Re: Prefix-list

http://ccienotes.blogspot.com/2007/08/ip-prefix-list.html

HTH

SE

On Thu, May 7, 2009 at 12:35 PM, Joe Astorino <joe_astorino_at_comcast.net>wrote:

> UGH I give up on Outlook....I'm going to bed : )
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Joe
> Astorino
> Sent: Thursday, May 07, 2009 5:20 AM
> To: 'Jared Scrivener'; 'Khurram Noor'
> Cc: 'Cisco certification'
> Subject: RE: Prefix-list
>
> Awesome stuff Jared! Guys, if you are having any issues with prefix-lists
> I
> would highly recommend you check out what Jared has to say. Last week at
> Ipexpert bootcamp, some of the students were struggling with this
> technology
> in particular, and after 10 minutes many of them were like "wow, I've never
> grasped this and now I totally get it." It would definitely be worth your
> time, even if you understand it to get another perspective.
>
>
>
> Khurram, I'm sure Jared will cover any of your questions in more detail but
> basically
>
> In the simplest form a prefix-list simply matches an EXACT prefix. Forget
> about masks for now. For example:
>
> Ip prefix-list pants permit 192.168.1.0/24 <------- This will permit
> ONLY
> the specific network 192.168.1.0/24 , nothing more , nothing less.
> Ip prefix-list foo permit 10.2.34.0/17 <------ This will permit ONLY the
> specific network 10.2.34.0/17, nothing more, nothing less
>
>
> There is also an option in prefix-lists to match subnet mask length using
> the keywords le / ge . Do not let this confuse you, it is a totally
> separate thing than what we just discussed. Here is an example:
>
> Lets take the RFC1918 private address blocks for an example. Here is a
> prefix-list that will deny all of them
>
> ip prefix-list No-RFC1918 deny 10.0.0.0/8 le 32 ip prefix-list No-RFC1918
> deny 172.16.0.0/12 le 32 ip prefix-list No-RFC1918 deny 192.168.0.0/16 le
> 32
>
> Now, the explanation. In a prefix-list the / specifies how many bits you
> "care" about, and the le or ge option specifies the bits in your mask. So
> for instance with 10.0.0.0/8 le 32 we are saying the first 8 bits of the
> prefix MUST be equal to the first 8 bits of 10.0.0.0 AND the mask of those
> routes must be less than or equal to 32. With 192.168.0.0/16 we are
> saying
> the first 16 bits MUST be equal to 192.168 AND the mask of those routes
> must
> be less than or equal to 32. So again anything starting with 192.168 will
> match.
>
>
> Here is something a little trickier:
>
> Ip prefix-list pants permit 192.168.0.0/16 le 24 <-------- So this says
> the first 16 bits MUST be 192.168 , AND the mask must be LE 24. So what
> routes match this?
>
> 192.168.0.0/24
> 192.168.0.0/23
> 192.168.0.0/22
> 192.168.0.0/21
> 192.168.0.0/20
> ...
>
>
> 192.168.1.0/24
> 192.168.1.0/23
> 192.168.1.0/22
> 192.168.1.0/21
> 192.168.1.0/20
> ...
>
> 192.168.2.0/24
> 192.168.2.0/23
> 192.168.2.0/22
> 192.168.2.0/21
> 192.168.2.0/20
> ...
>
> And so on and so forth... So 192.168.x.x with any mask 24 and less!
>
> I hope that helps man, but definitely tune into Jared's Ask The Expert as
> he
> can explain it better than I can type it! Apologies for any errors it's
> 5:20
> AM and I've been labbing all night hehe
>
>
>
>
> "He not busy being born is busy dying" -- Dylan
>
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0
>
> mQGiBEY2qu8RBAD0E7Ydspmpn9/rRfd614pvDaqj4GKAUeWpc8NNJ3xNU9C5TAKg
> Ta/52f2DvxgPlw6m7W66AJP0HZODw2ameQ9tNMrz3upKRA+ISFaqkJa99UOTdLGC
> W/HtHWZNUJDopBHm3j/TBAAhI0EWvcNIudbHx5zYY4osfDNMaIXYaySwIwCg61Db
> RuST/K0PlSUFK9o6AqTmrcsD/ReQLYK/OEzZBQsPBqMD68ADtdYyIA3VZ7nhWCzc
> YODiBl36XIskcwyVAnU9YXs/Hf96MfI1R2fvYGW8jJ4WHb3wT1JxgiUG4rUbA2L3
> doxNseggGrKC31njFynVuOpdd/TRfsqzV3Yv5MGFPkNG3w/AoiRtwoMZFUtAox3j
> EWbBA/4mYkTKS/Rfgpv7QQHj4ajCHsTL/JNSN8LARwbBomUFdJ+0xdNdr7Ax1zC4
> FEUfP0plRMLMypKPSNYzlIF8dKGwW2I8hUMfQpmIBA4BXBE0/mbv21lU2AzTkvb1
> FssbIzhCkx3mMzESgYIwnnNkJBatTfFqKOxGm//G7s2y1eFPsrQnSm9lIEFzdG9y
> aW5vIDxqb2VfYXN0b3Jpbm9AY29tY2FzdC5uZXQ+iGAEExECACAFAkY2qu8CGwMG
> CwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAb4dzwEzSi9chbAKCTz89zl4etDIdD
> Hewo7LNEmfT8uQCgmbneQqTT5VyIEx75nG5KzJh2K2m5Ag0ERjaq7xAIALgM2fwR
> tuhRNrwvkYFXTA5grAnnhGqFXPfLt5YlU86QLdu3Z9WJcAAHck1HMCUxdm0gZyNu
> q5XQnmr76dbWjftQ+mxYAdhZGjjGV1OQyjfyUoLbxyR0jvaLUTFvMmtxFsHpJvEc
> VLscWZUvjPbpcg/BH8EWbDUSCJc70EZMW6TpjyL+1Eq6+n4KB+IWDnn603U3vYFj
> ExVfg2CqTIzC/mxAGQ/lg1ujKBnL/VemGpjZzL8jyYVLhAtASTWnwuaL1Sf2kCYh
> fApP+06YxkQ39BrJmi7Dg6s5zeRu4le57kPLVAGK0ZYRbaq5asAi9Ni5j/ZLdh/b
> F3oUgAOTPQtqbi8AAwUH/1n9jpOXRX7LsfsI5K4gVhHYPUYuy5WuRRxJZ6Y1JbOq
> UfePLg+cutaxE8RAvEY1VZvNTvEt7UYPoA3qR3lb4IzLqJimbbKGhhVdHIOYLGnz
> nxiwfo4S+my9GEYKLb3iHIR1DCfihhDryVlFYGAMCPNh0w2sNSSenP4cZBuD6V1J
> QLitW9aZoURMvtFYU8aO/BlZ7hVlRVNU5juwwAM5t2n2gBeRhMthaAR7OApDypvB
> 1TM+BeSDchieEAFNkX4leSMbFgP3CJmAXMJXKj8MQmsR8gdccUHGplGFI6IzNklm
> L/eWLdhAZsM+LsAo4MpoJzPoQyFIH7wmIPm4b/z7YZmISQQYEQIACQUCRjaq7wIb
> DAAKCRAb4dzwEzSi9XiWAKCdDtdnTW9X/6rHxQL/obNiZsEtEwCgrlmYisNacJyf
> 74k/eLaYWYqu7YI=
> =8HMA
> -----END PGP PUBLIC KEY BLOCK-----
>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Jared Scrivener
> Sent: Thursday, May 07, 2009 3:32 AM
> To: Khurram Noor
> Cc: Cisco certification
> Subject: Re: Prefix-list
>
> Hey Khurram,
>
> Send a time to Groupstudy and to me as to what time between 12 midday and
> midnight today (in Pacific Standard Time which means between 11.5 and 23.5
> hours from now, roughly) that you'll be available and I'll do a live Ask
> The
> Expert session on it for you and anyone else who is interested to teach it
> from the basics so ANYONE can understand. If you have a microphone connect
> it to your PC and you'll get to ask me questions too (only you, as you
> asked
> first and with 100 people in these lectures I can't scale that out easily,
> so everyone else will have to type theirs).
>
> You asked the question, so you can pick the time - plan for a one hour
> block
> please and I'll send the Adobe Connect URL to everyone so others can watch
> too. If I don't hear back by the time I wake up (it's 1230am
> here) so I can plan my day, it won't happen but if I do it will, so
> everyone's counting on you now. :)
>
> I have to go to bed imminently so I won't confirm the time until I wake up,
> but if you pick any slot in that window I'll make it work.
>
> Congratulations on being the first person to Ask The Expert. ;)
>
> Speak to you tomorrow,
>
> Jared
>
>
>
> On May 6, 2009, at 11:53 PM, Khurram Noor <engr.khurramnoor_at_googlemail.com
> > wrote:
>
> > Hello everyone,
> > I am having a hard time in understanding mechanism of prefix-list and
> > how can it be related to acls. Is there any good resource/exercise/
> > article which can help me understand prefix-list and show me how to
> > convert ACL into Prefix-list.
> >
> > I will be thankful if anyone can help or just define how prefix-list
> > work with some examples.
> >
> > --
> > Khurram Noor
> > Internetwork Professional
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > ______________________________________________________________________
> > _
>
>
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 8.5.323 / Virus Database: 270.12.6/2084 - Release Date: 05/06/09
> 17:58:00
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 8.5.323 / Virus Database: 270.12.6/2084 - Release Date: 05/06/09
> 17:58:00
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu May 07 2009 - 16:22:35 ART