Thanks for heads up for this issue.

I missed the sequence of route-map. problematic route-map was sequenced under normal route-map. this normal route-map was intended to block the traffic. However, right below route-map not contained prefix-list caused the problem.

So, we had to remove it, and the entire route-map was started working.

route-map To_BB1 permit 10 <- which is normal to block sending unwanted prefix to BB1

!

route-map To_BB1 permit 15 <-  this route-map didn't contain prefix-list, caused problem.

I think you can have a test with dynamips or so :-)

Hi Daniel,

I am afraid you are incorrect with your following statement.

"route-map xyz permit 10

match ip address prefix-list abc

And there is no prefix-list abc then all prefixes would be denied from being permitted."

If a "route-map xyz permit 10" has a match clause for an access-list or prefix-list; and that access-list or prefix-list doesn't exist in the configuration than all prefixes are permitted, nothing is denied. And for that matter if, there is no match statement in the route-map and route-map sequence is permit action then also all prefixes is permitted."

-Vishesh

That's not what I said but you are correct. I tested it and if there is no prefix-list then all prefixes are allowed through.

Daniel Dib
CCIE #37149

Please rate helpful posts.

So, guys, is this expected behavior?

the prefixs are being allowed even though blocking clause is above of 'empty route-map' doesn't contain actual prefix-list ?

my point is why the prefix has been allowed even though prior route-map is denying to send prefix to another bgp peer.

If the route-map invokes as per sequence, then the prefix should be filtered regardless of next clause.

Hi Syjeon,

We do not suggest to make on th efly changes to an access-list or prefix-list, which is applied in a route-map, this can show some unpredictable behavior.

There are some bugs, with certain platforms mostly on IOS-XE codes. I would like to know your initial configuration and the change you made, that triggered the event. Also, information about the platform and IOS version, before I answer that it is a bug or not.

Also, what was this route-map filtering, ebgp, ibgp, eigrp etc. incoming or outgoing routes?

-Vishesh

Hi Verma,

I understand that it's not right route-map config. but, I don't understand this kind of error even though the 'deny' route-map was located above of problematic route-map. here is config was we performed.

Below is partial of config caused the issue.

ip prefix-list TOBB#1 seq 3 deny 10.0.0.0/8 le 32
!
route-map TOBB#1 permit 15
match ip address prefix-list TOBB#1
!
route-map TOBB#1 permit 20
match ip address prefix-list aggregate
!
! no exist for aggregate prefix-list

after we realized route-map didn't work as intended, we removed route-map #20
and then, everythings worked fine.

in common sense, th route-map should not affect to work route-map # 15? so, route-map # 15 should work regardless of route-map # 20. but, it was not. it didn't work properly before we remove route-map # 20.