Distribute List (bukan distribution list) digunakan untuk menyaring route yang masuk atau keluar dari interface router. Route yang ditolak akan dikeluarkan dari routing table. Distribute list menggunakan access list untuk mengatur route yang ditolak dan diterima.
Topology Lab
Konfigurasi IP Address R1
interface Loopback0 ip address 1.1.1.1 255.255.255.255 no sh ! interface Serial0/0 ip address 12.12.12.1 255.255.255.0 no sh clock rate 2000000
Konfigurasi IP Address R2
interface Loopback0 ip address 2.2.2.2 255.255.255.255 no sh ! interface FastEthernet0/0 ip address 23.23.23.2 255.255.255.0 no sh ! interface Serial0/0 ip address 12.12.12.2 255.255.255.0 no sh clock rate 2000000
Konfigurasi IP Address R3
interface Loopback0 ip address 3.3.3.3 255.255.255.255 no sh ! interface FastEthernet0/0 ip address 23.23.23.3 255.255.255.0 no sh
Tujuan Lab
Diinginkan IP Loopback 0 dari R2, tidak terdapat di routing table R1. Filtering menggunakan distribute list!
Solusi
Konfigurasi dulu ACL untuk menolak paket dari 2.2.2.2 dan melewatkan paket lainnya, baru kemudian dipanggil via distribute list. Distribute list dapat dibuat di R1 (distribute list in) maupun R2 (distribute list out).
R1(config)#access-list 1 deny 2.2.2.2 R1(config)#access-list 1 permit any
Distribute list IN
ACL dikonfigurasi di R1, karena itu distribute list eigrp diset di R1 dengan direction inbound yang berfungsi menolak paket masuk dari R2 ke interface Serial 0/0 R1
R1(config)#router eigrp 10 R1(config-router)#distribute-list 1 in s0/0
Cek routing table R1, pastikan IP 2.2.2.2 dari R2 sudah tidak ada di routing table R1.
R1#sh ip rou
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
D 3.3.3.3 [90/2300416] via 12.12.12.2, 00:02:23, Serial0/0
23.0.0.0/24 is subnetted, 1 subnets
D 23.23.23.0 [90/2172416] via 12.12.12.2, 00:02:24, Serial0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Serial0/0
Distribute list OUT
Selain dikonfigurasikan di R1, access list dan distribute list juga bisa dikonfigurasikan di R2, maka directionnya harus OUT. Tapi harus dihapus dulu konfigurasi distribute list di R1.
Perintahnya:
R1(config)#router eigrp 10 R1(config-router)#no distribute-list 1 in s0/0
Cek routing table R1, pastikan IP 2.2.2.2 dari R2 sudah kembali ada di routing table R1.
R1(config-router)#do sh ip rou
<output dipotong>
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/32 is subnetted, 1 subnets
D 2.2.2.2 [90/2297856] via 12.12.12.2, 00:00:13, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
D 3.3.3.3 [90/2300416] via 12.12.12.2, 00:00:13, Serial0/0
23.0.0.0/24 is subnetted, 1 subnets
D 23.23.23.0 [90/2172416] via 12.12.12.2, 00:00:13, Serial0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Serial0/0
Konfigurasikan ACL di router R2. Perintahnya:
R2(config)#access-list 2 deny 2.2.2.2 R2(config)#access-list 2 permit any
Konfigurasi untuk distribute list dengan direction OUT di R2.
R2(config)#router eigrp 10 R2(config-router)#no distribute-list 2 out s0/0
Cek routing table R1, bandingkan dengan konfigurasi ACL dan distribute list di R1 sebelumnya
R1#sh ip route
<output dipotong>
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
D 3.3.3.3 [90/2300416] via 12.12.12.2, 00:00:04, Serial0/0
23.0.0.0/24 is subnetted, 1 subnets
D 23.23.23.0 [90/2172416] via 12.12.12.2, 00:00:04, Serial0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, Serial0/0
Hasilnya IP 2.2.2.2 tidak terdapat lagi dalam routing table R1.
Kesimpulan
Distribute list digunakan untuk menyaring paket dengan menggunakan ACL dan diinjeksikan ke settingan EIGRP dengan 2 perintah:
- Distribute-list in
Menyaring rute yang diterima oleh suatu interface/subinterface
- Distribute-list out
Menyaring rute yang dikirim oleh suatu interface/subinterface
Sumber bacaan:
- CCNP Full Lab Workbook; ID Networkers; 2012
- Filtering Routes With EIGRP (Diakses 29 Agustus 2012)http://fengnet.com/book/cisco.ios.cookbook.2nd/I_0596527225_CHP_7_SECT_3.html
- Route filtering methods in EIGRP (Diakses 29 Agustus 2012) http://www.net-gyver.com/?p=1108