From: Jon Carmichael (jonc@xxxxxxxxxxx)
Date: Tue Aug 07 2001 - 23:28:21 GMT-3
It sounds as if you are asking for a filter of a range of NLRI when you say
"range of routes." In all cases, when I'm thinking of a "range" I must go
back to the binary, --frequently I draw two numbers in binary on a scratch
paper and a line where I think the mask would go, and then I can see the
range. -And why? Because I'm going to write a access-list and I need to
figure out the proper wildcard mask. --So I would take your example, --of
say 100 to 500, --but 500 does not fit in anybody's eight bit octet. How
about 160 to 192, because it's easy to see... So draw both numbers on a
piece of paper like this....
1010000 --binary 160
1100000 --binary 192
and then I draw a vertical line with my simulated pencil here, this line is
where the mask would go, --say..
|
101|00000
110|00000
|
000|11111
And then I invert that as 00011111, which is decimal 31, and for a range of
NLRI of say 192.168.160.0 thru 192.168.192.0 I can write my access list for
a route filter as ..
access-list 1 {permit|deny} 192.168.160.0 0.0.31.255
I think I do this almost once every day.
Prefix lists are still a little elusive to me tho, --so I play with those a
little more lately, --where if I wanted to do exactly the same
thing, --perhaps someone will jump in and help us out here....
ip prefix-list NAMEONE {permit|deny} 192.168.160.0/16 le 19
That does not work, --when you go back and do a "show ip prefix-list" it
looks like 192.168.0.0/16 le 19. Can anybody tell us how to do the same
thing with a prefix-list?
JONC
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Sal Nathoo
Sent: Tuesday, August 07, 2001 2:56 PM
To: ccielab@groupstudy.com
Subject: BGP filtering
Hi Guys,
Can someone tell me commands are used to filter a
range of routes (ex. between 100 to 500) from EBGP
neighbors?
Thanks in advance
Saleem
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:46 GMT-3