Reordered named access-list

Unanswered Question

Hi All

I've recently noticed that some routers Reordered named access-list so that Host are at the top of the list following by subnets in numerical order. for example the standard acl is entered as per below and the show access-list commands shows a different sequence

IP access-list standard VTY

permit, wildcard bits

permit, wildcard bits



permit, wildcard bits

permit, wildcard bits

permit, wildcard bits

deny any log

Standard IP access list VTY

30 permit

40 permit

10 permit, wildcard bits

20 permit, wildcard bits (2 matches)

50 permit, wildcard bits

60 permit, wildcard bits

70 permit, wildcard bits (2 matches)

80 deny any log



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Wed, 09/12/2007 - 09:03
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


I have worked with IOS routers since the early days of release 9. It has consistently been the behavior (though not clearly documented) for standard access lists that IOS reorders the lines of the access list so that any host specific entries are put before any other entries.

So what you are observing is true and it is not a new thing. I think that you will find it in any router where you look and in any version where you look.




This Discussion