sequence numbered ACLs not sorting correctly


I seem to be having trouble getting ACL sequence numbers to behave how I would expect them to on a 7100 running IOS 12.3, and I'm not sure if I'm expecting the wrong behavior or if something is being screwy.

I create an access-list

ip access-list standard test > 10000 deny

later, I add to the list

ip access-list standard test > 9000 deny > 11000 deny

and later still, I add some more.

ip access-list standard test > 8000 deny > 12000 deny

show ip access-lists results in the following

Standard IP access list test > 9000 deny > 11000 deny > 10000 deny > 8000 deny > 12000 deny

as you can see, the list is definitely not sorted by it's sequence numbers, in fact the placement of the rules I added later one almost seems random.

Am I doing something wrong? or misunderstanding the point of sequence numbers? They seem like they would be incredibly useful If they actually caused rules to be sorted in increasing order.



Reply to
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.