RE: prefix-list not working (help!)

From: Lupi, Guy (Guy.Lupi@eurekanetworks.net)
Date: Tue May 27 2003 - 13:17:21 GMT-3

You are trying to deny a prefix that is not being announced, if you notice
the network statements don't have any mask associated with them, which means
that they default to the mask that the first octet indicates, in this case
that is a /24. You are trying to deny:

192.168.8.0/22
192.168.6.0/32

These are actually being announced as 192.168.8-11.0/24 and 192.168.6.0/24.
You have to match the mask exactly in the prefix list, or create a ge or le
statement that matches what you want to deny. If you really want to
announce /24s, and deny those that fit into your prefix list above, try:

Ip prefix-list aa seq 5 deny 192.168.8.0/22 ge 24
Ip prefix-list aa seq 10 deny 192.168.6.0/24

-----Original Message-----
From: Tom Young [mailto:gitsyoung@yahoo.co.jp]
Sent: Tuesday, May 27, 2003 9:42 AM
To: ccielab@groupstudy.com
Subject: prefix-list not working (help!)

Hi, group

   This is my router r1 's config, and the remote
3(3.3.3.3) always receive all of the route, even I set the
prefix-list, where was wrong? Certainly I cleared the bgp
many times.

Thanks alot
    

Building configuration...

Current configuration : 1744 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r1
!
logging rate-limit console 10 except errors
!
ip subnet-zero
no ip finger
no ip domain-lookup
!
cns event-service server
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.0.0.0
!
interface Loopback2
 no ip address
!
interface Ethernet0
 no ip address
!
interface Serial0
 ip address 135.3.13.1 255.255.255.0
 encapsulation frame-relay
 ip ospf network broadcast
 frame-relay map ip 135.3.13.3 107 broadcast
 no frame-relay inverse-arp
!
interface Serial1
 no ip address
 shutdown
!
router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 3
 network 135.3.13.1 0.0.0.0 area 3
!
router bgp 65003
 bgp log-neighbor-changes
 network 192.168.3.0
 network 192.168.4.0
 network 192.168.5.0
 network 192.168.6.0
 network 192.168.7.0
 network 192.168.8.0
 network 192.168.9.0
 network 192.168.10.0
 network 192.168.11.0
 network 192.168.12.0
 network 192.168.13.0
 network 192.168.14.0
 network 192.168.15.0
 redistribute connected route-map conn
 neighbor 3.3.3.3 remote-as 5003
 neighbor 3.3.3.3 ebgp-multihop 255
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 3.3.3.3 prefix-list aa out
!
ip kerberos source-interface any
ip classless
no ip http server
!
!
ip prefix-list aa seq 5 deny 192.168.8.0/22
ip prefix-list aa seq 8 deny 192.168.6.0/32
ip prefix-list aa seq 10 permit 0.0.0.0/0 le 32
route-map conn permit 10
 match interface Loopback0
!
!
alias exec i sh ip route
alias exec ci clear ip route *
alias exec ib sh ip bgp
alias exec cib clear ip bgp * soft
!
line con 0
 exec-timeout 0 0
 transport input none
line aux 0
line vty 0 4
 exec-timeout 0 0
 login
!
end

r1#

R3's sh ip bgp

r3#ib
BGP table version is 24, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid,
> best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network Next Hop Metric LocPrf
Weight Path
*> 1.0.0.0 1.1.1.1 0
0 65003 ?
*> 2.2.2.0/24 6.6.6.6
0 3 i
*> 192.168.3.0 1.1.1.1 0
0 65003 i
*> 192.168.4.0 1.1.1.1 0
0 65003 i
*> 192.168.5.0 1.1.1.1 0
0 65003 i
*> 192.168.6.0 1.1.1.1 0
0 65003 i
*> 192.168.7.0 1.1.1.1 0
0 65003 i
*> 192.168.8.0 1.1.1.1 0
0 65003 i
*> 192.168.9.0 1.1.1.1 0
0 65003 i
*> 192.168.10.0 1.1.1.1 0
0 65003 i
*> 192.168.11.0 1.1.1.1 0
0 65003 i
*> 192.168.12.0 1.1.1.1 0
0 65003 i
*> 192.168.13.0 1.1.1.1 0
0 65003 i
*> 192.168.14.0 1.1.1.1 0
0 65003 i
*> 192.168.15.0 1.1.1.1 0
0 65003 i
r3#

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:48 GMT-3