I'm having difficulty to configure a route-map with multiple matches in AND operation.
The issue is, both match criteria are against ACL, but different ACL.
What I want to do is
route-map TEST permit 10
match ip address 100
match ip address 110
set vrf TESTVRF
I was expecting above to be AND operation for the match requirement.
However, when I issue show run, it becomes
route-map TEST permit 10
match ip address 100 110
set vrf TESTVRF
which is an OR operation by Cisco syntax.
The question is, how can I do multiple ACL match in AND operation for route-map?
Thanks.
Best Answer
Easiest way in my opinion is to setup an
access-list
with all the matches you need and put that in the route-map.EDIT
Disclaimer: I'm just guessing here.
You can try this, assuming
access-list 100
for sources andaccess-list 110
for destinations:Here you revert the logic of the
access-lists
:and then use
deny
on yourroute-map
(so if theaccess-list
permits, then the rule fails):The logic behind this is:
Basically it checks first if source is permitted (via
access-list 100
), if permitted then it checks if destination is permitted (access-list 101
), at last if BOTH are permitted set thevrf
.Then you can easily permit N different source networks in
access-list 100
and M different destination networks inaccess-list 101
.