Cisco ASA 5505 Configuration Manual page 376

Route Maps Overview
•
The dynamic protocol redistribute command allows you to apply a route map. In ASDM, this capability
for redistribution can be found when you add or edit a new route map (see the
section on page
redistribution or if you need more powerful matching capability than an ACL can provide. If you simply
need to selectively permit some routes based on their prefix or mask, we recommends that you use route
map to map to an ACL (or equivalent prefix list) directly in the redistribute command. If you use a route
map to selectively permit some routes based on their prefix or mask, you typically use more
configuration commands to achieve the same goal.
We recommend that you number clauses in intervals of 10, to reserve numbering space in case you need
to insert clauses in the future.
This section includes the following topics:
•
•
Permit and Deny Clauses
Route maps can have permit and deny clauses. In route-map ospf-to-eigrp, there is one deny clause
(with sequence number 10) and two permit clauses. The deny clause rejects route matches from
redistribution. Therefore, the following rules apply:
•
•
•
Match and Set Clause Values
Each route map clause has two types of values:
•
•
For each route that is being redistributed, the router first evaluates the match criteria of a clause in the
route map. If the match criteria succeed, then the route is redistributed or rejected as dictated by the
permit or deny clause, and some of its attributes might be modified by the values set from the Set Value
tab in ASDM or from the set commands. If the match criteria fail, then this clause is not applicable to
the route, and the software proceeds to evaluate the route against the next clause in the route map.
Scanning of the route map continues until a clause is found whose match command(s), or Match Clause
as set from the Match Clause tab in ASDM, match the route or until the end of the route map is reached.
A match or set value in each clause can be missed or repeated several times, if one of these conditions
exists:
Cisco ASA 5500 Series Configuration Guide using ASDM
20-2
Each ACL ends with an implicit deny statement, by design convention; there is no similar
convention for route maps. If the end of a route map is reached during matching attempts, the result
depends on the specific application of the route map. Fortunately, route maps that are applied to
redistribution behave the same way as ACLs: if the route does not match any clause in a route map
then the route redistribution is denied, as if the route map contained deny statement at the end.
20-4). Route maps are preferred if you intend to either modify route information during
Permit and Deny Clauses
Match and Set Clause Values
If you use an ACL in a route map using a permit clause, routes that are permitted by the ACL are
redistributed.
If you use an ACL in a route map deny clause, routes that are permitted by the ACL are not
redistributed.
If you use an ACL in a route map permit or deny clause, and the ACL denies a route, then the route
map clause match is not found and the next route-map clause is evaluated.
match—Selects routes to which this clause should be applied.
set—Modifies information which will be redistributed into the target protocol.
Chapter 20 Defining Route Maps
"Defining a Route Map"
OL-20339-01