From: Hobbs (deadheadblues@gmail.com)
Date: Wed Sep 24 2008 - 23:19:38 ART
My only comment is I never got prefix-list to ACL conversion perfected. I
think there are some things you just can't do in ACL's that prefix-lists can
do. I have heard people say otherwise, but if was otherwise they didn't
prove it. The one thing I always run into is the all ones and all zeroes
subnets cause me problem when filtering on classless subnets (/25,/26, etc)
as well as other issues. I responded to your similar post about this about a
month ago...with more mind-numbing details...but it looks like a ramble now:
http://www.groupstudy.com/archives/ccielab/200808/msg00950.html
anyways, it would be nice for a "conversion rule"
On Wed, Sep 24, 2008 at 7:57 PM, Igor M. <imanassypov@rogers.com> wrote:
> Are you serious? That would be a bugger...
> Can anyone comment please?
>
>
> Thanks for input though!
>
> ----------------------
>
> I.M., M.Eng. P.Eng.
>
> Network Architect
>
> CI Investments
>
> ----------------------
>
> --- On Wed, 9/24/08, ricky ong <longwaydown@live.com> wrote:
> From: ricky ong <longwaydown@live.com>
> Subject: RE: prefix-list acl equivalency
> To: "Igor M." <imanassypov@rogers.com>, ccielab@groupstudy.com, "Joseph
> Brunner" <joe@affirmedsystems.com>
> Received: Wednesday, September 24, 2008, 9:38 PM
>
>
>
>
> #yiv1901760973 .hmmessage P
> {
> margin:0px;padding:0px;}
> #yiv1901760973 {
> FONT-SIZE:10pt;FONT-FAMILY:Tahoma;}
>
> Hi,
>
> I think the extended ACL is only effective when used in BGP for route
> filtering..
>
>
>
>
>
>
>
> > Date: Wed, 24 Sep 2008 10:05:21 -0700
> > From: imanassypov@rogers.com
> > Subject: RE: prefix-list acl equivalency
> > To: ccielab@groupstudy.com; joe@affirmedsystems.com
> >
> > Thats what I thought, however it does not cut it...
> > Below is the list of my networks. As you notice, there is one /29
> specific
> in
> > there. I need to come up with an ACL that would only leak that route...
> > access-list 101 permit ip 178.2.8.248 0.0.0.0 255.255.255.248 0.0.0.0
> >
> > or
> >
> > access-list 101 permit ip 0.0.0.0 255.255.255.255 255.255.255.248
> 0.0.0.0
> >
> > dont pass anything
> > D EX 178.2.8.248/29 [170/409600] via 150.100.3.254, 00:00:26,
> Ethernet0/1
> > D EX 178.2.1.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.2.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.3.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.4.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.5.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.6.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.7.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.9.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> > D EX 178.2.10.0/24 [170/409600] via 150.100.3.254, 00:00:26, Ethernet0/1
> >
> >
> >
> > ----------------------
> >
> > I.M., M.Eng. P.Eng.
> >
> > Network Architect
> >
> > CI Investments
> >
> > ----------------------
> >
> > --- On Wed, 9/24/08, Joseph Brunner <joe@affirmedsystems.com> wrote:
> > From: Joseph Brunner <joe@affirmedsystems.com>
> > Subject: RE: prefix-list acl equivalency
> > To: "'Igor M.'" <imanassypov@rogers.com>, ccielab@groupstudy.com
> > Received: Wednesday, September 24, 2008, 12:24 PM
> >
> > Wouldn't it be
> >
> > access-list 101 permit ip 0.0.0.0 255.255.255.255 255.255.255.248
> 0.0.0.0
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Igor
> > M.
> > Sent: Wednesday, September 24, 2008 12:04 PM
> > To: ccielab@groupstudy.com
> > Subject: prefix-list acl equivalency
> >
> > Hello,
> >
> > What is the access-list equivalency to the following prefix list for
> > distribution list purposes:
> >
> > ip prefix-list SUB29 seq 5 permit 0.0.0.0/0 ge 29 le 29
> >
> >
> > Thanks!
> >
> > ----------------------
> >
> > I.M., M.Eng. P.Eng.
> >
> > Network Architect
> >
> > CI Investments
> >
> > ----------------------
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
>
>
> Enrich your blog with Windows Live Writer. Windows Live Writer
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sat Oct 04 2008 - 09:26:19 ART