yep i was just stating generic reason for using route-map like you said its
flexibility...
that happens alot, like in BGP where you can set things on the neighbor
statements but also use a route-map, just about the flexibility in any case,
cause you never know down the road you need to add that next level and if
you have the route-map, you are all set...
you are on the right track as for the lab exam though, have to know and
understand all the options cause they will take most of them away from you
first thing you know...
-- Garry L. Baker "With sufficient thrust, pigs fly just fine..." - RFC 1925 On Sun, May 15, 2011 at 7:45 AM, Radioactive Frog <pbhatkoti_at_gmail.com>wrote: > Thanks Garry/Andrew, > > @Garry: > Actually, I have mentioned, I have specific scenario - 2 interfaces -inside > and outside only. no dual-homing etc. > > >>Noticed, I am not tweaking any metric or anything. > so still can't see why would anyone will use in my examples route-map. both > route-map and simple nat acl are producing the same result. > > I think as you both have mentioned - route-map is flexible and list ACL is > not. > > Need to read between the lines for this one or Just use the route-map. > > > > > On Sun, May 15, 2011 at 1:17 PM, garry baker <baker.garry_at_gmail.com>wrote: > >> Note 2 >> The advantage of using route-maps is that under the match command you can >> have more options other than source IP address. For example, under the >> route-map, match interface or match ip next-hop can be specified. By using >> route-maps, you can specify the IP address as well as the interface or the >> next-hop address to which the packet is to be forwarded. Therefore, >> route-maps with NAT are used in a scenario where the subscriber is >> multi-homing to different ISPs. >> >> >> http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093fca.shtml >> >> -- >> Garry L. Baker >> >> "With sufficient thrust, pigs fly just fine..." - RFC 1925 >> >> >> >> On Sun, May 15, 2011 at 4:51 AM, Radioactive Frog <pbhatkoti_at_gmail.com>wrote: >> >>> Folks, >>> In below scenario where I am excluding 192.168.1.0/24 from NAT - in what >>> scenario I'd use route-map? >>> Noticed, I am not tweaking any metric or anything. >>> >>> Task# exclude 192.168.1.0/24 from NAT >>> >>> My understanding is both solution will work but easier one is solution#2 >>> without route-map. Save time in typing :) >>> >>> what are your thoughts? >>> >>> --------------- Solution#1---------------- >>> ip access-list extended NAT >>> deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 >>> permit ip any any >>> >>> route-map POLICY-NAT 10 >>> match ip address NAT >>> >>> ip nat source route-map POLICY-NAT interface s0/0 overload >>> >>> interface f1/0 >>> ip nat inside >>> >>> interface s0/0 >>> ip nat outside >>> >>> ----------Solution#2--------------- >>> ip access-list extended NAT >>> deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 >>> permit ip any any >>> >>> ip nat source list NAT interface s0/0 overload >>> >>> interface f1/0 >>> ip nat inside >>> >>> interface s0/0 >>> ip nat outside >>> >>> >>> Blogs and organic groups at http://www.ccie.net >>> >>> _______________________________________________________________________ >>> Subscription information may be found at: >>> http://www.groupstudy.com/list/CCIELab.html Blogs and organic groups at http://www.ccie.netReceived on Sun May 15 2011 - 08:04:42 ART
This archive was generated by hypermail 2.2.0 : Wed Jun 01 2011 - 09:01:11 ART