cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
0
Helpful
3
Replies

interface with ACL and route-map

smolz
Level 4
Level 4

I am trying to clear something up, I have an interface that has both an access-list and a route-map. If the traffic matches to an ACE will it then be processed by the route-map or does it bypass the route-map? I am trying to understand what the order is that traffic gets evaluated on an interface.

1 Accepted Solution

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

Chris

If we had more detail about your situation we could understand it better and could give better advice. Without knowing any details I would assume that the route map on the interface is for Policy Based Routing. And it would help to know whether the access list was applied inbound or outboud. Assuming that it is applied inbound then if the input packet is permitted by the access list then it would be processed by the route map for PBR.

If you would provide config details of the interface config and the access list and the route map, then we could know whether my assumptions are correct or not and might provide better advice.

HTH

Rick

HTH

Rick

View solution in original post

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Chris

If we had more detail about your situation we could understand it better and could give better advice. Without knowing any details I would assume that the route map on the interface is for Policy Based Routing. And it would help to know whether the access list was applied inbound or outboud. Assuming that it is applied inbound then if the input packet is permitted by the access list then it would be processed by the route map for PBR.

If you would provide config details of the interface config and the access list and the route map, then we could know whether my assumptions are correct or not and might provide better advice.

HTH

Rick

HTH

Rick

You are right on both of your assumptions, the route map is for policy routing and the acl is applied inbound.

interface Vlanxxx

ip address 10.1.1.1 255.255.255.0

ip access-group INBOUND in

ip access-group OUTBOUND out

ip policy route-map map

Is there any cisco documentation on this?

Chris,

Usually I refer this document for determining order of operation for various features. Although it is documented for NAT, it has considered all the features that could be applied on the interface.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: