Hi,
Using an extended ACL in a route-map allows you to identify routes based on both network and mask.
For example to filter 192.168.1.0/24, the ACL would be:
ip access-list extended 100
deny ip host 192.168.1.0 host 255.255.255.0
permit ip any any
When used with a routing protocols such as EIGRP, OSPF and BGP, that seems to be the case (according to my labs). Does that sound correct?
Sam
Hello Samir
The behavior for extended ACLs when used in route maps differs depending on the routing protocol in which you are configuring it. For BGP, your description is spot on. However, for IGPs it’s slightly different.
For IGPs, the destination fields of the ACL identify the smallest prefix length allowed in the network range. For BGP it identifies the exact prefix length allowed.
Take a look at slides 8 and 9 of this Cisco Live presentation that details this…
I hope this has been helpful!
Laz
Hi Laz,
Thanks for that.
I have read the document and although I understand it, the examples it gives in Table 15-3 do not clarify things.
So, does it mean that for an IGP an ACL entry of host 155.1.0.0 host 255.255.0.0 would match 155.1.0.0 with a /16 through to /32 prefix length?
Thanks.
Sam
Hello Samir
Yes, for an IGP, the ACL entry host 155.1.0.0 host 255.255.0.0 would match any subnet of 155.1.0.0/16, from /16 up to /32.
I hope this has been helpful!
Laz