Information Technology Reference
In-Depth Information
Example 10-5
IP Named Access List Configuration Example
interface Ethernet0
ip access-group CCIE out
!
ip access-list extended CCIE
permit tcp any gt 1024 host 192.168.1.1 eq telnet log
permit icmp any any echo log
permit icmp any any echo-reply log
The named access list is verified with the
show access-list
command, as shown in Example 10-6;
the named access list is called CCIE.
Example 10-6
Named Access List as Displayed with the
show access-list
Command
Router#show access-list
Extended IP access list CCIE
permit tcp any gt 1024 host 192.168.1.1 eq telnet log
permit icmp any any echo log
permit icmp any any echo-reply log
Route Manipulation
Several mechanisms exist for manipulating the distribution of routing information within and
among routing protocols. This section reviews the methods that control routes.
Route Maps
Route maps
are script-like procedures that can filter and modify routing information passed
between BGP peers or policy routing, or that are learned through route redistribution. Route
maps provide for flexibility, which simplifies access lists. A route map instance consists of
MATCH statements that identify routes or their attributes, and SET statements that modify
route attributes. A route map name is referenced when applied to a scheme. Example 10-7
shows the options for the
route-map ccie
command. You can use several BGP parameters to
match. IP matches also include the route address, next-hop address, or source address.
A route map can consist of multiple instances. When configuring route maps, it is advisable to
start with an instance number greater than 1. If a route map has multiple statements (instances),
it is advisable to number them with some gaps. Start with number 10, the next instance is 15,
then 20, and so on. This allows you to insert new instances (additional route-map statements)
without having to reconfigure all instances.
Search WWH ::
Custom Search