RE: BGP neighbor default-originate route-map

From: Brian Dennis (brian@labforge.com)
Date: Wed Apr 02 2003 - 02:25:06 GMT-3

• Next message: Fong, Eddy: "3550 Layer2 QOS"
• Previous message: Jonathan V Hays: "RE: autocommand"
• Maybe in reply to: patcunnin@yahoo.com: "BGP neighbor default-originate route-map"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Jonathan,
If you type this ACL into a router:

access-list 100 permit ip 30.10.1.0 0.0.0.0 255.255.255.0 0.0.0.0

the IOS will change it to this in the config:

access-list 100 permit ip host 30.10.1.0 host 255.255.255.0

As far as your ACL is concerned it's not needed to have a 0.0.0.255
wildcard mask on the network because a /24 will always come in with a 0
in the last octet (X.X.X.0). Your ACL matches all 30.10.1.X/24 networks
which there can be only one and that is the 30.10.1.0/24. This means
that a wildcard mask of 0.0.0.0 or using the host keyword is correct.

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
Director of CCIE Training and Development - IPexpert, Inc.
Mailto: brian@ipexpert.net
Toll Free: 866.225.8064
Outside U.S. & Canada: 312.321.6924

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jonathan V Hays
Sent: Tuesday, April 01, 2003 8:01 PM
To: patcunnin@yahoo.com; ccielab@groupstudy.com
Subject: RE: BGP neighbor default-originate route-map

> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of patcunnin@yahoo.com
> Sent: Tuesday, April 01, 2003 4:47 PM
> To: ccielab@groupstudy.com
> Subject: BGP neighbor default-originate route-map
>
>
> I'm trying to use an extended access-list with a
> route-map to generate a default route to a bgp peer.
> It works fine with standard access list but not with
> an extended. I have a feeling I'm missing something
> trivial. Here are the show runn, show ip bgp nei adv,
> show ip route"
   
<snip>

>
> access-list 101 permit ip host 30.10.1.0 host
> 255.255.255.0
> !
> route-map pjc permit 10
> match ip address 101
> !

Firstly, you don't want to use the "host" keyword with a network
(30.10.1.0) which is what it appears you have done (although this could
be a host, depending on the mask).

I think you are trying to use the extended list to define what Halabi
(p.324 of the 2nd Edition) calls a "source/mask tuple" of the form:

access-list number permit ip network network-do-not-care-bits mask
mask-do-not-care-bits.

If that is the case, I don't think the "host" keyword is allowed. You
need:

access-list 101 permit ip 30.10.1.0 0.0.0.255 255.255.255.0 0.0.0.0

Perhaps I have misconstrued what you wanted to do. What exactly are you
attempting to define with your ACL? What was the standard ACL that
worked?

• Next message: Fong, Eddy: "3550 Layer2 QOS"
• Previous message: Jonathan V Hays: "RE: autocommand"
• Maybe in reply to: patcunnin@yahoo.com: "BGP neighbor default-originate route-map"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:35:45 GMT-3