Route maps

John Blakley · ‎09-24-2009

All,

I'm a little confused about route map functionality with regards to the deny statement. Do the following all do the same thing?

Ex. 1:

access-list 5 deny 1.1.1.0 0.0.0.255

access-list 5 permit any

route-map TEST permit 5

match ip address 5

route-map TEST permit 10

Ex. 2:

access-list 5 permit 1.1.1.0 0.0.0.255

route-map TEST deny 5

match ip address 5

route-map TEST permit 10

For some reason, I get caught on the deny clause. When it denies, does it actually deny those routes from being processed at all? If I were to apply the first example to a neighbor for bgp, would the 1.1.1.0 not show up in the routing table? It seems like it doesn't, but I want to make sure that I'm looking at this right.

*Edit: Actually, the route map doesn't stop the route from being put into the table. Are the deny statements ONLY for processing weights, metrics, etc, and if I need to deny a route from getting into the table, I should use a distribution list?

Thanks,

John

HTH, John *** Please rate all useful posts ***

Giuseppe Larosa · ‎09-24-2009

Hello John,

when you use a route map deny statement if a prefix is permitted by the ACL it is actually filtered.

but if you have a route map deny statement with an ACL that denies a prefix that prefix is not filtered but left in basket and so can be permitted by the second clause.

So the two route-maps do different things:

first route-map allows only prefix 1.1.1.0/24 as a result of denying it and the permit any that will cause all other prefixes to be denied.

second route-map denies 1.1.1.0/24 and allows all other prefixes with second clause.

Hope to help

Giuseppe

John Blakley · ‎09-24-2009

Giuseppe,

Would you say that the second example would act like a distribution list filter?