Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
584
Views
0
Helpful
0
Replies

Standard ACL for BGP route filtering

ningyixiao
Level 1
Level 1

‎04-16-2018 01:42 AM - edited ‎03-08-2019 02:39 PM

Hi Guys,

 

I'm reading Routing TCP/IP, Volume II: CCIE Professional Development, 2nd Edition. I have a quesiton in Ch3, the example 3-45 as below: 

 

router eigrp 100
 network 192.168.199.0
!
router bgp 100
 aggregate-address 192.168.192.0 255.255.248.0
 redistribute eigrp 100
 neighbor 192.168.1.253 remote-as 200
 neighbor 192.168.1.253 send-community
 neighbor 192.168.1.253 route-map COMMUNITY out
!
ip classless
!
access-list 101 permit ip host 192.168.192.0 host 255.255.248.0
!
route-map COMMUNITY permit 10
 match ip address 101
 set community none
!
route-map COMMUNITY permit 20
 set community no-export

 

"The usage of access list 101 in this example may be new to you. Normally, the first address specified in an extended IP access list is the source address, and the second address is the destination. But in this application, the first address is the route prefix and the second address is the prefix’s mask. The reason such an odd access list is necessary is because the exact prefix must be identified. If access-list 1 permit 192.168.192.0 0.0.7.255 were used, it would match both the aggregate 192.168.192.0/21 and the more-specific route 192.168.192.0/24."

 

I tot ACL in route filtering will only match the exact prefixt? Only prefixt-list is able to match a range by using ge and le? Why here it says the access-list 1 can match both /21 and /24?

 

Thanks

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card