distribute-list problem

Hi all,

I don't understand why the following prefix list returns no result. When no prefix list is configured, the route exists in the route table. Someone please help and many thanks!!!

ip prefix-list Nontrading seq 2 permit 192.168.21.0/24

hktco

==========

r2#sh ip os ne

Neighbor ID Pri State Dead Time Address Interface

1.1.1.1 1 FULL/BDR 00:00:35 192.168.1.1 FastEthernet0.1 r2#sh run Building configuration...

interface Loopback0 ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet0 no ip address no ip redirects no ip proxy-arp speed auto no cdp enable ! interface FastEthernet0.1 encapsulation dot1Q 2 native ip address 192.168.1.2 255.255.255.0 no ip redirects no ip proxy-arp standby 11 ip 192.168.1.253 standby 11 priority 95 standby 11 preempt standby 12 ip 192.168.1.254 standby 12 preempt ! ! interface Async5 ip address 10.2.2.2 255.255.255.0 no ip redirects no ip proxy-arp encapsulation ppp ip ospf cost 10000 async dynamic routing async mode dedicated no peer neighbor-route no keepalive cdp enable ! router ospf 100 router-id 2.2.2.2 log-adjacency-changes redistribute static metric-type 1 subnets network 0.0.0.0 255.255.255.255 area 0 distribute-list prefix Nontrading in ! ip classless ip route 192.168.11.0 255.255.255.0 192.168.1.100 ip route 192.168.12.0 255.255.255.0 192.168.1.100 no ip http server no ip http secure-server ! ! ! ip prefix-list Nontrading seq 10 permit 0.0.0.0/0 le 32 r2#sh ip ro os 1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:20, FastEthernet0.1 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:20, FastEthernet0.1 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:20, FastEthernet0.1 O E1 192.168.21.0/24 [110/10022] via 192.168.1.1, 00:00:20, FastEthernet0.1 10.0.0.0/24 is subnetted, 2 subnets O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:20, FastEthernet0.1 O E1 192.168.22.0/24 [110/10022] via 192.168.1.1, 00:00:20, FastEthernet0.1 O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:20, FastEthernet0.1 r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#ip pre r2(config)#ip prefix-list Nontrading seq 1 deny 192.168.22.0/24 r2(config)#^Z r2#sh run | in ip pref ip prefix-list Nontrading seq 1 deny 192.168.22.0/24 ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32 r2#sh ip ro os 1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:24, FastEthernet0.1 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:24, FastEthernet0.1 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:24, FastEthernet0.1 O E1 192.168.21.0/24 [110/10022] via 192.168.1.1, 00:00:24, FastEthernet0.1 10.0.0.0/24 is subnetted, 2 subnets O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:24, FastEthernet0.1 O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:24, FastEthernet0.1 r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#ip prefix-list Nontrading seq 2 deny 192.168.21.0/24 r2(config)#^Z r2#sh ip ro os 1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:02, FastEthernet0.1 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:02, FastEthernet0.1 10.0.0.0/24 is subnetted, 2 subnets O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:02, FastEthernet0.1 O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1 r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#no ip pre Nontrading seq 1 r2#sh run | in ip pref ip prefix-list Nontrading seq 1 deny 192.168.22.0/24 ip prefix-list Nontrading seq 2 deny 192.168.21.0/24 ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32 r2#sr os 1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:32, FastEthernet0.1 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:32, FastEthernet0.1 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:32, FastEthernet0.1 10.0.0.0/24 is subnetted, 2 subnets O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:32, FastEthernet0.1 O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:32, FastEthernet0.1 r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#no ip prefix-list Nontrading seq 1 deny 192.168.22.0/24 r2(config)#^Z r2#sr os 1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:03, FastEthernet0.1 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:03, FastEthernet0.1 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:03, FastEthernet0.1 10.0.0.0/24 is subnetted, 2 subnets O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:03, FastEthernet0.1 O E1 192.168.22.0/24 [110/10022] via 192.168.1.1, 00:00:03, FastEthernet0.1 O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:03, FastEthernet0.1 r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#no ip prefix-list Nontrading seq 2 deny 192.168.21.0/24 r2(config)#ip prefix-list Nontrading seq 2 per 192.168.21.0/24 r2(config)#^Z r2#sh ip ro os 1.0.0.0/32 is subnetted, 1 subnets O 1.1.1.1 [110/2] via 192.168.1.1, 00:00:02, FastEthernet0.1 3.0.0.0/32 is subnetted, 1 subnets O 3.3.3.3 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1 4.0.0.0/32 is subnetted, 1 subnets O 4.4.4.4 [110/10003] via 192.168.1.1, 00:00:02, FastEthernet0.1 O E1 192.168.21.0/24 [110/10022] via 192.168.1.1, 00:00:02, FastEthernet0.1 10.0.0.0/24 is subnetted, 2 subnets O 10.1.1.0 [110/10001] via 192.168.1.1, 00:00:02, FastEthernet0.1 O E1 192.168.22.0/24 [110/10022] via 192.168.1.1, 00:00:02, FastEthernet0.1 O 192.168.2.0/24 [110/10002] via 192.168.1.1, 00:00:02, FastEthernet0.1 r2# r2#sh run | in pref distribute-list prefix Nontrading in ip prefix-list Nontrading description Disallow non-trading traffic to use the IPLC ip prefix-list Nontrading seq 2 permit 192.168.21.0/24 ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32 r2#conf t Enter configuration commands, one per line. End with CNTL/Z. r2(config)#no ip prefix-list Nontrading seq 5 permit 0.0.0.0/0 le 32 r2(config)#^Z r2#sh run | in pref distribute-list prefix Nontrading in ip prefix-list Nontrading seq 2 permit 192.168.21.0/24 r2#sh ip ro os

r2#debug ip routing IP routing debugging is on ! TELNET INTO ROUTER TO CHANGE THE DISTRIBUTE-LIST r2# !ALLOW ALL 0.0.0.0/0 le 32

000044: *Mar 1 08:45:53.195: RT: add 10.1.1.0/24 via 192.168.1.1, ospf metric [110/10001] 000045: *Mar 1 08:45:53.195: RT: NET-RED 10.1.1.0/24 000046: *Mar 1 08:45:53.195: RT: NET-RED queued, Queue size 1 000047: *Mar 1 08:45:53.195: RT: add 192.168.2.0/24 via 192.168.1.1, ospf metric [110/10002] 000048: *Mar 1 08:45:53.195: RT: NET-RED 192.168.2.0/24 000049: *Mar 1 08:45:53.199: RT: NET-RED queued, Queue size 2 000050: *Mar 1 08:45:53.199: RT: add 1.1.1.1/32 via 192.168.1.1, ospf metric [110/2] 000051: *Mar 1 08:45:53.199: RT: NET-RED 1.1.1.1/32 000052: *Mar 1 08:45:53.199: RT: NET-RED queued, Queue size 3 000053: *Mar 1 08:45:53.199: RT: add 3.3.3.3/32 via 192.168.1.1, ospf metric [110/10002] 000054: *Mar 1 08:45:53.199: RT: NET-RED 3.3.3.3/32 000055: *Mar 1 08:45:53.199: RT: NET-RED queued, Queue size 4 000056: *Mar 1 08:45:53.203: RT: add 4.4.4.4/32 via 192.168.1.1, ospf metric [110/10003] 000057: *Mar 1 08:45:53.203: RT: NET-RED 4.4.4.4/32 000058: *Mar 1 08:45:53.203: RT: NET-RED queued, Queue size 5 000059: *Mar 1 08:45:53.203: RT: add 192.168.21.0/24 via 192.168.1.1, ospf metric [110/10022] 000060: *Mar 1 08:45:53.203: RT: NET-RED 192.168.21.0/24 000061: *Mar 1 08:45:53.203: RT: NET-RED queued, Queue size 6 000062: *Mar 1 08:45:53.203: RT: add 192.168.22.0/24 via 192.168.1.1, ospf metric [110/10022] 000063: *Mar 1 08:45:53.207: RT: NET-RED 192.168.22.0/24 000064: *Mar 1 08:45:53.207: RT: NET-RED queued, Queue size 7 !ALLOW ONLY 192.168.21.0/24 000065: *Mar 1 08:46:16.355: RT: delete route to 1.1.1.1/32 000066: *Mar 1 08:46:16.355: RT: NET-RED 1.1.1.1/32 000067: *Mar 1 08:46:16.355: RT: NET-RED queued, Queue size 1 000068: *Mar 1 08:46:16.355: RT: delete network route to 1.0.0.0 000069: *Mar 1 08:46:16.355: RT: NET-RED 1.0.0.0/8 000070: *Mar 1 08:46:16.355: RT: NET-RED queued, Queue size 2 000071: *Mar 1 08:46:16.359: RT: delete route to 3.3.3.3/32 000072: *Mar 1 08:46:16.359: RT: NET-RED 3.3.3.3/32 000073: *Mar 1 08:46:16.359: RT: NET-RED queued, Queue size 3 000074: *Mar 1 08:46:16.359: RT: delete network route to 3.0.0.0 000075: *Mar 1 08:46:16.359: RT: NET-RED 3.0.0.0/8 000076: *Mar 1 08:46:16.359: RT: NET-RED queued, Queue size 4 000077: *Mar 1 08:46:16.363: RT: delete route to 4.4.4.4/32 000078: *Mar 1 08:46:16.363: RT: NET-RED 4.4.4.4/32 000079: *Mar 1 08:46:16.363: RT: NET-RED queued, Queue size 5 000080: *Mar 1 08:46:16.363: RT: delete network route to 4.0.0.0 000081: *Mar 1 08:46:16.363: RT: NET-RED 4.0.0.0/8 000082: *Mar 1 08:46:16.363: RT: NET-RED queued, Queue size 6 000083: *Mar 1 08:46:16.367: RT: delete route to 192.168.21.0/24 000084: *Mar 1 08:46:16.367: RT: NET-RED 192.168.21.0/24 000085: *Mar 1 08:46:16.367: RT: NET-RED queued, Queue size 7 000086: *Mar 1 08:46:16.367: RT: delete route to 10.1.1.0/24 000087: *Mar 1 08:46:16.367: RT: NET-RED 10.1.1.0/24 000088: *Mar 1 08:46:16.367: RT: NET-RED queued, Queue size 8 000089: *Mar 1 08:46:16.371: RT: delete route to 192.168.22.0/24 000090: *Mar 1 08:46:16.371: RT: NET-RED 192.168.22.0/24 000091: *Mar 1 08:46:16.371: RT: NET-RED queued, Queue size 9 000092: *Mar 1 08:46:16.371: RT: delete route to 192.168.2.0/24 000093: *Mar 1 08:46:16.375: RT: NET-RED 192.168.2.0/24 000094: *Mar 1 08:46:16.375: RT: NET-RED queued, Queue size 10 000095: *Mar 1 08:46:16.927: %SYS-5-CONFIG_I: Configured from console by vty0 (192.168.1.1) r2#