Example

R5(config-router)# neighbor 172.16.56.6 route-map MYMAP in R5(config-router)# exit

R5(config)# access-list 1 deny 60.1.1.0 0.0.0.255 R5(config)# access-list 1 deny 60.2.2.0 0.0.0.255 R5(config)# access-list 1 permit any R5(config)# route-map MYMAP permit 10 R5(config-route-map)# match ip address 1 For each individual route:

■ If route-map sequence number 10 is matched deny the route to 60.1.1.0/24 or 60.1.1.0/24 execute any set statements, and exit the route-map, do not continue processing. Without the permit any access list, all routes would be implicitly denied.

If route-map sequence number 10 is not matched, exit the route-map. Implicitly deny the route.

R5# show ip bgp

BGP table version is 3, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

You denied networks 60.1.1.0/24 and 60.2.2.0/24 You accepted all other networks (6.3.3.0/24)

This form is limited to only one route-map statement, because of the permit any in access list 1. Since all other routes would fall under this category the route-map sequence 10 would match and exit. You would never continue to any other route-map sequence number.

Deny 60.1.1.0/24 Deny 60.2.2.0/24 Permit 60.3.3.0/24

R5(config-router)# neighbor 172.16.56.6 route-map MYMAP in

R5(config-router)# exit

R5(config)# access-list 1 permit 60.1.1.0 0.0.0.255 R5(config)# access-list 2 permit 60.2.2.0 0.0.0.255 R5(config)# route-map MYMAP deny 10

R5(config-route-map)# match ip address 1 R5(config-route-map)# exit R5(config)# route-map MYMAP deny 20 R5(config-route-map)# match ip address 2 R5(config-route-map)# exit R5(config)# route-map MYMAP permit 30

R5(config-router)# neighbor 172.16.56.6 route-map MYMAP in

R5(config-router)# exit

R5(config)# access-list 1 permit 60.1.1.0 0.0.0.255 R5(config)# access-list 2 permit 60.2.2.0 0.0.0.255 R5(config)# route-map MYMAP deny 10

R5(config-route-map)# match ip address 1 R5(config-route-map)# exit R5(config)# route-map MYMAP deny 20 R5(config-route-map)# match ip address 2 R5(config-route-map)# exit R5(config)# route-map MYMAP permit 30

© 2002, Cisco Systems, Inc. t o CCIE Prep v1.0—Module 8-87

Denying in the route-map and permitting with the conditional (ACL) statement is shown. With the deny/permit form, the logic will follow this format: If a match occurs

Then deny the route

Exit the route-map

Was this article helpful?

0 0

Post a comment