Monthly Archives: August 2012

Working With Numbered Access-Lists

Posted on by
2

Numbered Access-List

Back in the day, I didn’t have any white hairs, you could get a bag of potato chips for a quarter, kids didn’t behave badly, and numbered access-lists were all you had to work with in IOS.

If you still have numbered access-lists in your network (and I’ll bet you do), you probably hate working with them. After all, as I mentioned in my post on Active BGP Sessions, trying to remove a single line from a numbered ACL is not possible – you end up deleting the whole list!

Well actually that’s not quite true. Let’s find out why.

Continue reading

An Open Letter Regarding AS-Path Access-Lists

Posted on by
2

Dear Cisco,

Re: AS-Path Access-lists

May we please have named as-path access lists in IOS? I’m really bored of my self-documenting configurations being effectively obfuscated by these ugly numbers I have to use in match statements.

I know you saw the light and allowed this in NX-OS, but don’t forget us poor old retro IOS users please. You might also consider adding some consistency between the configuration of these lists:

ip as-path access-list 1 permit ^$

… and the monitoring:

show ip as-path-access-list

I can never recall whether to use the extra hyphens (dashes) or not. Of course, on this particular matter, NX-OS users have their own hell to contend with:

show ip as-path list <name>

Do we have a deal? Great!

Cheers then,

J.

P.S. If you added them and I just missed that somehow, just let me know and I’ll send flowers or ritually sacrifice an SRX or something.