route-map access-list

Post a reply


In an effort to prevent automatic submissions, we require that you complete the following challenge.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: route-map access-list

Re:route-map access-list

by Guest » Sun Feb 14, 2010 3:56 am

V I am glad that my explanations were helpful to you. Thanks for marking the questions as resolved (and thanks for the points). It makes the forum more useful when people can read questions and can know that some responses did resolve the question. Your marking makes this obvious to other readers. Good luck with your studies. And do feel free to post more questions in the forum. After all that is what the forum is really about - asking questions and finding answers. HTH Rick

Re:route-map access-list

by Guest » Sun Feb 14, 2010 3:56 am

Hi Rick. You really rock.Sorry for the confusion caused with the second half of the examples. I did not formulate the question correctly but anyway, you answered with exactly what I wanted to hear. What I meant was , that any of the ACL 1 statements containing only 22.22.22.0 0.0.0.255 would have no effect on 10.10.10.0 /24 being filtered or not solely in this simple scenario. Thanks again for the great explanation and I obviously marked your answers as correct. Now I am back to studying and I might be back with more questions soon   All the best. V.

Re:route-map access-list

by Guest » Sun Feb 14, 2010 2:30 am

I am putting my responses in line marked with Bold and Italics  ###############route-map question deny 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 10.10.10.0 0.0.0.255Yes this is correct...route-map question deny 10            Action taken, route filtered out match ip address 1access-list 1 permit 10.10.10.0 0.0.0.255Yes this is correct...route-map question permit 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 10.10.10.0 0.0.0.255  Yes this is correct...route-map question permit 10            Action taken, route permited match ip address 1access-list 1 permit 10.10.10.0 0.0.0.255Yes this is correct ##################In this set of examples the access list never mentions 10.10.10.0. Since there is no permit for 10.10.10.0 this network would not be redistributed in any of the scenarios that you suggest. route-map question deny 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 22.22.22.0 0.0.0.255Yes this is correct Note that this has nothing to do with 10.10.10.0...route-map question deny 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 permit 22.22.22.0 0.0.0.255Not correct. the match statement returns a value of true and 22.22.22.0 is filtered out.Note that this has no effect on 10.10.10.0...route-map question permit 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 22.22.22.0 0.0.0.255Yes this is correct. Note that this has nothing to do with 10.10.1.0...route-map question permit 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 permit 22.22.22.0 0.0.0.255Not correct. the match statement return a value of true and 22.22.22.0 is redistributed.Note that this has no effect on 10.10.10.0################## HTH Rick

Re:route-map access-list

by Guest » Sun Feb 14, 2010 1:20 am

Thank you Richard for the explanation. I am getting closer to the understanding of the logic behind it. I hope you don mind if I take advantage of your knowledge and attach another example.The question remains the same,we are still concerned about 10.10.10.0/24 . I tried to list all possible scenarios to get a full picture. The 22.22.22.0 0.0.0.255 is basically any random IP not matching 10.10.10.0/24 .I hope you understand where I am coming from. ###############route-map question deny 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 10.10.10.0 0.0.0.255...route-map question deny 10            Action taken, route filtered out match ip address 1access-list 1 permit 10.10.10.0 0.0.0.255...route-map question permit 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 10.10.10.0 0.0.0.255   ...route-map question permit 10            Action taken, route permited match ip address 1access-list 1 permit 10.10.10.0 0.0.0.255 ################## route-map question deny 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 22.22.22.0 0.0.0.255...route-map question deny 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 permit 22.22.22.0 0.0.0.255...route-map question permit 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 deny 22.22.22.0 0.0.0.255...route-map question permit 10            Action not taken, proceed to next route-map statementmatch ip address 1access-list 1 permit 22.22.22.0 0.0.0.255 ################## Thank you again Richard for all your effort.

Re:route-map access-list

by Guest » Sun Feb 14, 2010 1:05 am

The logic is sometimes difficult to follow in route maps that use deny in the route map statement. I find it helpful to think of them in this way. The route map statement 10 specifies an action to take (in this case deny) when there is a positive result in the match statement. If the result in the access list says yes/permit then the action of the route map statement is taken. But if the result in the access list says no/deny then the action of the route map statement is not taken and the route map goes on to the next step. Since access list 1 has deny 10.10.10.0 the result of the access list is no/deny and the action of route map 10 is not taken and so the route map goes on to statement 20. HTH Rick

Top