This question is for keith


this is from your CCNP course but i can`t understand it, please explain that again

Assuming that you already know how to configured an extended numbered access-list, this part of the video was explaining that, when paired with a routing protocol’s “distribute-list” command (for route filtering) an extended ACL gives you the ability to match on more than just the prefix of a route.

Depending on which routing protocol you are using, an extended ACL (referenced in a “distribute-list” statement) will give you the ability to match on:

  1. EIGRP: The route prefix and IP address of a directly connected EIGRP neighbor that sent you that route
  2. OSPF: I got this one wrong on the video. When OSPF uses a distribute-list referencing an extended ACL the first portion of the ACL (what we think of as the “source”) is used to match the next-hop address you’d find in your IP Routing Table. The destination portion of the extended ACL is used to match on a prefix/route.
  3. BGP: Match on the prefix as well as the mask associated with that prefix.

Other than that, I think my video does a pretty good job of explaining how all of that works.

1 Like