RE: confusion in configuring in prefix list

From: Scott Morris (smorris@internetworkexpert.com)
Date: Sat Feb 21 2009 - 23:22:42 ARST

• Next message: NET HE: "RE: NULL0 with EIGRP"
• Previous message: Sadiq Yakasai: "Re: Wireshark on LAB PC"
• Maybe in reply to: austin stone: "confusion in configuring in prefix list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Well... Permitting 192.168.8.0/21 as the network part will grab everything
between 8 and 15. You'll implicitly deny 20 and 21 as well as 16 from your
list...

Allowing 20 and 21 wouldn't come close to matching 192.168.2.0/23, as your
third octet is wrong. If you made it 192.168.<<20>>.0/23 you'd find things
may work better.

I think you need a little work with the binary part on what is or is not
matching. 192.168.16.0/23 won't even touch your 20 & 21 networks.

Prefix lists (like ACLs) can be a very powerful tool, but they will do
exactly what you tell them to. If what you tell them is incorrect, then the
output you get will not be the desired output!

HTH,

Scott Morris, CCIE4 #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al.
JNCI-M/JNCI-ER
Senior CCIE Instructor

smorris@internetworkexpert.com
 

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Outside US: 775-826-4344

Knowledge is power.
Power corrupts.
Study hard and be Eeeeviiiil......

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
austin stone
Sent: Saturday, February 21, 2009 2:54 PM
To: Cisco certification
Cc: amitkjoshi.cisco@gmail.com
Subject: confusion in configuring in prefix list

Hi all,

         I tried configuring prefix list for the following network:

192.168.10.0
192.168.11.0
 192.168.12.0
 192.168.13.0
 192.168.14.0
 192.168.15.0
 192.168.16.0
 192.168.20.0
 192.168.21.0

To deny 192.168.20.1 and 192.168.21.1... I configure like as follows;

ip prefix-list TEST permit 192.168.8.0/21 ge 24 le 24

And I got the expected result..

But I when I wanted to deny all the routes and allow only 192.168.20.1 and
192.168.21.1

I tried configuring like :

ip prefix-list TEST permit 192.168.2.0/23 ge 24 le 24

Did not get expected output...

again tried :

ip prefix-list TEST permit 192.168.16.0/23 ge 24 le 24....

neverthless did not get expected output..

But when I configured following loopbacks :

192.168.22.0 192.168.23.0
 192.168.24.0
 192.168.26.0

And tried configuring :

ip prefix-list TEST permit 192.168.16.0/20 ge 24 le 24

I got the perfect output...i.e. it denied all the router from 10 to 15 and
allowed routes from 20 to 26..

Then why could not I get the proper result for 20 and 21..

Please advise.

Thanks..

Amit joshi

Blogs and organic groups at http://www.ccie.net

• Next message: NET HE: "RE: NULL0 with EIGRP"
• Previous message: Sadiq Yakasai: "Re: Wireshark on LAB PC"
• Maybe in reply to: austin stone: "confusion in configuring in prefix list"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:12 ARST