Route-map functioning

Unanswered Question
May 12th, 2009

Hi Guy's

I have a little confusion about the working procedure of route-maps.

I understand that they can be used in many situations but what i am confused about is how they work.for eg.

if i am using a route-map for route redistribution

the procedure is i make a access-list then make a route map and specify the matching criteria as the access-list and apply it under the router process of the protocol.

my confusion is how does the route-map work in matcing the traffic i mean in what conjuction the route-map works with access-lists.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Jon Marshall Tue, 05/12/2009 - 12:39


Not sure i fully understand what you are asking.

When you use the "match ip address ..." line under the route-map config this ties the route-map to an access-list. So when the route-map is referenced routes must then match an entry in the acl, or if they don't they simply don't get redistributed.


Giuseppe Larosa Tue, 05/12/2009 - 12:48

Hello Mahmood,

>> my confusion is how does the route-map work in matcing the traffic i mean in what conjuction the route-map works with access-lists.

When you use route-maps with protocol redistribution they are invoked to filter routes in the control plane not to process traffic.

It is true that you can use a route-map that looks like similar with PBR and in this second case the route-map is used to process traffic in the forwarding plane.

Hope to help


mahmoodmkl Tue, 05/12/2009 - 21:10

Hi Guys,

Thanks for the replies.


My understanding of control plane is handling of routing updates etc.

Dataplane is what is used in actual forwarding of traffic.

can u please explain these terms in details.



Jon Marshall Wed, 05/13/2009 - 03:01


It's pretty much as you said.

Control plane is responsible for establishing routing neighborships and exchaning routing information. Also responsible for building the routing table.

Data plane is responsible for forwarding the actual traffic and uses information supplied by the control plane to do that. Note if process switched the packets actually go to the control plane to be forwarded. If fast switched only the first packet goes to the control plane. If CEF switched no packet go to control plane.

Traditionally access is restricted using acl's / PBR which control where traffic could be/should be sent. But using these is not supplying separation between the control and data plane ie. there is still one global routing table in use.

VRF's which are being used more and more allow for complete separation between the control and data plane so there is no longer one global routing table in use.

So practically the difference is

You want to allow a certain vlan to only be able to access one server vlan.

You want the rest of your vlans to be able to access any other vlans.

You can implement this with acl's/PBR but it is a lot of administration and can be prone to error. Alternatively you can use VRF's so that the router/L3 switch now has 2 routing tables which are not visible to each other. The routing table for the vlan that is restricted only has a route to the one server vlan. The other routing table has routes for everything.

MPLS VPN's and VRF-Lite use VRF's for control and data plane segregation. VRF's in effect allow you to create multiple virtual networks on the same physical infrastructure.


mahmoodmkl Tue, 06/09/2009 - 00:55


Just to re-start the topic..

i want to know which traffic is taken in consideration when we apply the access-list for QOS classification is it control plane or data plane.




This Discussion