Introduction to Route-maps

Hello Gayathri

In the example you posted, you have created a route map called isp that sets the weight attribute of BGP routes to a value of 32869. And you have applied this route to Neighbor 1.1.1.1 in an inbound direction.

Now what this means is that any BGP update that is received from 1.1.1.1 will have that route map applied. The incoming direction does not have to do with the direction of the user data, but the direction of the BGP update.

So when the 1.1.1.1 neighbor sends a BGP update to your local router about its BGP routes, before they are installed in the local BGP table, the weight is changed. So the result is that any routes learned from 1.1.1.1 will have a wight of 32869 in the BGP table. Take a look at this NetworkLessons note on BGP, route maps, and how direction affects the behavior of BGP.

I hope this has been helpful!

Laz

FYI, while going through the examples in my own lab, I want to mention that section 1.4 Set Action omits the part where the route-map MULTIPLE_MATCH in needs to be removed on R2.

I went back to the video and followed that section and noticed that Renee does it in the video but it’s not mentioned. Because of this, I didn’t see loopback 4 show up in the routing table on R2 at first until I re-watched that section and noticed that the route-map needs to be removed.

Aside from that, I learned a lot from this lesson and it was fairly straightforward!

1 Like

Hello Brian

Thanks for pointing that out, I will let @ReneMolenaar know to make any necessary adjustments. In the meantime, we’re happy that the content is helpful for you!

Laz

Thanks @brionesb , I fixed this. Normally I remove things like route-maps or access-lists at the end of a section.

Rene

Hello!

I’ve this route map where I configured to set the metric for the 192.168.1.0/24 to “90”, yet it doesn’t work as intended. Here’s my topology.


obrázok

obrázok

(I know that there’s an implicit deny at the end of my route map, you can ignore that.)
obrázok

Any suggestions on how to fix this problem? Thank you all in advance.

Kind regards,
David

Hello David

This particular behavior that you are seeing is normal for situations where a distribute-list is used to reference a route map in this way. Any set commands used will be ignored. Take a look at this NetworkLessons note on distribute-lists and using route maps to set attributes for more info.

I hope this has been helpful!

Laz

Hi Everyone,
In Match Condition – Deny section, based on the examples, could we say that the permit or deny statement in access lists is not important and is not affecting the route map? The only important thing is the permit or deny statement in route map? As far as I understand access lists only used for specifying the traffic.

Thank you for clarification.

Hello Görgen

When used with route maps, the access lists are used only to match traffic. They don’t actually permit or deny traffic as they would if you applied them to an interface.

In an ACL that is used with a route map, only the permit statements are meaningful. The permit statements are those that match traffic. The deny statements don’t actually match anything.

Now having said that, you might think that deny statements are useless when it comes to ACLs used for route maps. Well, this is not the case. Let’s say you want to match all IP addresses within the range of 192.168.10.0/24 except for 192.168.10.15 and 192.168.10.27. How would you create a route map that would match that range? Well, you would do this:

R1(config)#access-list 1 deny ip host 192.168.10.15
R1(config)#access-list 1 deny ip host 192.168.10.27
R1(config)#access-list 1 permit ip 192.168.10.0 0.0.0.255

The above access list, when used by a route map to match packets, will match the whole 192.168.10.0/24 subnet EXCEPT for those two addresses.

I hope this has been helpful!

Laz

Hi,

Here is my configuration;
R1:

ip cef
!
interface Loopback0
 ip address 192.168.0.1 255.255.255.0
!
interface Loopback1
 ip address 192.168.1.1 255.255.255.0
!
interface Loopback2
 ip address 192.168.2.1 255.255.255.0
!         
interface Loopback3
 ip address 192.168.3.1 255.255.255.0
!
interface GigabitEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex auto
 speed auto
 media-type rj45

!
router eigrp 1
 network 192.168.0.0 0.0.255.255

R2:

ip cef
no ipv6 cef
!
interface Loopback0
 ip address 192.168.78.1 255.255.255.0
!
interface GigabitEthernet0/0
 ip address 192.168.12.2 255.255.255.0
 duplex auto
 speed auto
 media-type rj45  
!
!
router eigrp 1
 distribute-list route-map TEST_2 in 
 network 192.168.0.0 0.0.255.255
!
!
ip access-list standard R1_L0_DENY
 deny   192.168.0.0 0.0.0.255
ip access-list standard R1_L0_PERMIT
 permit 192.168.0.0 0.0.0.255
!
route-map TEST_1 permit 10
 match ip address R1_L0_PERMIT
!
route-map TEST_2 permit 10
 match ip address R1_L0_DENY
!
R2#sh ip route eigrp        
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

It should show 192.168.0.0/24 route but it didnt. Why?

  1. Question
    Hi,

R2:

R2#sh route-map TEST_3
route-map TEST_3, permit, sequence 10
  Match clauses:
    ip address (access-lists): R1_L0_PERMIT 
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes
route-map TEST_3, permit, sequence 20
  Match clauses:
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes
R2#SH ACCESS-LIST R1_L0_PERMIT
Standard IP access list R1_L0_PERMIT
    10 permit 192.168.0.0, wildcard bits 0.0.0.255 (5 matches)
R2#sh ip route eigrp | i /24
D     192.168.0.0/24 
D     192.168.1.0/24 
D     192.168.2.0/24 
D     192.168.3.0/24 
R2#

Why I still see 192.168.0.0/24?

Thanks

Could you help me? Thanks.

Hello Görgen

Concerning your first question:

If you want the route map to allow only the 192.168.0.0/24 network to be advertised to R2, then you must do the following:

ip access-list standard R1_L0_DENY
 deny   192.168.0.0 0.0.0.255
 permit any

route-map TEST_2 deny 10
 match ip address R1_L0_DENY

Why? Because the route map will only act on anything that the ACL matches or permits. So, by adding the permit any entry in the ACL, we are matching everything EXCEPT the 192.168.0.0/24 network.

As we said, the route map will act upon whatever is permitted. Since everything in the ACL is permitted except for the 192.168.0.0/24 network, we want to act on that by denying it. So we use a deny statement in the route map.

So the result is we deny everything the ACL permits (or matches). So everything is denied except for 192.168.0.0/24, and that network should appear in the routing table. Take a look at this NetworkLessons note for more information on how ACLs and route maps interact.

For the second question, you have a route map with two statements, where you permit anything that is matched by the R1_L0_PERMIT ACL, and denying anything else. But your second statement is a permit statement without any match clauses. This results in matching everything. So your first statement matches the 192.168.0.0/24 network while your second statement matches everything thus letting all networks through.

I hope this has been helpful!

Laz

Hi Lazarus thank you I understand.

But these whole configurations are same with the route-map lesson. And these results are not the same with the ones that are in the lesson. That’s why actually I asked the way I asked (“It should be bla bla but it’s not”)When I didn’t see any same result while I’m doing this in my lab, I’ve dissappointed. Thank you for clarifying

Best Regards

Hello Görgen

If you take a look at the lesson, you’ll see that you get the same results as those in the lesson. In section 1.1.2, you’ll see that Rene also didn’t see any routes in his results.

In your second question in your original post, you had a second permit clause for the route map (sequence 20) which Rene didn’t have. That’s why you see the difference there.

I hope this has been helpful!

Laz