There are essentially two use cases for distribute lists.
- They can filter transmission or receipt of routing protocol updates;
- They can filter the routes that are included in redistribution.
Here is an example of redistribution from EIGRP 100 to OSPF 10 using a distribute list:
… in this illustration, the distribute list is applied to the OSPF process with the keyword out, meaning it is being applied to redistribution out of process eigrp 100, which is also identified. The distribute list calls access-list 7, which classifies only two of the four networks advertised within EIGRP. (The ACL implicit deny ensures you do not need specific deny statements unless you need to see hit counts.)
Note that classic access-lists do not affect traffic originating from the router. You must instead link the ACL to a distribute list to control this.
Stuck-in-Active: Journal of an IT-Network Administrator 