Re: Basic Dielema....Acces-list or Prefix-List

From: Artir Geci (artirgeci@gmail.com)
Date: Fri Dec 02 2005 - 12:51:23 GMT-3

Hi James,

This probably might help you

http://www.groupstudy.com/archives/ccielab/200310/msg01417.html

Artir

On 12/2/05, James Matrisciano <jmatrisciano@kenttech.com> wrote:
>
> Ok, feeling stupid this morning, but I can not for the life of me
> remember how to do the following:
>
> Match all odd numbers
> 1.1.1.0
> 1.1.2.0
> 1.1.3.0
> 1.1.4.0
> 1.1.5.0
> 1.1.6.0
>
> Now, with an access-list, that's easy work
> Access-list 1 per 1.1.1.0 0.0.254.0
>
> But with a prefix-list, I am all screwed up, any help on this is most
> welcome!
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Vincent Mashburn
> Sent: Friday, December 02, 2005 10:14 AM
> To: hulbertj@comcast.net; Bryant, Paul M; rosy bird;
> ccielab@groupstudy.com
> Cc: swm@emanon.com
> Subject: RE: Basic Dielema....Acces-list or Prefix-List
>
> I agree. However, we are running the 12.2 train and trying to replace or
> add statements via sequence numbers is buggy. Sometimes it works,
> sometimes not. However, it always works with prefix-lists.
>
>
>
> Vince Mashburn
>
> Engineer
>
> 901-263-5072
>
> CCIE (R&S Written), CCNP, CCDA, Network +
>
> ________________________________
>
> From: hulbertj@comcast.net [mailto:hulbertj@comcast.net]
> Sent: Friday, December 02, 2005 9:11 AM
> To: Vincent Mashburn; Bryant, Paul M; rosy bird; ccielab@groupstudy.com
> Cc: swm@emanon.com
> Subject: RE: Basic Dielema....Acces-list or Prefix-List
>
>
>
> IOS does assign a sequence number to standard and extended access-lists.
> This allows us to remove or add another line anywhere in the ACL.
>
>
>
> Rack1R1#sho access-lists
>
>
>
> Rack1R1#conf t
> Enter configuration commands, one per line. End with CNTL/Z.
> Rack1R1(config)#access-list 1 permit 1.1.1.0 0.0.0.255
> Rack1R1(config)#access-list 1 deny 2.2.2.0 0.0.0.255
> Rack1R1(config)#access-list 1 permit 3.3.3.0 0.0.0.255
> Rack1R1(config)#access-list 1 deny 4.4.4.0 0.0.0.255 Rack1R1(config)#do
> sho access-lists 1 Standard IP access list 1
> 10 permit 1.1.1.0, wildcard bits 0.0.0.255
> 20 deny 2.2.2.0, wildcard bits 0.0.0.255
> 30 permit 3.3.3.0, wildcard bits 0.0.0.255
> 40 deny 4.4.4.0, wildcard bits 0.0.0.255
> Rack1R1(config)#
>
> Rack1R1(config)#ip access-list standard 1 Rack1R1(config-std-nacl)#no 30
> Rack1R1(config-std-nacl)#15 permit 15.15.15.0 0.0.0.255
> Rack1R1(config-std-nacl)#do sho access-list 1 Standard IP access list 1
> 10 permit 1.1.1.0, wildcard bits 0.0.0.255
> 15 permit 15.15.15.0, wildcard bits 0.0.0.255
> 20 deny 2.2.2.0, wildcard bits 0.0.0.255
> 40 deny 4.4.4.0, wildcard bits 0.0.0.255
> Rack1R1(config-std-nacl)#
>
>
>
> Jerry
>
> -------------- Original message --------------
>
> > Prefix-lists are in fact more efficient. The IOS looks through
>
> > prefix-lists in a more efficient manner than ACL's. Also,
> Prefix-lists
> > allow you to edit or add to (delete from) any line without
> having to
> > take out the entire list (you can do it on the fly). My
> personal opinion
> > is to use prefix-lists in lieu of ACL's whenever possible.
> > Thanks
> > Vince Mashburn
> > Voice / Network Engineer
> > 901-263-5072
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of
> > Bryant, Paul M
> > Sent: Friday, December 02, 2005 2:14 AM
> > To: 'rosy bird'; ccielab@groupstudy.com
> > Cc: swm@emanon.com
> > Subject: RE: Basic Dielema....Acces-list or Prefix-List
> >
> > Hi Rosy
> >! ;
> > I have read that ACL should be avoid for route filtering as
> Prefix-list
> > are
> > more efficent in the way that they are able to filter. For
> other filter
> > purposes obviously Prefix list are no good, i.e. port protocol
> etc..
> >
> > I am not sure how the efficency is achieved I guess it is the
> way in
> > which
> > the memory is used can be simpler with a Prefix-list than an
> acl.
> > Probably
> > meaning it can be done in hardware. Perhaps one of the other
> members of
> > this
> > group might know why they are more efficent in detail.
> >
> > Thanks
> >
> > Paul
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of
> > rosy
> > bird
> > Sent: 02 December 2005 07:52
> > To: ccielab@groupstudy.com
> > Cc: swm@emanon.com
> > Subject: Basic Dielema....Acces-list or Prefix-List
> >
> &! gt;
> > Just wanted to know which is the best practice..use of AC L or
> Prefix
> > list.Insituation where,using a prefix-list would not give any
> specific
> > advantage as such(unless specified of course)...is it ok to
> use Acls ??
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Mon Jan 09 2006 - 07:07:50 GMT-3