Re: distribute-list with Extended ACL ....

From: P729 (p729@xxxxxxx)
Date: Wed Jul 03 2002 - 15:01:19 GMT-3

• Next message: P729: "Re: Netbios name filter"
• Previous message: Mike Billingsley: "RE: CAT 5500 Pruning"
• Maybe in reply to: Hunt Lee: "distribute-list with Extended ACL ...."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Must be one of those latent "features:"

With 12.2(10a):

r1(config)#ip prefix-list A permit 172.16.0.0/22 ge 24 le 24
r1(config)#^Z
r1#sh ip prefix-list
ip prefix-list A: 1 entries
   seq 5 permit 172.16.0.0/22 ge 24 le 24

Regards,

Mas Kato
https://ecardfile.com/id/mkato
----- Original Message -----
From: "david" <barbedwireblack@yahoo.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, July 03, 2002 7:55 AM
Subject: Re: distribute-list with Extended ACL ....

> don't know why, but when i enter this prefix-list
> this is the error i get:
>
> R1(config)#ip prefix-list TEST permit 172.16.0.0/22 ge
> 24 le 24
> % Invalid prefix range for 172.16.0.0/22, make sure:
> len < ge-value < le-value>
>
> is this consistent with your experience.
>
> >
> > >>> Hunt Lee <ciscoforme3@yahoo.com.au> 07/03/02
> > 09:20AM >>>
> > Assume that I've 4 BGP networks:
> >
> > ip prefix-list TEST permit 172.16.0.0/24
> > ip prefix-list TEST permit 172.16.1.0/24
> > ip prefix-list TEST permit 172.16.2.0/24
> > ip prefix-list TEST permit 172.16.3.0/24
> >
> > OR
> >
> > ip prefix-list TEST permit 172.16.0.0/22 ge 24 le 24
> >
> > And if I want to do this in Distribute-list with
> > Extended ACL:
> >
> > access-list 101 permit ip 172.16.0.0 0.0.3.255
> > 255.255.255.0 0.0.0.0
> >
> > Is this equal to the prefix-list statements??
> >
> >
> > Assume now that I have an extra aggregate
> > 172.16.0.0/22 together with
> > the other 4 routes, but I want to permit only this
> > aggregate, while
> > denying all the other more specific routes:-
> >
> > ip prefix-list TEST permit 172.16.0.0/22
> >
> >
> > Is this the same as:-
> >
> > access-list 101 permit ip 172.16.0.0 0.0.0.0
> > 255.255.252.0 0.0.0.0
> >
> >
> > Also, I found an example on CCO that I'm a bit
> > confused abt.
> >
> > The example states that it will permit route
> > 131.108.0/24, but deny
> > 131.108.x.x/16 & all other subnets of 131.108.0.0
> >
> > access-list 101 permit ip 131.108.0.0 0.0.0.0
> > 255.255.255.0 0.0.0.0
> > access-list 101 deny ip 131.108.0.0 0.0.255.255
> > 255.255.0.0
> > 0.0.255.255
> >
> > So the 1st line will permit the 131.108.0.0/24
> > subnet, but what's the
> > point of the 2nd line?? Isn't it true that anything
> > else will be
> > implicitly deny?
> >
> > Thanks!
> >
> > H.
> >
> >
> > http://www.sold.com.au - SOLD.com.au
> > - Find yourself a bargain!
> >

• Next message: P729: "Re: Netbios name filter"
• Previous message: Mike Billingsley: "RE: CAT 5500 Pruning"
• Maybe in reply to: Hunt Lee: "distribute-list with Extended ACL ...."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:18 GMT-3