I am attempting to determine how entries in a standard ACL are actually added to a router's config.
I have read that the ACL statements are entered into the config in the order that they were typed, or that they are in a descending IP order, but I have tested this and see that it is not the case.
For example, if I create the following new ACL:
SPARE6509(config)#access-list 50 permit 126.96.36.199
SPARE6509(config)#access-list 50 permit 188.8.131.52
SPARE6509(config)#access-list 50 permit 184.108.40.206
SPARE6509(config)#access-list 50 permit 220.127.116.11
SPARE6509(config)#access-list 50 permit 18.104.22.168
SPARE6509(config)#access-list 50 deny any log
SPARE6509(config)#access-list 50 permit 22.214.171.124 0.0.0.255
the order of the statements in the config are as follows, as per the show commands (they are in a different order than how they were entered - I cannot see any reason why they were added in this order):
SPARE6509#sho access-list 50
Standard IP access list 50
30 permit 126.96.36.199
40 permit 188.8.131.52
10 permit 184.108.40.206
20 permit 220.127.116.11
50 permit 18.104.22.168
60 deny any log
70 permit 22.214.171.124, wildcard bits 0.0.0.255
SPARE6509#show run (excerpt)
access-list 50 permit 126.96.36.199
access-list 50 permit 188.8.131.52
access-list 50 permit 184.108.40.206
access-list 50 permit 220.127.116.11
access-list 50 permit 18.104.22.168
access-list 50 deny any log
access-list 50 permit 22.214.171.124 0.0.0.255
This is a Catalyst 6509 w/Sup32, with IOS 12.2(18)SXF6.
Can anyone confirm how the lines of a standard ACL are added to the config?