RE: route-map and as-path confusion

Hi Jack,

Note that when multiple lines reference the same type of filter (as-path acl
here) IOS turns it into an "or"

For example, I entered this:

R4(config)#ip as-path access-list 200 permit _1771_
R4(config)#ip as-path access-list 201 permit _1581$
R4(config)#route-map PATH deny
R4(config-route-map)#match as-path 200
R4(config-route-map)#match as-path 201
R4(config-route-map)#route-map PATH permit 20
R4(config-route-map)#end

But IOS rendered the route map as:

!
route-map PATH deny 10
 match as-path 200 201
!
route-map PATH permit 20

To get the AND that you want you could try a single as-path statement that
includes both conditions. In my case

ip as-path access-list 200 permit _1771_.*1581$

In your example something like: ip as-path access-list 35 _3_.*5$

HTH,

Bob Sinclair CCIE 10427 CCSI 30427
CIERS2 Online Instructor
www.bobsinclair.net

> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Jack Router
> Sent: Tuesday, November 23, 2010 1:53 PM
> To: ccielab_at_groupstudy.com
> Subject: route-map and as-path confusion
>
> Hello all,
>
> I have a problem with a route-map. Here is the scenario:
>
> R1(AS1)----R2(AS2)----R3(AS3)----R4(AS4)----R5(AS5)----R6(AS6)
>
> Routers advertise networks: R1: 1.0.0.0, R2: 2.0.0.0 etc...
>
> On R1 I want to filter routes that traversed AS3 *AND* originated in
> AS5. I
> want to use route-map to do this.
>
> Step 1. Define as-path access list:
> # ip as-path access-list 3 permit _3_
> # ip as-path access-list 5 permit _5$
>
> Step 2. Match as-path in route map. This route map is meant to match
> both
> as-path access lists:
> # route-map TST deny 10
> # match as-path 3
> # match as-path 5
> # route-map TST permit 99
>
> Step 3. Apply route-map to neighbor in AS2:
> # router bgp 1
> # neighbor 10.1.12.2 route-map TST in
>
> At this point I should see on R1 all prefixs with xception of 5.0.0.0
>
> "sh ip bgp" shows now:
>
> *> 1.0.0.0 0.0.0.0 0 32768 i
> *> 2.0.0.0 10.1.12.2 0 0 2 i
>
> It looks that only as-path 3 was applied. Why ?
> My understanding is that if multiple match statement are present within
> single route-map instance, thy ALL must match. In this case only
> 5.0.0.0
> matches both access-lists and only 5.0.0.0 should be removed from R1.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 9.0.869 / Virus Database: 271.1.1/3274 - Release Date:
> 11/23/10 02:34:00

Blogs and organic groups at http://www.ccie.net
Received on Tue Nov 23 2010 - 15:16:36 ART