RE: Access-list in route-map not blocking routes

From: Alvarez, Rolando [NCSUS] (RAlvare5@NCSUS.JNJ.COM)
Date: Fri Jul 25 2003 - 18:20:40 GMT-3

• Next message: beda jain: "Re: Access-list in route-map not blocking routes"
• Previous message: Jonathan V Hays: "RE: Unexpected ospf authentication behavior"
• Maybe in reply to: Joe Martin: "Access-list in route-map not blocking routes"
• Next in thread: beda jain: "Re: Access-list in route-map not blocking routes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Joe,

It looks like to me that your filter would only deny odds on 'both' the
second and third octet. The other two that were allowed ( and you think it
shouldn't have):

ip route 10.2.129.0 255.255.255.0 null0
ip route 10.5.128.0 255.255.255.0 null0

have an even number in either the second or third octet.

Thanks,
Rolando

-----Original Message-----
From: Joe Martin [mailto:jmartin@capitalpremium.net]
Sent: Friday, July 25, 2003 5:16 PM
To: CCIE GroupStudy
Subject: Access-list in route-map not blocking routes

Guys and Gals,

I had a lab requirement that asked me to configure some static routes to
null0 as follows:

ip route 10.2.128.0 255.255.255.0 null0
ip route 10.1.129.0 255.255.255.0 null0
ip route 10.2.129.0 255.255.255.0 null0
ip route 10.5.128.0 255.255.255.0 null0
ip route 10.4.128.0 255.255.255.0 null0

I was asked to advertise these routes to an EIGRP neighbor and to the rest
of the network (which was running OSPF). However, "only routes with an even
number in the 2nd and 3rd octects should be advertised to the rest of the
network." I chose to redistribute static routes to EIGRP and then
redistribute EIGRP into OSPF.

I simply created a route-map that filtered the routes coming from EIGRP as
follows.

access-list 1 deny 10.1.1.0 0.254.254.255 <---------
access-list 1 permit 192.168.9.0 0.0.0.255
access-list 1 permit 172.29.90.0 0.0.0.255
access-list 1 permit 172.29.69.0 0.0.0.255

route-map eigrp2ospf permit 10
match ip address 1
set tag 777

router ospf 1
redistribute eigrp 100 route-map eigrp2ospf

My question is with the filter for the even routes. I simply denied the
routes with the 1 bit on in the 2nd and 3rd octets, or so I thought.

The only route that was filtered was the second static route in the list
which has a 1 in the second octet. All of the other routes were
redistributed, including the other routes with odd numbers. Why?

The solution used a route-map that just allowed the specific even routes as
follows:

access-list 1 permit 10.0.128.0 0.6.0.0

I switched to this and it worked great. But my solution should have worked.
What am I missing?

Unfortunately, I cannot post full configs as this was done on a rental rack
last night. However I should be able to answer any questions about the
configs as neccessary.

TIA,

Joe Martin

• Next message: beda jain: "Re: Access-list in route-map not blocking routes"
• Previous message: Jonathan V Hays: "RE: Unexpected ospf authentication behavior"
• Maybe in reply to: Joe Martin: "Access-list in route-map not blocking routes"
• Next in thread: beda jain: "Re: Access-list in route-map not blocking routes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:53 GMT-3