08-05-2019 02:05 PM
What is the correct syntax to identify a default route with an ACL? FYI, I'm putting together an EIGRP offset list and it seems that only ACLs are permitted to identify routes.
Solved! Go to Solution.
08-05-2019 02:19 PM
08-05-2019 02:18 PM
Hello
@davinci wrote:
What is the correct syntax to identify a default route with an ACL? FYI, I'm putting together an EIGRP offset list and it seems that only ACLs are permitted to identify routes.
What are you trying to accomplish?
If you want to offset all networks from an interface you can use a offset-list 0 no need for acl. or maybe as its eigrp you could manipulate the delay for a preferred eigrp path
08-05-2019 02:24 PM - edited 08-05-2019 02:25 PM
I have a def. route being redistributed from BGP into EIGRP at two different sites. As a result, I'll have 2 def. route coming from from 2 different sites with AD 170. In order to have better control over which def. route is preferred within enterprise, I want to use offset lists so that backup location external EIGRP def. route will be inferior.
08-05-2019 03:10 PM - edited 08-06-2019 01:01 AM
Hello
Using a standard acl with 0.0.0.0 i guest will match the default but no so sure it will also match all routes and not just a default just like an offset-list 0 probably need to test it to validate my thinking is it as it isn't specific to what rtr is advertising the route, You could also try using an extended acl that will allow you to match on the advertising router and the network(s) you wish to filter(the default route)
example:
Ip access-list extended Offset
permit ip host (advertising eigrp rtr) host 0.0.0.0
router eigrp xx
offset list Offset in xxx
08-05-2019 03:14 PM
08-05-2019 02:19 PM
Hello,
try:
access-list 1 permit 0.0.0.0
08-05-2019 02:27 PM
thanks, on a side note... if route isn't matched within ACL offset list is that traffic dropped or passed along with def. EIGRP metrics?
08-05-2019 05:39 PM
offset-list is used for traffic manipulation or engineering. effect is on match.
no other prefixes are affected by it
08-05-2019 07:02 PM
thanks, so I tested this in GNS3 and your syntax worked. This syntax also works too with same results:
ip access-list standard 60
permit host 0.0.0.0
Here's my IOS
R4#sh version
Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 13-Aug-08 21:36 by prod_rel_team
ROM: ROMMON Emulation Microcode
ROM: 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
R4 uptime is 1 week, 6 days, 23 hours, 8 minutes
System returned to ROM by unknown reload cause - suspect boot_data[BOOT_COUNT] 0x0, BOOT_COUNT 0, BOOTDATA 19
System image file is "tftp://255.255.255.255/unknown"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 3725 (R7000) processor (revision 0.1) with 249856K/12288K bytes of memory.
Processor board ID FTX0945W0MY
R7000 CPU at 240MHz, Implementation 39, Rev 2.1, 256KB L2, 512KB L3 Cache
4 FastEthernet interfaces
DRAM configuration is 64 bits wide with parity enabled.
55K bytes of NVRAM.
Configuration register is 0x2102
R4#
08-05-2019 10:13 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide