Well Pavel,
The ACL was matching some routes although they were the wrong routes
(because i was using the wrong mask as pointed out by Daniel)
I could see matches on the ACL in the output of "sh ip access-list" command.
That was the reason, i troubleshooted in the wrong direction. I never
doubted the ACL because of the matches that i could see. I thought it was
working, so i kept working on the route-map and redistribution while the
problem was with the mask on my ACL.
Thanks again to both of you. Looking forward to you guys' helpin me with
many more problems ...;-)
Regards
On Thu, Sep 8, 2011 at 11:00 PM, Pavel Bykov <slidersv_at_gmail.com> wrote:
> Amit Kumar, how did you concluded that ACL was filtering routes?
> I don't see any deny statement in your route-map.
>
> I don't know what routes you were trying to filter, so I can't judge if the
> ACL is written correctly. The ACL and PFX list you presented filter
> different networks.
> Usually ACL cannot match on prefix length. There are some situations where
> extended ACL can be used, as Daniel mentioned, to match the prefix length,
> but I don't think this is always the case. The ACL then looks like this:
> source=network, destination=mask.
>
> Pavel.
>
> On Thu, Sep 8, 2011 at 9:35 AM, <daniel.dib_at_reaper.nu> wrote:
>
>> On Thu, 8 Sep 2011 11:26:35 +0530, Amit Kumar Lohumi wrote:
>>
>>> While performing redistribution from RIP to OSPF, i was trying to set-up
>>> the
>>> route-type for certain routes to E1 using a route-map.
>>>
>>>
>>> First, i used an access-list inside the route-map to identify those
>>> routes.
>>> Although the ACL was filtering routes, the 'set' action was not being
>>> performed by the route-map.
>>>
>>>
>>> The problem was resolved after replacing the ACL with a prefix-list.
>>>
>>> Is there a ready explanation for this observation ... ??
>>>
>>> *ACL*
>>>
>>> ip access-list standard summary
>>> permit 30.0.0.0 0.252.255.255
>>> permit 31.0.0.0 0.252.255.255
>>> *Prefix-List*
>>>
>>> ip prefix-list summary seq 5 permit 30.0.0.0/8 ge 14
>>> ip prefix-list summary seq 10 permit 31.0.0.0/8 ge 14
>>> *Route-map with ACL*
>>>
>>> route-map assign-metrics permit 10
>>> match ip address summary
>>> set metric-type type-1
>>> !
>>> route-map assign-metrics permit 20
>>> *Route-map with Prefix-list*
>>>
>>> route-map assign-metrics permit 10
>>> match ip address prefix-list summary
>>> set metric-type type-1
>>> !
>>> route-map assign-metrics permit 20
>>>
>>>
>> Hi,
>>
>> You are using INEs topology right? Your ACL looks a bit off. You are using
>> a wildcard of 0.252.255.255 which will match 30.0.0.0, 30.4.0.0, 30.8.0.0
>> and so on. I think the WC you were after is 0.3.255.255. If you also want to
>> match the network mask you need to use an extended ACL.
>>
>> /Daniel
>>
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> ______________________________**______________________________**
>> ___________
>> Subscription information may be found at: http://www.groupstudy.com/**
>> list/CCIELab.html <http://www.groupstudy.com/list/CCIELab.html>
Blogs and organic groups at http://www.ccie.net
Received on Thu Sep 08 2011 - 23:45:36 ART
This archive was generated by hypermail 2.2.0 : Sat Oct 01 2011 - 07:26:25 ART