02-16-2008 10:37 AM - edited 03-03-2019 08:44 PM
Hi! Please consider following scene :
XXXXXXXX#sh run int Serial0.19
Building configuration...
Current configuration:
!
interface Serial0.19 point-to-point
description --- XXXXXXXXXXXXXXXXXX
ip address XXXXXXXXXXXXXXX
ip access-group 19 in <<<<< ----this one
ip access-group 119 out
no ip redirects
no ip directed-broadcast
no ip proxy-arp
ip accounting output-packets
ip ospf interface-retry 0
frame-relay interface-dlci XXXXXXXXXX
end
XXXXXX#sh access-l 19
XXXXXX# <<<----- no content in access-list
What effect does it have. Will it allow all incoming traffic or deny all ?
Secondly, this router is running BGP with another one
neighbor XXXXXXX remote-as 64550
neighbor XXXXXXX distribute-list 19 in
Again, 19 is empty. What effect it would have ????
02-16-2008 10:42 AM
I am sure of the answer about the effect of ip access-group 19 in when access list 19 is empty. All traffic will be permitted by access-group when the access list referenced is empty.
I am not as sure of the answer about distribute list. I believe that the answer here is also that all prefixes are permitted. If this is on a running router you should be able to look and see if entries learned from that neighbor are in the BGP table and this would answer the question for sure.
HTH
Rick
02-17-2008 04:27 AM
Rick is absolutely right. Because when we implemented the distribut list without creating the list by default it permits all the routes and same the case with the ACL. I had tested the distribute list but not the ACL.
regards
shivlu
02-18-2008 02:13 AM
Hi,
I just tested both (distribute list & access-group) with no ACL and all prefixes and traffic is permited respectively.
Distribute list (w/o ACL) -> All prefixes allowed
Access-group (w/0 ACL) -> All traffic permitted
HTH
-Vaibhav
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: