BGP Route Redistribution.

Unanswered Question
Nov 19th, 2006
User Badges:
  • Silver, 250 points or more

router-map name permit 10

match ip address 10


access-list 10 permit X.Y.Z




router-map name permit 10

match ip address 10


access-list 10 deny X.Y.Z



router-map name deny 10

match ip address 10


access-list 10 permit X.Y.Z


Here route-map is deny but access-list is

permitted if i am redistributing protocols in this case

access-list 10 will be redistributed or not.



router-map name deny 10

match ip address 10


access-list 10 deny X.Y.Z


In there any meaning to use this route-map with acl deny if yes

then where we can use .

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pkhatri Sun, 11/19/2006 - 17:58
User Badges:
  • Purple, 4500 points or more

The 'access-list 10 deny X.Y.Z' will deny all addresses, not just X.Y.Z, simply because of the implicit deny at the end of the ACL.


That means that the first clause of the route-map will match all IP addresses, and deny all of them.


Now, if you had an ACL that had permit entries other than the deny, then what would happen is that it would match all addresses that are permitted. The route-map would then deny all of the addresses matched by the ACL and permit everything else. All of these other addresses would then fall through to the next clause of the route-map, if it exists.


Paresh


PS. Pls do remember to rate posts

ajay chauhan Sun, 11/19/2006 - 19:02
User Badges:
  • Silver, 250 points or more

router-map name permit 10

match ip address 10


access-list 10 deny X.Y.Z


mean to say route-map permit match address

10 redistribute others except X.Y.Z




router-map name deny 10

match ip address 10


access-list 10 permit X.Y.Z


Deny all the networks except X.Y.Z



jackyoung Sun, 11/19/2006 - 22:00
User Badges:
  • Gold, 750 points or more

Just like Paresh said. The first route-map will deny all ip address. Only if you add a "permit any" after the deny x.y.z ACL, then you will have your expected result.


IMO, the second route-map will deny x.y.z only and permit others.


You can try these route-map in your lab.



Actions

This Discussion