Three tools for Route Manipulation:-

1. Distribute List- Used for Route Filtering and Manipulation

Example-
command#router eigrp 12 - (Under eigrp process)
command(config-router)#distribute list ? - (options we can choose between an
access-list, a prefix-list or a route-map)
command(config-router)#distribute list 1 ?- (We have choosen Standard Access list)

a)in - inbound traffic

b)out -outbound traffic

command(config-router)#distribute list 1 in ? - (list of all interfaces where to

apply , if we do not choose any of them then it will apply on all interface(by
default)
command(config-router)#distribute-list 1 in FastEthernet 0/0 - We applied
distribute list on FastEthernet 0/0 inbound route

command(config)#access-list 1 deny 172.16.1.0 0.0.0.255

command(config)#access-list 1 permit any
(access-list that will filter 172.16.1.0 /24 and permit all the other networks)

2.Prefix List
Example-
command#router eigrp 12 - (Under eigrp process)
command(config-router)#distribute list ? - (We choose prefix-list)
command(config-router)#distribute-list prefix FILTERTHIS in - (inbound prefix list)

command(config)#ip prefix-list FILTERTHIS seq 5 deny 172.16.1.0/24

command(config)#ip prefix-list FILTERTHIS seq 10 permit 0.0.0.0/0 le 32 -
( equivalent to permit any any in access list)
(As you can see we have the same result. 172.16.1.0/24 has been filtered and all
the other networks are permitted)

Note-The true power of the prefix list is in the ge (Greater than or Equal to) and
le (less than or equal to) operators.

a)Le Operator:-
command(config)#ip prefix-list RENETEST permit 10.0.0.0/8 le 18
*In this example I’m using the le operator. This prefix-list statement says that
all networks that fall within the 10.0.0.0/8 range
AND that have a subnet mask of /19 or less are permitted.
*If I have a network with 10.0.0.0 /21 it will be denied by this prefix list. It
falls within the 10.0.0.0 /8 range but it has a subnet mask of /21.
I’m using the le operator which says that the subnet mask should be /19 or smaller.

b)Ge Operator:-
command(config)#ip prefix-list RENETEST2 permit 10.0.0.0/8 ge 20
*This time I’m using the ge operator. Ge 20 means that the network needs to have a
subnet mask of /20 or larger in order to be permitted. 10.0.0.0 /8 is the range we
are going to check.
*A network with 10.55.55.0 /25 will be permitted because it falls within the
10.0.0.0 /8 range and has a subnet mask of /25 which is larger than /20.
*What about 10.60.0.0 /19? It falls within the 10.0.0.0 /8 range but it is not
permitted because it has a subnet mask of /19…our ge operator says it should be /20
or larger.

c) between le and ge operator:-

command(config)#ip prefix-list RENETEST3 permit 10.0.0.0/8 ge 16 le 18
*We can also combine the ge and le operators. Look at my prefix-list above. It’s
permitting all networks that fall within the 10.0.0.0 /8 range and that have a
subnet mask of /16, /18 and everything in between.
*10.22.0.0 /18 will be permitted because it falls within the 10.0.0.0 /8 range and
has a subnet mask of /18.
*10.55.0.0 / 26 will be denied. It falls within the 10.0.0.0 /8 range but the
subnet mask is /26 which doesn’t match my ge or le operators.
*10.4.4.0 /14 will be denied. It falls within the 10.0.0.0 /8 range but the subnet
mask is /14 which doesn’t match my ge or le operators.
*192.168.12.0 /18 will be denied. It matches my ge and le operators but it doesn’t
fall within the 10.0.0.0 /8 range.

3.Route Map
Route-maps are very useful. They work with match and set statements. You can use a
route-map to match on a certain criteria and then configure it to take action. We
can use route-maps for filtering but they are also used for BGP policies and
policy-based routing (used to overrule routing protocols).
Example 1-
command#route-map TEST permit 10 (we can create route map using {route-map} command
and sequence number with route-map name and action {permit or deny})
command(config-route-map)#match ? (list of options what we want to match)
command(config-route-map)#match ip? (We chosed ip and then we have to select an
option from ip)
command(config-route-map)#match ip address? (we want to match ip address instead of
next hop or route-source)
command(config-route-map)#match ip address ?
<1-199> IP access-list
number
<1300-2699> IP access-list
number (expanded range)
WORD IP access-
list name
prefix-list Match
entries of prefix-lists
<cr>
(you can choose to match on an access-list or prefix-list! I’m going to match on an
access-list…let’s pick 7)

command(config-route-map)#match ip address 7
command(config)#access-list 7 permit 172.16.0.0 0.0.255.255 - (created access list
which permits 172.16.0.0/16)

command(config)#router eigrp 12
command(config-router)#distribute-list route-map TEST in -( Enabled route map
inbound traffic)

Example 2-
command(config)#route-map PBR permit 40
command(config-route-map)#match ip address 7 8 9
command(config-route-map)#set ip next-hop 192.168.23.3
(We can also have multiple match statements in a single sequence. In the example
above it has to match access-list 7 OR 8 OR 9)

Example 3-
command(config)#route-map PBR permit 50
command(config-route-map)#match ip address 7
command(config-route-map)#match interface FastEthernet 0/0
command(config-route-map)#set ip next-hop 192.168.23.3
(This route-map is different. The match statements are not OR but AND. In this
example it has to match access-list 7
and the interface has to be FastEthernet0/0 before we set the next-hop IP address
to 192.168.23.3)

I still have to activate the route-map, there are two methods how we can do this-
command(config)#ip local policy route-map PBR

(A router makes a difference between traffic that is originating from the router
and traffic that is flowing through the router.
The command above will activate policy based routing for traffic that I originate
from router command)