It looks like RtConfig 3.5.0 confuses "in" and "out" when a distribute-list command (instead of a route-map) is generated from an export command. In this case, the export policy is NOT ANY. To see this, consider the following RtConfig code: @RtConfig set cisco_map_name = "AS2914-EXPORT" @RtConfig export AS7396 198.32.162.100/32 AS2914 205.238.48.3/32 @RtConfig set cisco_map_name = "AS2914-IMPORT" @RtConfig import AS7396 198.32.162.100/32 AS2914 205.238.48.3/32 and consider this aut-num for AS7396: aut-num: AS7396 as-name: OREGON-IX descr: Oregon Exchange Route views (route-views.oregon-ix.net) as-in: from AS2914 100 accept ANY AND NOT {0.0.0.0/0} as-in: from AS3333 100 accept ANY AND NOT {0.0.0.0/0} as-in: from AS2497 100 accept ANY AND NOT {0.0.0.0/0} as-out: to AS2914 announce NOT ANY as-out: to AS3333 announce NOT ANY as-out: to AS2497 announce NOT ANY guardian: meyer@ns.uoregon.edu admin-c: DMM65 tech-c: DMM65 notify: nethelp@ns.uoregon.edu mnt-by: MAINT-AS3582 changed: meyer@ns.uoregon.edu 961206 source: RADB ` Then RtConfig 3.5.0 generates no access-list 1 access-list 1 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 ! router bgp 7396 neighbor 205.238.48.3 distribute-list 1 in no access-list 2 access-list 2 deny ip 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 access-list 2 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 ! ! no route-map AS2914-IMPORT route-map AS2914-IMPORT permit 1 match ip address 2 ! router bgp 7396 neighbor 205.238.48.3 route-map AS2914-IMPORT in neighbor 205.238.48.3 distribute-list 2 in Note that router bgp 7396 neighbor 205.238.48.3 distribute-list 1 in should be router bgp 7396 neighbor 205.238.48.3 distribute-list 1 out ^^^ At least this is what I would have expected. Dave