From: Oliver Boehmer (oboehmer@xxxxxxxxx)
Date: Tue Jul 02 2002 - 14:22:43 GMT-3
Hi Hunt,
At 21:49 02.07.2002 +1000, Hunt Lee wrote:
>Could someone explain to me how is the "ge" and "le" options are used
>for in a prefix list statement?
>
>Example:
>
>ip prefix-list TEST permit 172.16.0.0/24
>ip prefix-list TEST permit 172.16.1.0/24
>ip prefix-list TEST permit 172.16.2.0/24
>ip prefix-list TEST permit 172.16.3.0/24
>
>I understand that these 4 prefix-lists together will permit the 4
>subnets.
.. with an exact match.
>But how is it equal to:
>
>ip prefix-list TEST permit 172.16.0.0/22 ge 23
It is not equal to the four statements above, see below.
>I know how to get the /22
>
>172.16.00000000.0/24 = 0.0
>172.16.00000001.0/24 = 1.0
>172.16.00000010.0/24 = 2.0
>172.16.00000011.0/24 = 3.0
>
>So the common bits would be /22, but why ge 23? How is it
>calculated??
"172.16.0.0/22 ge 23" translates to "all prefixes within 172.16.0.0/22
range having a prefix length of 23 or greater". Since this would also match
more specifics like 172.16.0.0/27, it is not equal.
It should read "172.16.0.0/22 ge 24 le 24", this will match only /24 prefixes.
So: the first part "172.16.0.0/22" specifies the prefix, with "ge" and "le"
we look at the prefix length.
You could somewhat compare it to the extended acl semantic when we filter
routes (ex: neighbor x.x.x.x distribute-list 100 in). The "source" part of
the acl matches the prefix, the "destination" part matches the subnet mask
(prefix length):
access-list 100 permit ip 172.16.0.0 0.0.3.255 255.255.255.0 0.0.0.0
is semantically equal to
ip prefix-list ... permit 172.16.0.0/22 ge 24 le 24
Prefix-lists are more intuitive (well, in theory ;-), more powerful and
more efficiently implemented (especially when it comes to very long lists).
oli
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:17 GMT-3