicast; ttl security tx only; };
honor neighbor;
authentication none;
import all;
export filter { # This block filters
192.168.1.0/24 out
if net ~ [ 192.168.1.0/24+ ] then
reject "rip1:rejected:directly-connected";
else
accept "rip1:accepted:not-directly-connected";
};
}
protocol rip rip2 {
#debug all;
interface "eth1" { mode multicast; ttl security tx only; };
honor neighbor;
authentication none;
import all;
export filter { # This block filters
192.168.1.0/24 out
if net ~ [ 192.168.5.0/24+ ] then
reject "rip2:rejected:directly-connected";
else
accept "rip2:accepted:not-directly-connected";
};
}
## eth0 is on the 192.168.1.0/24 and eth1 on the
## 192.168.5.0/24. The goal is to prevent an interface
## from advertising its own subnet
On Mar 19, 2015 11:12 AM, "Ondrej Zajicek" <santiago at crfreenet.org> wrote:
> On Fri, Mar 13, 2015 at 08:05:23PM +0100, olivier a wrote:
> > Is there a way to filter RIP announced routes on an interface basis ?
>
> Hi
>
> Currently the only way is to have separate RIP protocol instances for
> each interface and do filtering on import/export to these RIP instances.
>
> --
> Elen sila lumenn' omentielvo
>
> Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
> OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
> "To err is human -- to blame it on a computer is even more so."
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20150408/644a1f72/attachment.html>
More information about the Bird-users
mailing list