RE: Prefix-lists
From: Brian McGahan (brian@cyscoexpert.com)
Date: Sun Apr 27 2003 - 18:44:46 GMT-3
Mike,
�Wouldn't the above prefix-list statement allow the following networks?�
Yes
�If so, then it's not equivalent to the access-list 1 permit host
1.2.3.0�
Yes and no. �access-list 1 permit host 1.2.3.0� will match:
1.2.3.0/23
1.2.3.0/24
1.2.3.0/..
1.2.3.0/32
As will the prefix-list �ip prefix-list x permit 1.2.3.0/24 le 32�.
However, the prefix-list in this case will match more than the
access-list. It will match 1.2.3.x, where x is any number. The
access-list will match only where x is zero. Access-lists do not match
on prefix-length (subnet mask), they only match on network.
This list: �ip prefix-list LIST permit 1.2.3.0/32� would match the exact
host route 1.2.3.0/32.
�Is it possible for a route to have a /0? Is that why this only matches
the default route because the default route is 0.0.0.0/0 ?�
Yes. The default route is the only route that has a mask of zero,
therefore you are matching only the default route.
HTH
Brian McGahan, CCIE #8593
Director of Design and Implementation
brian@cyscoexpert.com
CyscoExpert Corporation
Internetwork Consulting & Training
Toll Free: 866-CyscoXP
Outside US: 847.674.3392
Fax: 847.674.2625
-----Original Message-----
From: Mike Williams [mailto:ccie2be@swbell.net]
Sent: Sunday, April 27, 2003 2:39 PM
To: brian@cyscoexpert.com
Subject: Prefix-lists
Brian,
I was digging through the GroupStudy CCIE list archives looking for info
on prefix-lists. I found a post of yours that was, I must say, very
complete and informative. I learned the essence of how they work from
your post within like 5 minutes.
I did have a question tho. In your post you say:
<--------- begin quote --------->
ip prefix-list LIST permit 1.2.3.0/24 le 32
This means:
Check the first 24 bits of the prefix 1.2.3.0
The subnet mask must be less than or equal to 32
This equates to the access-list syntax:
Access-list 1 permit host 1.2.3.0
<--------- end quote --------->
My question is, is this analogy accurate? Wouldn't the above
prefix-list statement allow the following networks?
1.2.3.0/25
1.2.3.0/26
1.2.3.0/27
1.2.3.0/28
1.2.3.0/29
1.2.3.0/30
1.2.3.0/31
1.2.3.0/32
If so, then it's not equivalent to the access-list 1 permit host 1.2.3.0
I'm just trying to make sure I understand this prefix-list using ge and
le properly. It seems the equivalent of access-list 1 permit host
1.2.3.0 would be
ip prefix-list LIST permit 1.2.3.0/32
Also, you mention:
<--------- begin quote --------->
ip prefix-list LIST permit 0.0.0.0/0
This means:
The exact prefix 0.0.0.0, with the exact prefix-length 0.
This is matching a default route.
<--------- end quote --------->
I see what you're saying here, but this confuses me as it seems that
this will match any network (the /0 implies that it won't check the
prefix for a match), but because there is no ge or le parameter, it will
match any network with a /0 subnet mask. Is it possible for a route to
have a /0? Is that why this only matches the default route because the
default route is 0.0.0.0/0 ?
Let me know your thoughts.
Thanks!
Mike W.
This archive was generated by hypermail 2.1.4
: Thu May 01 2003 - 13:36:08 GMT-3