Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DDR - Deny RIP traffic

Status
Not open for further replies.
geo2500

geo2500

Programmer
Dec 17, 2003
28
0
0
GR
Hi I have an isdn link that I want to get up for all other traffic except RIP.
I tried
access-list 101 deny udp any host 224.0.0.9 eq rip
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101

but then the isdn link never comes up

i have also a static route for all traffic to go through the isdn
 
Sort by date Sort by votes
Post a copy of your router configuration here (excluding sensitive info like passwords etc)
 
Upvote 0 Downvote
Hi again,
this is the conf. To explain a bit
this is part of a test bed, it's not production.
I have two routers listening on the same ethernet segment and being HSRP enabled.
I want when the first one goes down, this one to bring up
the ISDN link and call the other side. So I want the isdn link to come up for all other traffic except RIP.
I have tried it also with EIGRP and works great. In the access list I have
access-list 101 deny eigrp any any
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101

the problem is that access-list doesn't have the option to deny rip
so I do
access-list 101 deny udp any any eq rip
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname cisco2
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
!
!
ip domain name yourdomain.com
!
isdn switch-type basic-net3
!
!

!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 192.168.1.3 255.255.255.0
duplex auto
speed auto
standby 1 ip 192.168.1.1
standby 1 timers 5 15
standby 1 priority 105
standby 1 preempt
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1/0
backup delay 0 2
backup interface BRI0/2/0
ip address 10.1.1.3 255.255.255.248
encapsulation ppp
clock rate 2000000
!
interface BRI0/2/0
ip address 10.1.8.10 255.255.255.252
encapsulation ppp
dialer idle-timeout 60
dialer string XXXXXXXXXXX (I have deleted the real number)
dialer-group 1
isdn switch-type basic-net3
isdn point-to-point-setup
ppp authentication chap
!
router rip
version 2
network 10.0.0.0
network 192.168.1.0
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
ip route 0.0.0.0 0.0.0.0 BRI0/2/0 200
!
!
access-list 101 deny udp any any eq rip
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101
!
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
end
 
Upvote 0 Downvote
one thing I forgot to mention the s0/1/0 is not connected.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mrbean2766
  • Locked
  • Question
Port Mirroring - Only LAN traffic mirrored!
Replies
3
Views
55
cmeagan656
cmeagan656
r15gsy
  • Locked
  • Question
High traffic hitting my SMTP server from 216.139.246.155
Replies
2
Views
44
Noway2
Noway2
Cybex1
  • Locked
  • Question
Analysis of TCP/UDP port 53(DNS) traffic in captured PCAP files.
Replies
1
Views
56
Cybex1
Cybex1
anaturelover
  • Locked
  • Question
how to monitor my traffic on my pc i use a normal connection and a vpn
Replies
0
Views
27
anaturelover
anaturelover
wellerw
  • Locked
  • Question
TCP/IP traffic analysis software ? 3
Replies
5
Views
63
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top