[rancid] cisco-xr ASR9K and numbered ACL's
Alan McKinnon
alan.mckinnon at gmail.com
Wed Oct 15 05:28:52 UTC 2014
On 15/10/2014 07:27, heasley wrote:
> Wed, Oct 15, 2014 at 07:22:23AM +0200, Alan McKinnon:
>>> Rancid collected config:
>>> ipv4 access-list no-rfc1918
>>> remark Deny traffic to RFC 1918
>>> deny ipv4 10.0.0.0/8 any
>>> deny ipv4 any 10
>>> deny ipv4 172.16.0.0/12 any
>>> deny ipv4 any 172
>>> deny ipv4 192.168.0.0/16 any
>>> deny ipv4 any 192
>>> permit ipv4 any any
>>>
>>>
>>> A minor problem where the ACL is obvious as above, but this is the
>>> exception.
>>> Can someone suggest a good fix or workaround for this please (preferably
>>> without changing the ASR9K config), I trust it affects others with this
>>> sort of config?
>>> I can see earlier posts mention xrrancid but can’t find that in our 3.1
>>> install.
>>
>> This appears to be rancid's acl renumbering, which is the designed
>> behaviour for good reasons.
>
> I dont think so; yes its removing the line numbers, but its botching every
> other line.
>
Is "deny ipv4 any 192" a valid Cisco config?
--
Alan McKinnon
alan.mckinnon at gmail.com
More information about the Rancid-discuss
mailing list