Re: IP Prefix-list Question

From: Philippe Couture (philippecouture@gmail.com)
Date: Tue Mar 29 2005 - 13:06:42 GMT-3

• Next message: simon hart: "RE: IP Prefix-list Question"
• Previous message: Dillon Yang: "Re: IP Prefix-list Question"
• Maybe in reply to: Sundar Palaniappan: "IP Prefix-list Question"
• Next in thread: simon hart: "RE: IP Prefix-list Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Look at the third byte only, in binary terms:

The /23 mask means 11111110
The .4. network means 00000100
The .5. network means 00000101

Now, if you apply the mask, bit per bit, to .4., you get 00000100.
And if you apply the mask, bit per bit, to .5., you also get 00000100.

Both results match the network .4., which is what was configured, so
they are both let through the prefix list.

Hope this helps,

Philippe

On Tue, 29 Mar 2005 17:02:33 +0100, Lee Donald
<Lee.Donald@t-systems.co.uk> wrote:
> I understand the le and ge, but the 192.54.4.0/23 bit I don't get.
>
> I have tried it and it works but I just need to get my head round it.
>
> How does the /23 incorporate the 5 subnet aswell?
>
>
> -----Original Message-----
> From: Philippe Couture [mailto:philippecouture@gmail.com]
> Sent: 29 March 2005 16:55
> To: Lee Donald
> Cc: Dillon Yang; Sundar Palaniappan; Group Study
> Subject: Re: IP Prefix-list Question
>
> Hi Lee,
>
> Did you try those three lines together ?
>
> ip prefix-list cisco permit 192.54.1.0/24
> ip prefix-list cisco permit 192.54.2.0/24
> ip prefix-list cisco permit 192.54.4.0/23 ge 24 le 24
>
> In terms of methodology, the /xx means the mask length, just as if you
> were using an access-list. So, you apply a mask of 23 bits to filter
> the bits in the network, and whatever is included in this mask can go
> through, on the condition that its prefix length respects the ge / le
> options that may be added. These ge / le options apply to the prefix
> length in the advertisement. Using both le 24 and ge 24 is a way to
> say "equal", since the only way to be "less or equal" and "greater or
> equal" at the same time is to be precisely equal.
>
> Philippe
>
> On Tue, 29 Mar 2005 16:48:04 +0100, Lee Donald
> <Lee.Donald@t-systems.co.uk> wrote:
> > Guys,
> >
> > I have tried this and it only lets subnets 4 & 5 in ?
> >
> > Also I was after the methlogy behind it so I can work it out for myself,
> you
> > just telling me the answer is only part of it.
> >
> > I don't quite understand the /23 and the le 24 ge 24 bits ?
> >
> >
> > -----Original Message-----
> > From: Dillon Yang [mailto:gzdillon@hotmail.com]
> > Sent: 29 March 2005 16:41
> > To: Sundar Palaniappan
> > Cc: Group Study
> > Subject: Re: IP Prefix-list Question
> >
> > Yes, Sundar:
> >
> > The task is just the SIX routes!
> > so feel free.
> > I think you'd not overthink the unknown subnet as 3, 6, 7.
> > Any expert advice?
> >
> > HTH
> > dillon
> >
> > ----- Original Message -----
> > From: "Sundar Palaniappan" <sundarp@gmail.com>
> > To: "Philippe Couture" <philippecouture@gmail.com>
> > Cc: <ccielab@groupstudy.com>; <Lee.Donald@t-systems.co.uk>
> > Sent: Tuesday, March 29, 2005 11:28 PM
> > Subject: Re: IP Prefix-list Question
> >
> > > Dillon,
> > >
> > > You are allowing subnets 3, 6, 7 that aren't part of the requirment.
> > >
> > > Lee's requirement is minimum number of lines to be used. Your solution
> > > would be correct if only one line is to be used to accomplish that.
> > >
> > > Not sure if Cisco would consider your solution correct.
> > >
> > > --Sundar Palaniappan
> > >
> > >
> > > On Tue, 29 Mar 2005 10:23:04 -0500, Sundar Palaniappan
> > > <sundarp@gmail.com> wrote:
> > > > My bad.
> > > >
> > > > Last statement should be,
> > > >
> > > > ip prefix-list cisco permit 192.54.4.0/23 ge 24 le 24
> > > >
> > > > What you are doing is, you are permiting everything after
> > > > 192.54.4.0/23 but the subnet mask has to be 24 bits always.
> > > >
> > > > If you don't use le 24 then you are allowing prefixes with shorter
> > > > mask i.e .25, .26 etc to be advertised.
> > > >
> > > > In the lab, I wouldn't take a chance and just nail it down.
> > > >
> > > > HTH,
> > > > Sundar Palaniappan
> > > >
> > > >
> > > > On Tue, 29 Mar 2005 10:03:43 -0500, Philippe Couture
> > > > <philippecouture@gmail.com> wrote:
> > > > > Sundar,
> > > > >
> > > > > Wouldn't the third line need to be "ip prefix-list cisco permit
> > > > > 192.54.4.0/23 ge 24" ?
> > > > >
> > > > > I could be wrong but I think that since you don't care about the
> 24th
> > > > > bit (i.e. you want to match .4 and .5), you would use a mask length
> of
> > > > > 23, and the "ge 24" says to use prefix lengths of 24 or more. If you
> > > > > want to really only allow 24 and nothing longer, you would also need
> > > > > to add "le 24".
> > > > >
> > > > > Phil
> > > > >
> > > > >
> > > > > On Tue, 29 Mar 2005 09:54:59 -0500, Sundar Palaniappan
> > > > > <sundarp@gmail.com> wrote:
> > > > > > Lee,
> > > > > >
> > > > > > Or you could you configure
> > > > > >
> > > > > > ip prefix-list cisco permit 192.54.1.0/24
> > > > > > ip prefix-list cisco permit 192.54.2.0/24
> > > > > > ip prefix-list cisco permit 192.54.4.0/24 ge 23
> > > > > >
> > > > > > Either way you need 3 statements atleast.
> > > > > >
> > > > > > HTH,
> > > > > > Sundar Palaniappan
> > > > > >
> > > > > > On Tue, 29 Mar 2005 15:19:12 +0100, Lee Donald
> > > > > > <Lee.Donald@t-systems.co.uk> wrote:
> > > > > > > I'm having trouble understanding IP Prefix-lists can anybody
> > clarify this
> > > > > > > for me?
> > > > > > >
> > > > > > > I have this question; use a prefix list with the minimum amount
> of
> > lines to
> > > > > > > allow 1,2,4,5 networks in.
> > > > > > >
> > > > > > > 192.54.1.0/24
> > > > > > >
> > > > > > > 192.54.2.0/24
> > > > > > >
> > > > > > > 192.54.4.0/24
> > > > > > >
> > > > > > > 192.54.5.0/24
> > > > > > >
> > > > > > > 192.54.21.0/24
> > > > > > >
> > > > > > > 192.54.22.0/24
> > > > > > >
> > > > > > > I have 3 lines, 2 denying 21, and 22, the other allowing
> > everything.
> > > > > > >
> > > > > > > Is this the minimum?, if not why not?
> > > > > > >
> > > > > > > Thanks in advance for your help.
> > > > > > >
> > > > > > > Regards
> > > > > > >
> > > > > > > Lee Donald.
> > > > > > >
> > > > > > >
> > _______________________________________________________________________
> > > > > > > Subscription information may be found at:
> > > > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > > >
> > > > > >
> > _______________________________________________________________________
> > > > > > Subscription information may be found at:
> > > > > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

• Next message: simon hart: "RE: IP Prefix-list Question"
• Previous message: Dillon Yang: "Re: IP Prefix-list Question"
• Maybe in reply to: Sundar Palaniappan: "IP Prefix-list Question"
• Next in thread: simon hart: "RE: IP Prefix-list Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:54 GMT-3