Re: SV: Match Any behaviour in Prefix lists

From: Leigh Harrison (ccileigh@gmail.com)
Date: Sat Sep 17 2005 - 11:30:20 GMT-3

• Next message: Venkataramanaiah.R: "Re: SV: Match Any behaviour in Prefix lists"
• Previous message: moelkomy@cisco.com: "RE: SV: Match Any behaviour in Prefix lists"
• Maybe in reply to: Jens Petter Eikeland: "SV: Match Any behaviour in Prefix lists"
• Next in thread: Venkataramanaiah.R: "Re: SV: Match Any behaviour in Prefix lists"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Venkat

Sorry about that - my mistake

if you want to permit any - then shove in "0.0.0.0/0 le 32"
meaning "any numbers with a mask of 0 - 32 bits in length"

if you want the default route - then shove in "0.0.0.0/0"
meaning "any number with a mask of 0 bits, or 0.0.0.0"

My earlier statement about 0.0.0.0/32 would have meant a 0.0.0.0 with
a mask of 32 bits, or 255.255.255.255 - but you'd not get too far on
that one !

LH

On 17/09/05, Venkataramanaiah.R <vramanaiah@gmail.com> wrote:
> Guys, Although i agree with your way of interpreting the default route
> sounds logical to me, it is not working that way practically. Even, i
> applied the same logic, however it is not working when i lab it up.. Default
> route gets in only when i permit 0.0.0.0/0 and not with 0.0.0.0/32.
>
> Well, if you look at permit all, it works fine with our logic. ie., permit
> 0.0.0.0/0 le 32 works for Permit all.
>
> Again, for deny all, the same logic does not work... To deny all, only deny
> 0.0.0.0/0 works.
>
> Could you guys lab it and confirm.
>
> Thanks for your attempt to clarify
>
> -Venkat
>
>
>
> On 9/17/05, Leigh Harrison <ccileigh@gmail.com> wrote:
> > Venkat,
> >
> > The way I think of it is:-
> >
> > ip prefix-list test permit 192.168.0.0/16 le 32
> >
> > The way I read it is the prefix that I'm looking for has to start
> > 192.168.x.x and have a mask of less than or equal to 32 bits - so the
> > mask has to be between 16 and 32 bits and begin with 192.168 and it's in.
> >
> > The bit that got me was making the difference between a prefix-list and
> > an access-list.
> >
> > For the default route:-
> > ip prefix-list test permit 0.0.0.0/32
> >
> > This one reads "The prefix that I'm looking for has to start 0.0.0.0 and
> > have mask of 32" - think "1 in the mask = unchangable bits" - so the
> > only thing it will allow here is 0.0.0.0 - no need to put any ge or le
> > on the end as 32 bits is pretty definitive !!
> >
> > For all routes:-
> > ip prefix-list test permit 0.0.0.0/0 le 32
> >
> > This one reads "The prefix that I'm looking for has to start 0.0.0.0 and
> > have a mask of 0" - think "1 in the mask = unchangable bits" - as it's a
> > 0, there are no bits that are fixed. The less than or equal to at the
> > end reads "but has to have a mask of 32 bits or less" - which will cover
> > everything.
> >
> > To read the last example as a whole:-
> > "I am looking for a prefix that has any number is it, with a mask of 32
> > bits or less"
> >
> > To read the first example as a whole:-
> > " I am looking for a prefix that begins with 192.168 and has a mask of
> > 32 bits or less"
> >
> > Hope that helps
> >
> > LH
> >
> >
> > Jens Petter Eikeland wrote:
> >
> > >HI ,
> > >
> > >I was wondering the same thing a while ago.. Here is how it is :
> > >
> > >prefix-list to match the "default-route" is;
> > >
> > >ip prefix-list mebean permit 0.0.0.0/32
> > >
> > >all the first 32 bits "must" be zeros.
> > >
> > >
> > >prefix-list to match "any" route is;
> > >
> > >ip prefix-list mrbean permit 0.0.0.0/0 le 32.
> > >
> > >All the 32 bits can be "anything" and can have any mask.
> > >
> > >Jens Petter Eikeland
> > >
> > >-----Opprinnelig melding-----
> > >Fra: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Pe vegne av
> > >Venkataramanaiah.R
> > >Sendt: 17. september 2005 10:39
> > >Til: ccielab@groupstudy.com
> > >Emne: Match Any behaviour in Prefix lists
> > >
> > >Any idea, which what do we configure for match any when you use the
> prefix
> > >lists?
> > >
> > >In a case of deny only 0.0.0.0/0 <http://0.0.0.0/0> matches all the
> routes
> > >
> > >In a case of Permit, only 0.0.0.0/0 <http://0.0.0.0/0> le 32 matches all
> the
> > >routes. Just 0.0.0.0/0 <http://0.0.0.0/0> does not match all traffic,
> rather
> > >it matches just the default route, when used with a permit command.
> > >
> > >I am sure this is something to do with the way the prefix lists operate,
> > >which is apparently not clear to me.
> > >
> > >Can someone clarify?
> > >
> > >TIA
> > >-Venkat
> > >
> >
> >_______________________________________________________________________
> > >Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> >
> >_______________________________________________________________________
> > >Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html

• Next message: Venkataramanaiah.R: "Re: SV: Match Any behaviour in Prefix lists"
• Previous message: moelkomy@cisco.com: "RE: SV: Match Any behaviour in Prefix lists"
• Maybe in reply to: Jens Petter Eikeland: "SV: Match Any behaviour in Prefix lists"
• Next in thread: Venkataramanaiah.R: "Re: SV: Match Any behaviour in Prefix lists"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:15 GMT-3