From: Sundar Palaniappan (sundarp@gmail.com)
Date: Tue Mar 29 2005 - 13:28:53 GMT-3
Lee,
Shall attempt to make it a little simple from what the other guys have
stated above.
192.54.4.0/23
3rd octet in binary:
4 - 00000100
5 - 00000101
When the SM is 23 bits, you don't care about the last bit in the 3rd
octet - i.e it can be on or off. When the last bit is a 0 that matches
network 4 and the last bit is 1 it matches network 5.
HTH,
Sundar Palaniappan
On Tue, 29 Mar 2005 17:16:39 +0100, simon hart
<simon.hart@btinternet.com> wrote:
> Lee,
>
> I will see if I can explain
>
> A prefix list with just a subnet mask i.e. 192.54.4.0/24 means that the only
> allowable route is 192.54.4.0 255.255.255.0 no other routes are allowed at
> all.
>
> When ge or le is added the syntax and function of the prefix list changes
> slightly, for example
>
> 192.54.4.0/23 ge 24 le 24 means
>
> The first 23 bits of 192.54.4.0 must match (in pretty much the same way as
> an access list)
>
> The subnet mask of the advertised route can only be 24, nothing more nothing
> less. Thus the only bit we are testing for is the last bit of the third
> octet which can be either 0 or 1.
> Therefore such an access list will allow either 192.54.4.0/24 or
> 192.54.5.0/24
>
> When ge or le (or both together) are added to the prefix list, then the
> initial function of the prefix list changes.
>
> HTH
>
> Simon
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Lee Donald
> Sent: 29 March 2005 17:03
> To: Philippe Couture; Lee Donald
> Cc: Dillon Yang; Sundar Palaniappan; Group Study
> Subject: RE: IP Prefix-list Question
>
> I understand the le and ge, but the 192.54.4.0/23 bit I don't get.
>
> I have tried it and it works but I just need to get my head round it.
>
> How does the /23 incorporate the 5 subnet aswell?
>
> -----Original Message-----
> From: Philippe Couture [mailto:philippecouture@gmail.com]
> Sent: 29 March 2005 16:55
> To: Lee Donald
> Cc: Dillon Yang; Sundar Palaniappan; Group Study
> Subject: Re: IP Prefix-list Question
>
> Hi Lee,
>
> Did you try those three lines together ?
>
> ip prefix-list cisco permit 192.54.1.0/24
> ip prefix-list cisco permit 192.54.2.0/24
> ip prefix-list cisco permit 192.54.4.0/23 ge 24 le 24
>
> In terms of methodology, the /xx means the mask length, just as if you
> were using an access-list. So, you apply a mask of 23 bits to filter
> the bits in the network, and whatever is included in this mask can go
> through, on the condition that its prefix length respects the ge / le
> options that may be added. These ge / le options apply to the prefix
> length in the advertisement. Using both le 24 and ge 24 is a way to
> say "equal", since the only way to be "less or equal" and "greater or
> equal" at the same time is to be precisely equal.
>
> Philippe
>
> On Tue, 29 Mar 2005 16:48:04 +0100, Lee Donald
> <Lee.Donald@t-systems.co.uk> wrote:
> > Guys,
> >
> > I have tried this and it only lets subnets 4 & 5 in ?
> >
> > Also I was after the methlogy behind it so I can work it out for myself,
> you
> > just telling me the answer is only part of it.
> >
> > I don't quite understand the /23 and the le 24 ge 24 bits ?
> >
> >
> > -----Original Message-----
> > From: Dillon Yang [mailto:gzdillon@hotmail.com]
> > Sent: 29 March 2005 16:41
> > To: Sundar Palaniappan
> > Cc: Group Study
> > Subject: Re: IP Prefix-list Question
> >
> > Yes, Sundar:
> >
> > The task is just the SIX routes!
> > so feel free.
> > I think you'd not overthink the unknown subnet as 3, 6, 7.
> > Any expert advice?
> >
> > HTH
> > dillon
> >
> > ----- Original Message -----
> > From: "Sundar Palaniappan" <sundarp@gmail.com>
> > To: "Philippe Couture" <philippecouture@gmail.com>
> > Cc: <ccielab@groupstudy.com>; <Lee.Donald@t-systems.co.uk>
> > Sent: Tuesday, March 29, 2005 11:28 PM
> > Subject: Re: IP Prefix-list Question
> >
> > > Dillon,
> > >
> > > You are allowing subnets 3, 6, 7 that aren't part of the requirment.
> > >
> > > Lee's requirement is minimum number of lines to be used. Your solution
> > > would be correct if only one line is to be used to accomplish that.
> > >
> > > Not sure if Cisco would consider your solution correct.
> > >
> > > --Sundar Palaniappan
> > >
> > >
> > > On Tue, 29 Mar 2005 10:23:04 -0500, Sundar Palaniappan
> > > <sundarp@gmail.com> wrote:
> > > > My bad.
> > > >
> > > > Last statement should be,
> > > >
> > > > ip prefix-list cisco permit 192.54.4.0/23 ge 24 le 24
> > > >
> > > > What you are doing is, you are permiting everything after
> > > > 192.54.4.0/23 but the subnet mask has to be 24 bits always.
> > > >
> > > > If you don't use le 24 then you are allowing prefixes with shorter
> > > > mask i.e .25, .26 etc to be advertised.
> > > >
> > > > In the lab, I wouldn't take a chance and just nail it down.
> > > >
> > > > HTH,
> > > > Sundar Palaniappan
> > > >
> > > >
> > > > On Tue, 29 Mar 2005 10:03:43 -0500, Philippe Couture
> > > > <philippecouture@gmail.com> wrote:
> > > > > Sundar,
> > > > >
> > > > > Wouldn't the third line need to be "ip prefix-list cisco permit
> > > > > 192.54.4.0/23 ge 24" ?
> > > > >
> > > > > I could be wrong but I think that since you don't care about the
> 24th
> > > > > bit (i.e. you want to match .4 and .5), you would use a mask length
> of
> > > > > 23, and the "ge 24" says to use prefix lengths of 24 or more. If you
> > > > > want to really only allow 24 and nothing longer, you would also need
> > > > > to add "le 24".
> > > > >
> > > > > Phil
> > > > >
> > > > >
> > > > > On Tue, 29 Mar 2005 09:54:59 -0500, Sundar Palaniappan
> > > > > <sundarp@gmail.com> wrote:
> > > > > > Lee,
> > > > > >
> > > > > > Or you could you configure
> > > > > >
> > > > > > ip prefix-list cisco permit 192.54.1.0/24
> > > > > > ip prefix-list cisco permit 192.54.2.0/24
> > > > > > ip prefix-list cisco permit 192.54.4.0/24 ge 23
> > > > > >
> > > > > > Either way you need 3 statements atleast.
> > > > > >
> > > > > > HTH,
> > > > > > Sundar Palaniappan
> > > > > >
> > > > > > On Tue, 29 Mar 2005 15:19:12 +0100, Lee Donald
> > > > > > <Lee.Donald@t-systems.co.uk> wrote:
> > > > > > > I'm having trouble understanding IP Prefix-lists can anybody
> > clarify this
> > > > > > > for me?
> > > > > > >
> > > > > > > I have this question; use a prefix list with the minimum amount
> of
> > lines to
> > > > > > > allow 1,2,4,5 networks in.
> > > > > > >
> > > > > > > 192.54.1.0/24
> > > > > > >
> > > > > > > 192.54.2.0/24
> > > > > > >
> > > > > > > 192.54.4.0/24
> > > > > > >
> > > > > > > 192.54.5.0/24
> > > > > > >
> > > > > > > 192.54.21.0/24
> > > > > > >
> > > > > > > 192.54.22.0/24
> > > > > > >
> > > > > > > I have 3 lines, 2 denying 21, and 22, the other allowing
> > everything.
> > > > > > >
> > > > > > > Is this the minimum?, if not why not?
> > > > > > >
> > > > > > > Thanks in advance for your help.
> > > > > > >
> > > > > > > Regards
> > > > > > >
> > > > > > > Lee Donald.
> > > > > > >
> > > > > > >
> > _______________________________________________________________________
> > > > > > > Subscription information may be found at:
> > > > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > > >
> > > > > >
> > _______________________________________________________________________
> > > > > > Subscription information may be found at:
> > > > > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
> --
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.8.4 - Release Date: 27/03/2005
>
> --
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.8.4 - Release Date: 27/03/2005
This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:54 GMT-3