From: Brian McGahan (brian@xxxxxxxxxxxxxxx)
Date: Fri Jun 14 2002 - 01:33:33 GMT-3
Ip prefix-list 2 seq 5 deny 200.200.0.0/24 is an exact match for that
prefix. If you use the GE and LE values, the LEN value no longer means
the prefix-length. Instead, it means how many bits you are checking
sequentially from the left.
Your prefix-list should read:
Ip prefix-list X seq 5 deny 200.200.0.0/16 ge 24 le 24
Ip prefix-list X seq 10 permit 0.0.0.0/0 le 32 <---- explicit permit any
This means:
1. Deny prefixes for which
A) The first 16 bits are 200.200. and
B) The prefix-length is greater-than or equal to 24, and less-than or
equal to 24. (hence, 24)
2. Permit everything else
permit any in prefix-list syntax reads:
ip prefix-list X permit 0.0.0.0/0 le 32
an exact match for a default route, on the other hand, would read:
ip prefix-list X permit 0.0.0.0/0
to match an exact host route:
ip prefix-list X permit 1.2.3.4/32
to match all class A routes:
ip prefix-list X permit 0.0.0.0/1 ge 8 le 8
to match all routes with a first octet of 10, and whose masks are
greater than or equal to 12, but less than or equal to 20:
ip prefix-list X permit 10.0.0.0/8 ge 12 le 20
HTH
Brian McGahan, CCIE #8593
Director of Design and Implementation
brian@cyscoexpert.com
CyscoExpert Corporation
Internetwork Consulting & Training
http://www.cyscoexpert.com
Voice: 847.674.3392
Fax: 847.674.2625
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
elping
Sent: Thursday, June 13, 2002 10:54 PM
To: ccielab@groupstudy.com
Subject: prefix-list
i have been configuring prefix-list and am i having a hard time....
i am trying to block all /24 in network 200.200.x.x
ip prefix-list 2 seq 5 deny 200.200.0.0/24
it does not work
i have tryed
ip prefix-list 2 seq 5 permit 200.0.0.0/24
stilll does not work
what i am doing wrong ....?
can someone xplain prefix-list
This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:32 GMT-3