From: Chuck Larrieu (chuck@xxxxxxxxxxxxx)
Date: Sun Mar 04 2001 - 17:15:40 GMT-3
Yes I did look through the archives, because I remember an excellent post on
this same topic a couple of months ago. However, much as I enjoyed reading
some questions from some familiar names on this list, I was unable to find
the damn thing. So...
When structuring access-lists to be used in route-map match statements:
There is something of a backward way of doing this. I.e.
Access-list 1 deny 10.0.0.0 0.0.0.0 when referenced in the route map
statement match ip address 1, serves to tell the route-map process to ignore
this line, rather than consider it.
My specific situation - I want to deny a summary address from being
redistributed back into a protocol from another protocol. Therefore I want
to match ( i.e. "permit" ) the route using the access-list, but deny it
using the route-map
Wrong:
Access-list 1 deny 10.0.0.0 0.0.0.0
Route-map DENYSUM permit 10
Match ip addr 1
Wrong:
Access-list 1 deny 10.0.0.0 0.0.0.0
Route-map DENYSUM deny 10
Match ip addr 1
Right:
Access-list 1 permit 10.0.0.0 0.0.0.0
Route-map DENYSUM deny 10
Match ip addr 1
Chuck
----------------------
I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your life as
it has been is over ( if you hope to pass ) From this time forward, you will
study US!
( apologies to the folks at Star Trek TNG )
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:19 GMT-3