Am I being thick?

Am I being thick?

Post by Steve Ra » Thu, 21 Dec 2006 06:08:11


I'd appreciate a bit of help please

I have a large network, all cisco, all EIGRP, no reason or need to change

I have 2 core sites both running in a hub and spoke and both connected

On all the spoke sites or satellite sites I want to stop traffic going to
the other satellite and opposing core sites

I have a 20 bit network (FWIW)

One satellite site has an IP range

I want to stop all traffic getting to any /20 /20 /20 /20

I created a set of access lists and applied them onto the S0/0 interface of
the router, a basic deny anything to the above nets and it works

I want to move away from ACLs to route statements on some satellite centres,
why?, cus I want to. Well it is my network

So on my network I:

o Log onto a local server and start a ping to an IP address on a
o Create a default route to route all traffic to S0/0
o Create a route for null0
o Remove the EIGRP network
o Watch the pings continue

Why does my traffic continue to get thru ?

In anticipation

We don't stop playing because we get old
We get old because we stop playing

Am I being thick?

Post by Bod4 » Thu, 21 Dec 2006 23:34:09

This is one of the cornerstones of IP routing.

More specific routes are /always/ preferred over less specific
ones. null0

is less specific than /20

If there are equally specific then the administrative distance
is used to determine which one goes in the routing table.

The order then is:

- Prefix length
- Within a routing protocol - cost
- Between Routing protocols - admin dist.


Am I being thick?

Post by Bod4 » Thu, 21 Dec 2006 23:35:37

I noticed just too late that I had not
answered your question.

"Am I being thick?"