05-05-2011 03:13 AM - edited 03-04-2019 12:16 PM
Hello All,
I am using the same community-list name for a few diffrent statements.
It's let me use the config shorter and more readable, but I can't modify/remove it.
Router(config)#do sh run | in transit
ip community-list standard transit-routes permit 900:4101
ip community-list standard transit-routes permit 900:4102
ip community-list standard transit-routes permit 900:4103
ip community-list standard transit-routes permit 900:4104
! I need to remove only one statement --> transit-routes permit 900:4104
Router(config)#no ip community-list standard transit-routes permit 900:4104
! as result I have removed all strings... (4101 - 4104)
Router(config)#do sh run | in transit
Router(config)#
Probably I missed something. Please tell me, is it possible to modify such community-list in a different way?
Thank you in advance.
--
Have a nice day,
Dmitry
Solved! Go to Solution.
05-05-2011 05:56 AM
Hello Dmitry,
be aware that if you can change on the fly an ACL when it is applied in a route-map or in other way can have effects:
the first no command deletes the whole ACL so if applied meaning becomes "permit any"
as soon as you write the first line the ACL becomes an ACL with a single statement and so on.
The safer approach is to use a different name or to remove the line where you use it (for example in a route-map or in a neighbor statement) before making changes
Have a nice day you too
Hope to help
Giuseppe
05-05-2011 04:09 AM
Hello Dmitry,
write a new community-list with a different name with the statements that you like to keep
apply the new communiy-list in place of the old one
I tried to do what you did on a C7600 with same results
so it is like it happens for IP ACLS if you delete one statement you delete all the ACL
so a possible approach is that above that avoids the transition from a not existing ACL to an ACL with only one line and so on
Hope to help
Giuseppe
05-05-2011 04:28 AM
Giuseppe,
thank you for reply. in this case i can use the action like this:
Router(config)#do sh run | in transit
ip community-list standard transit-routes permit 900:4101
ip community-list standard transit-routes permit 900:4102
ip community-list standard transit-routes permit 900:4103
ip community-list standard transit-routes permit 900:4104
Router(config)#no ip community-list standard transit-routes permit 900:4104
Router(config)# ip community-list standard transit-routes permit 900:4101
Router(config)# ip community-list standard transit-routes permit 900:4102
Router(config)# ip community-list standard transit-routes permit 900:4103
but I was thinking it should be simular to Named ACL than to standard ACL...
Thank you.
--
Have a nice day,
Dmitry
05-05-2011 05:56 AM
Hello Dmitry,
be aware that if you can change on the fly an ACL when it is applied in a route-map or in other way can have effects:
the first no command deletes the whole ACL so if applied meaning becomes "permit any"
as soon as you write the first line the ACL becomes an ACL with a single statement and so on.
The safer approach is to use a different name or to remove the line where you use it (for example in a route-map or in a neighbor statement) before making changes
Have a nice day you too
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide