02-22-2012 11:50 AM - edited 03-07-2019 05:07 AM
Question on redistribution via route-map and ACLs, I have 3 routers in the lab topology connected by serials like so
So I'm just learning redistribution and the end result here is for R3 to have routes for 10.3.3.0 and 192.168.1.0 with a metric of 150 and tag of 10, whilst the 10.4.4.0 is going to be denied.
The 10.4.4.0 does NOT show successfully with this config on R2
conf t
access-list 1 permit 10.4.4.0 0.0.0.255
!
route-map TEST deny 5
match ip add 1
route-map TEST permit 10
set metric 150
set tag 10
!
router ospf 1
redistribute eigrp 100 subnets route-map TEST
!
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Serial0/0
However, if I try to use a deny ACL and a permit sequence on the route-map it gets through and gets the metric of 150 and tag of 10 with the below config
conf t
access-list 1 deny 10.4.4.0 0.0.0.255
!
route-map TEST permit 5
match ip add 1
route-map TEST permit 10
set metric 150
set tag 10
!
router ospf 1
redistribute eigrp 100 subnets route-map TEST
!
R3#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Serial0/0
10.0.0.0/24 is subnetted, 2 subnets
O E2 10.4.4.0 [110/150] via 172.16.1.2, 00:00:05, Serial0/0
O E2 10.3.3.0 [110/150] via 172.16.1.2, 00:00:05, Serial0/0
O E2 192.168.1.0/24 [110/150] via 172.16.1.2, 00:00:05, Serial0/0
R3#
R3#sh ip route 10.4.4.0
Routing entry for 10.4.4.0/24
Known via "ospf 1", distance 110, metric 150
Tag 10, type extern 2, forward metric 64
Last update from 172.16.1.2 on Serial0/0, 00:00:14 ago
Routing Descriptor Blocks:
* 172.16.1.2, from 192.168.1.1, 00:00:14 ago, via Serial0/0
Route metric is 150, traffic share count is 1
Route tag 10
R3#
Both configs should block the 10.4.4.0,.....the first one is denying a permit, the second one is permitting a deny. But why in the second config does the route-map then go onto the next sequence and let 10.4.4.0 through and give it the metric and tag?
Am I missing something simple in the logic of route-maps?
Solved! Go to Solution.