Hi,

I have a question regarding EIGRP route filtering with route map and extended access list (ACL).

This is the reference routing table BEFORE route filtering:

10.0.0.0/8 is variably subnetted, 9 subnets, 7 masks
D        10.0.0.1/32 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1
D        10.0.0.2/32 [90/130816] via 172.16.0.9, 00:02:37, GigabitEthernet0/3
C        10.0.0.3/32 is directly connected, Loopback0
D        10.1.0.0/16 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1
D        10.2.0.0/17 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1
D        10.3.0.0/18 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1
D        10.4.0.0/19 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1
D        10.5.0.0/20 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1
D        10.5.20.0/22 [90/130816] via 172.16.0.5, 00:02:37, GigabitEthernet0/1

I want to filter out the prefixes in bold. Everything works fine when I create the extended ACL:

10 permit ip 10.5.0.0 0.0.255.255 255.255.240.0 0.0.15.0

and apply it to the route map:

route-map FIL, deny, sequence 10
  Match clauses:
    ip address (access-lists): ACL1 
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes
route-map FIL, permit, sequence 20
  Match clauses:
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes

QUESTION:

However, if I add the second line to the ACL:

20 permit ip any any

every 10.x.x.x gets filtered out, except the 10.0.0.3/32 (local)

Can somebody, please, explain why is this happening?

Thank you!