We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 581 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)


295 New Members signed up the last 30 days!


100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,

Forum Replies

  1. Excellent article, Rene. Is this a way to prevent what they call asymmetric routing?

  2. It's mostly used to prevent routing loops or sub-optimal routing paths that are caused by redistribution. Asymmetric routing doesn't have to be a problem...when using IGPs (OSPF / EIGRP) you will mostly see symmetric routing but with BGP, asymmetric routing is likely to occur.

  3. Can you confirm if this is my correct reading of this route-map
    Networks from Protocol B 'Jack' are untagged until they enter Protocol A where they are Tagged - (The first statement is ignored because they are not Tagged)

    Jack(config)#route-map TAG permit 20
    Jack(config-route-map)#set tag 1

    When these now Tagged routes hit 'John' Still in Protocol A they are denied from re-entering Protocol B via the First statement.

     route-map TAG deny 10
        John(config-route-map)#match tag 1

    But as you say the route-map has to deny the Tagged routes first or it will allow all routes that is why the deny comes before the permit?

  4. Rouzbeh,
    It looks to me that although your interface address for the loopback is, the actual route corresponding to that interface is /24 not /32. It is the route, not the host address that has tags applied to it. Since the route is not matched by your access-list 1 statement of, your tag is not getting applied.

    Here is another way to test this theory. Change your access-list back to what you had originally (, but change your loopback address to (, and see whether you now have the tag 111 for

  5. andrew says:

    Yes, you can do this, but you need to be aware of how the difference in writing a route-map determines whether your conditions are logical ANDs or ORs.

    The following route-map would only act on a route that has all of the tags 10, 20, and 30

    route-map TAG deny 10
     match tag 10
     match tag 20
     match tag 30

    Whereas, the following route-map would act on a route that has any of the tags 10, 20 or 30

    route-map TAG deny 10
     match tag 10 20 30

19 more replies! Ask a question or join the discussion by visiting our Community Forum