Hello All, I came across a PBR task with the following requirements :
1) Match ICMP traffic 2) Match only if it exits out of fa 0/1 interface 3) Match it only if it's length is a hundred bytes. 4) Drop the traffic if it matches the above criteria The solution states : access-list 101 permit icmp any any route-map test match ip address 101 match interface fa 0/1 match length 100 100 set interface null 0 exit Then , the route-map is applied to an interface. I always thought, multiple match criteria were processed using the "OR" logic. That is, in this case, if either the packet matches the ACL 101 , or if the exiting interface of the packet is fa 0/1 , or if the packet length is 100 bytes, then it matches the route-map's clause and the packet is dropped. But the solution uses this as an "AND" logic. I'm confused? I found an example(below) in the Doc-CD which states that the successive MATCH clauses are treated as OR. ! Match ip address access list 69 *or* match AS path 1 ! and set the IP Precedence to critical route-map precedence-map permit 75 match ip address 69 match as-path 1 set ip precedence critical Wondering if anyone can shed some light on this Cheers and thanks, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
