Home > Route-map Questions

Route-map Questions

March 23rd, 2020 Go to comments

Route-map Quick Summary

Route-maps work like the “if-then” programming solution for networking devices. A route-map allows you to check for certain match conditions and (optionally) set a value. Route maps are commonly used for route redistribution, Policy Based Routing and BGP policy implementation.

Route maps have the following common characteristics:

Route maps are executed in the order of the lowest sequence number to the highest. You can edit or modify maps by using the sequence number.

+ If a match is found within a route map instance, execution of further route map instances stops.
+ You can use route maps to permit or deny the information found true by the match statements.
+ If route maps are applied in a policy-routing environment, packets that do not meet the match criteria are then forwarded according to the routing table.
+ If there is no match statement in the route map instance, all routes and packets are matched. The set statement will apply to all routes or packets. In other words, a rule with no match command will match anything.
+ If there is not a corresponding ACL to the match statement in the route map instance, all routes are matched. The set statement, in turn, applies to all routes.
+ As with ACLs, an implicit deny is included at the end of the route map policy.

Reference: https://www.ciscopress.com/articles/article.asp?p=102092

The router will consider multiple match conditions in the same line as a logical OR. This means that, if at least one of them is true, the line matches. Instead, match conditions on different lines are a logical AND: they must all be true for the rule to match. For example:

//Match one of them to be true
match source-protocol ospf 1 eigrp 65000 
match tag 20

This means that we are matching routes with tag 20 coming from either OSPF 1 or EIGRP 65000.

Permit and Deny Clauses

If a route-map is used for redistribution purpose:

– ACL permit + route map permit: routes are redistributed
– ACL permit + route map deny: routes are not redistributed
– ACL deny + route map permit or deny: the route map clause is not matched, and the next route-map clause is evaluated.

Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/asa912/configuration/general/asa-912-general-config/route-maps.pdf

Thus, we can summarize in the following four cases.

Route Map Action ACL Action Description
permit permit Route allowed
permit deny Route does not match the statement
deny permit Route denied
deny deny Route does not match the statement

Deny Access-list Entry Example

The following example illustrates how to stop processing a given route map sequence, and to jump to the next sequence. Packets arriving from source 1.1.1.1 will skip sequence 10 and jump to sequence 20. All other packets from subnet 1.1.1.0 will follow the set statement in sequence 10.

access-list 1 deny ip 1.1.1.1
access-list 1 permit ip 1.1.1.0 0.0.0.255
access-list 2 permit ip 1.1.1.1
access-list 2 permit ip 2.2.2.2
!
interface fastethernet 3/1
 ip policy route-map Texas
!
route-map Texas permit 10
 match ip address 1
 set ip next-hop 3.3.3.3
!
route-map Texas permit 20
 match ip address 2
 set ip next-hop 3.3.3.5

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/pbroute.pdf

Question 1

Explanation

AS-Path prepending is a way to manipulate the AS-Path attribute of a BGP route. It allows prepending multiple entries of AS to a BGP route.

Question 2

Question 3

Explanation

The traffic reaches Gi0/1 interface so we must apply policy (“ip policy route-map test”) on this interface. The question requires to reach the destination of 172.20.40.0/30 so the next-hop IP address should be 172.20.40.1.

Comments (8) Comments
  1. Sarang
    December 1st, 2020

    I looked for the answer E on Q3 on my test, but I could not find the answer E on my test.

  2. Tester1
    December 29th, 2020

    Guys,

    Concerning question 3: in the exam the destination router is R2 not R3.

  3. Mok
    January 3rd, 2021

    @Tester1 , when did you take the exam ? I am going to take it tomorrow . anything new there ?

  4. Q3
    February 19th, 2021

    @networktut can you please verify that the answer to question 3 is E?

  5. Anonymous
    February 27th, 2021

    Question 3
    Refer to the exhibit. Which configuration configures a policy on R1 to forward any traffic that is sourced from the 192.168.130.0/24 network to 17.20.20.0/30 network?

    route_map_policy.jpg

    Answer can only be E look at route-map test permit 10
    match ip address 1
    set ip next-hop 172.20.20.1

  6. Nini
    August 13th, 2021

    anyone with the latest CCNP 300-410 Dumps?

  7. IXIE
    January 28th, 2022

    The questions and answer don not appear yet, do you hace an update?

  8. Elia
    May 24th, 2023

    Hi
    since policy is being implemented on R1 , does not matter if its R3 access-list 1 permit 192.168.130.0 0.0.0.255
    !
    interface Gi0/1
    ip policy route-map test
    !
    route-map test permit 10
    match ip address 1
    set ip next-hop 172.20.40.2

    If R3
    access-list 1 permit 192.168.130.0 0.0.0.255
    !
    interface Gi0/1
    ip policy route-map test
    !
    route-map test permit 10
    match ip address 1
    set ip next-hop 172.20.20.2

    AS R1 interface address is 172.20.40.2 and 172.20.20.2

    Please correct me if i m wrong

    it should be