cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
430
Views
0
Helpful
3
Replies

BGP Route Redistribution.

ajay chauhan
Level 7
Level 7

router-map name permit 10

match ip address 10

access-list 10 permit X.Y.Z

router-map name permit 10

match ip address 10

access-list 10 deny X.Y.Z

router-map name deny 10

match ip address 10

access-list 10 permit X.Y.Z

Here route-map is deny but access-list is

permitted if i am redistributing protocols in this case

access-list 10 will be redistributed or not.

router-map name deny 10

match ip address 10

access-list 10 deny X.Y.Z

In there any meaning to use this route-map with acl deny if yes

then where we can use .

3 Replies 3

pkhatri
Level 11
Level 11

The 'access-list 10 deny X.Y.Z' will deny all addresses, not just X.Y.Z, simply because of the implicit deny at the end of the ACL.

That means that the first clause of the route-map will match all IP addresses, and deny all of them.

Now, if you had an ACL that had permit entries other than the deny, then what would happen is that it would match all addresses that are permitted. The route-map would then deny all of the addresses matched by the ACL and permit everything else. All of these other addresses would then fall through to the next clause of the route-map, if it exists.

Paresh

PS. Pls do remember to rate posts

router-map name permit 10

match ip address 10

access-list 10 deny X.Y.Z

mean to say route-map permit match address

10 redistribute others except X.Y.Z

router-map name deny 10

match ip address 10

access-list 10 permit X.Y.Z

Deny all the networks except X.Y.Z

Just like Paresh said. The first route-map will deny all ip address. Only if you add a "permit any" after the deny x.y.z ACL, then you will have your expected result.

IMO, the second route-map will deny x.y.z only and permit others.

You can try these route-map in your lab.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco