Route-map Question Part-1

Hi everyone
ex-2:-
ip prefix-list test permit
route-map ine deny
match ip address test

ex-2:-
ip prefix-list test deny
route-map ine permit
match ip address test

what is the difference between
permit in the prefix list and deny in the route-map like ex-1
vs
deny in the prefix list and permit in the route-map like ex-2
???

Hi major133,
In the first example every packet that gets processed by the route-map sequence called, “ine” will first be inspected against the prefix-list. The “permit” in the prefix-list means that the route-map sequence is “permitted to do what it wants to do”…which in this case is to deny packets (or routes). So in this case, the “deny” in the route-map is the final action because it was permitted by the prefix-list.

In the second example, every packet that gets processed by the route-map sequence called, “ine” will first be inspected against the prefix-list. The “deny” in the prefix-list means that the route-map sequence is “denied from doing what it wants to do”. This effectively means that matching against that route-map sequence is terminated “denied by the prefix-list” and the next sequence of the route-map is inspected. If there is NOT another sequence of this route-map, then there is an implicit “deny” action taken by the route-map itself.

1 Like