Home Page   #javascript  #perl  #c  #openmoko  #php  #ruby-lang  #apache  #cisco  #java  #mysql   Wallpapers Girl
Reliable $1 Web Hosting by 3iX

Channels


#cisco

26 December 2007

Total 21 pages. You are browsing page 5/21.

First :: Prev :: [...] [3] [4] [5] [6] [7] [...] :: Next :: Last

07:03 <****> it's like the route-map was never there, so it's not denied
07:04 <****> dwxreaper, i used to think this way, but it's not this way, you can try it
07:04 <****> ok, well i believe you now cuz sal said so!
07:04 <****> :)
07:05 <****> in other words, i don't blive you, but sal :P
07:05 <****> yeah, id believe salparadise
07:05 <****> i see on our routers that's the case, there is a permit at the end, to match what is leftover
07:05 <****> but i thought you just might not need it
07:05 <****> omg don't remove it, you will be fired :P
07:05 <****> im just going by what the book says, but if salparadise says otherwise, then id believe him
07:05 <****> the books definitley say otherwise, i remember reading that
07:06 <****> hmmm what book? regarding what topic
07:06 <****> BSCI
07:06 <****> route-maps
07:06 <****> regarding route maps
07:06 <****> they say there is no implicit deny
07:06 <****> yep
07:06 <****> cbtnuggets did too
07:07 <****> that's weird
07:07 <****> according to the book and the video, if traffic does not match any part of the route map, it is treated as if that route map was never applied
07:08 <****> http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml#wp14040
07:08 <****> search for "implicit deny" <-- it's mentioned
07:08 <****> "Note: There is an implicit deny at the end of the list of match statements."
07:08 <****> im not talking about the end of a match statement though.
07:08 <****> I'm talking about a route map.
07:09 <****> same thing
07:09 <****> lol
07:09 <****> well, no
07:09 <****> not the same thing
07:09 <****> yea same thing
07:09 <****> nope
07:09 <****> even the instructor in the CBT nuggets make an empty route map
07:10 <****> guys, you don't read "The policy routing process proceeds through the route map until a match is found. If no match is found in the route map, or the route map entry is made a deny instead of a permit, then normal destination-based routing of the traffic ensues."
07:10 <****> sure, if you have a match statement that matches but no action, it will deny. but if the traffic doesnt match anything in the route map, it permits
07:10 <****> match-any and match-all have different logic, but that is different than route-map match statements
07:10 <****> Mahmoud, thank you, you proved my point.
07:10 <****> there is no default deny
07:10 <****> humbug it denies at the end..
07:11 <****> "If no match is found in the route map, or the route map entry is made a deny instead of a permit, then normal destination-based routing of the traffic ensues"
07:11 <****> as in... there is no default deny
07:11 <****> humbug: you are talking about policy based routing route-maps, routing protocols is different
07:11 <****> salparadise, i wasnt talking about routing protocols
07:12 <****> but good to know that its different, nonetheless
07:13 <****> but there is implicit deny at the end of the routemap permit or deny statements
07:13 <****> k, sorry what I was talking about above
07:13 <****> so regardless it's there
07:13 <****> dwxreaper, if that statement matches, sure.
07:13 <****> hmmm
07:13 <****> the behavior is different depending on what is being applied against the route-map
07:13 <****> so im right then. good.
07:14 <****> well there is an implicit deny at the end
07:14 <****> nope.
07:14 <****> yeah there is
07:14 <****> i said there wasnt, and Mahmoud provided documentation to back that up.
07:14 <****> if a denies is there it just goes to the routing-table
07:14 <****> teamwork :P
07:15 <****> but no implicit deny at the end
07:15 <****> yeah man, even though you don't see the deny, it is there
07:15 <****> if it matches nothing in the route map, "then normal destination-based routing of the traffic ensues"
07:15 <****> nah, its not.
07:15 <****> the book says its not, cbtnuggets says its not, and the documentation Mahmoud provided says its not.
07:16 <****> that doesn't mean there isn't an implicit deny at the end, and normal routing won't take place if you apply a route-map to a routing update
07:16 <****> and don't consider the implicit deny..
07:16 <****> im not talking about routing updates
07:16 <****> when you apply policy based routing, the implicit deny factors in differently
07:16 <****> im talking about PBR, which is what Mahmoud linked to
07:17 <****> in which case im correct, there is no implicit deny.
07:17 <****> sure there's still a deny, but it's not gonna screw up your routing
07:17 <****> good to know there is though in routing updates
07:18 <****> there is an implicit deny, but that doesn't mean, there is an implicit deny in this route map
07:18 <****> explain?
07:18 <****> so lets remove the routes from the table instead of not applying policy
07:18 <****> huh?
07:18 <****> there's not much to explain, there is deny logic at the end of the route-map
07:19 <****> so regarding my paste, could you tell me what to fix?
07:19 <****> ah, not according to all documentation ive seen
07:19 <****> well if the documentation specifically says there is no deny _logic at the end of a route-map
07:20 <****> it's wrong
07:20 <****> actually no
07:20 <****> nah
07:20 <****> what sal talked about was the routings updates, e.g. bgp.. which does deny anything else "not matched"
07:20 <****> if you have a route-map permit stanza, with no matches, it removes the deny logic
07:20 <****> nevertheless, it's there.
07:20 <****> nah
07:21 <****> so thanks for humbug for currecting me
07:21 <****> no worries. i think it was just a matter of making sure we were both talking PBR, and not routing updates
07:22 <****> it's route-maps, doesn't matter how you're applying them, the logic is the same stricly looking at the route-map
07:22 <****> so, route-maps mean nothing, it depends on how they are using. PBR deny means do nothing. routing updates mean discard unmatched entries
07:22 <****> yup
07:22 <****> yep
07:22 <****> and the paste I did was totally stupid then
07:22 <****> the deny statement simply means do nothing about it
07:22 <****> yeap
07:22 <****> since it's PBR
07:23 <****> exactly
07:23 <****> :)
07:23 <****> its not going to drop traffic or something
07:23 <****> add a permit stanza, and set it to route to null0 ;)
07:23 <****> if you want a default deny ;)
07:23 <****> yeah, was about to use null0 instead of lo0


Total 21 pages. You are browsing page 5/21.

First :: Prev :: [...] [3] [4] [5] [6] [7] [...] :: Next :: Last

Tutti i nuovi CAP Italiani. Come ottenere il database completo