RE: Basic Dielema....Acces-list or Prefix-List

From: James Matrisciano (jmatrisciano@kenttech.com)
Date: Fri Dec 02 2005 - 10:47:25 GMT-3

• Next message: Stuart.Juggins@computacenter.com: "IOS version for 2610's"
• Previous message: blodwick: "RE: Basic Dielema....Acces-list or Prefix-List"
• Maybe in reply to: rosy bird: "Basic Dielema....Acces-list or Prefix-List"
• Next in thread: Vincent Mashburn: "RE: Basic Dielema....Acces-list or Prefix-List"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I mainly use prefix-lists in BGP. Watch for when you are told to filter
a group of subnets with the minimum entries in your command line, that
is ussually a sure phrase to point you towards a prefix list.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
blodwick
Sent: Friday, December 02, 2005 8:46 AM
To: 'rosy bird'; ccielab@groupstudy.com
Cc: swm@emanon.com
Subject: RE: Basic Dielema....Acces-list or Prefix-List

In the IOS release used in the lab you can use prefix-lists to specify
routes in a distribute-list statement. I find this to be preferred to
using an access-list because you can specify restrictions based upon ip
address and subnet mask information in a routing update whereas with an
access-list you are only specifying an IP address range. For filtering
host routes an ACL is preferred, but for route filtering I see
prefix-lists as preferred.

For instance:

access-list 1 permit 123.10.10.0 0.0.0.255

means permit 123.10.10.0 - 123.10.10.255

ip prefix-list 123_route seq 5 permit 123.10.10.0/24

means permit 123.10.10.0 255.255.255.0

So if you received a smaller subnet (123.10.10.0/28) and a bigger subnet
(123.10.10.0/24), with an ACL you would not be able to select one and
not the other, whereas with a prefix-list you could explicitly specify
the mask. Usually this doesn't matter with an IGP because it will always
filter out the smaller subnets when summarizing, but I'm sure the folks
writing the tests can come up with a way to make it happen. I tried to
come up with a way to do it, but I can't figure one out. Can anyone else
think of a scenario where you would receive smaller and larger subnets
with the same network number in the IGP advertisement? I can only think
of ways of doing it with BGP (that's probably why it's been using
prefix-lists on filter-lists forever).

~ Brian L

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
rosy bird
Sent: Friday, December 02, 2005 2:52 AM
To: ccielab@groupstudy.com
Cc: swm@emanon.com
Subject: Basic Dielema....Acces-list or Prefix-List

Just wanted to know which is the best practice..use of ACL or Prefix
list.Insituation where,using a prefix-list would not give any specific
advantage as such(unless specified of course)...is it ok to use Acls ??

• Next message: Stuart.Juggins@computacenter.com: "IOS version for 2610's"
• Previous message: blodwick: "RE: Basic Dielema....Acces-list or Prefix-List"
• Maybe in reply to: rosy bird: "Basic Dielema....Acces-list or Prefix-List"
• Next in thread: Vincent Mashburn: "RE: Basic Dielema....Acces-list or Prefix-List"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3