RE: General Consensus

From: ZeroFlash (Fire_Ice@verizon.net)
Date: Tue Jun 06 2006 - 11:34:29 ART

• Next message: Carlos Campos Torres \(ccampost\): "RE: ip multicast boundary"
• Previous message: Farrukh Haroon: "Re: My CCIE No.16343"
• Maybe in reply to: Nuno Ceitil: "General Consensus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Nuno -

The two commands that you listed do different things. They can be configured
to do the same but at the end of the day the redistribute connected is going
redistribute only the connected routes in the table, weather you use a
route-map to allow only the specifics is up to you.

A distribute list can filter or allow a much wider range of networks, not
just the connected networks so there's a big difference.

As to the application of these it depends on what is required for
redistribution in my opinion.

As for your route-map ACL's I always (if possible) permit the specific
networks that I want and deny everything else. If you can help it never put
a permit any any at the end of an ACL, it makes things harder when
troubleshooting and if you need to change an ACL quickly you don't need to
remove the whole things just add the part that you need.

Thanks

ZeroFlash
CCIE #16217

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Nuno
Ceitil
Sent: Sunday, June 04, 2006 12:34 PM
To: ccielab@groupstudy.com
Subject: General Consensus

Hi Again

Pro's and Con's of using either

redistributed connected with route-map

or

distribute list out

The only thing that comes to mind is a distribute list allows the

networks to be seen as internal where a redistribute will flag them

as external. Taking into account the issue of distribute-out with OSPF.

If the question gives you the freedom to choose which is better ?

Secondly,

Matching ACLs with route-maps. Is there some unwritten law regarding them?

If the choice is yours which should it be?

access-list 15 deny 150.5.115.0 0.0.0.255

access-list 15 permit any

!

route-map no15 permit 10

 match ip address 15

!

OR

access-list 15 deny 150.5.115.0 0.0.0.255

!

route-map no15 permit 10

 match ip address 15

!

route-map no15 permit 20

!

OR

access-list 15 permit 150.5.115.0 0.0.0.255

!

route-map no15 deny 10

 match ip address 15

!

route-map no15 permit 20

Comments please.

• Next message: Carlos Campos Torres \(ccampost\): "RE: ip multicast boundary"
• Previous message: Farrukh Haroon: "Re: My CCIE No.16343"
• Maybe in reply to: Nuno Ceitil: "General Consensus"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:32 ART