Re: Difference between 0.0.0.0/0 and 0.0.0.0/32

Excellent! Very glad to help out.

Regards,

Joe Astorino - CCIE #24347 R&S
Technical Instructor - IPexpert, Inc.
Cell: +1.586.212.6107
Fax: +1.810.454.0130
Mailto: jastorino_at_ipexpert.com

-----Original Message-----
From: Anantha Subramanian Natarajan <anantha.natarajan_at_gravitant.com>

Date: Mon, 14 Sep 2009 12:27:53
To: <jastorino_at_ipexpert.com>; Cisco certification<ccielab_at_groupstudy.com>
Subject: Re: Difference between 0.0.0.0/0 and 0.0.0.0/32

Hi Joe,

  yes got that and thank you very much.When I was reading through a document
which I googled,I got confused while referring to the below pdf on page
136,where they highlighted this rule as below .But now because of you
all insights got it clear .

Thank you very much.

# deny the default route
ip prefix-list sanity-check seq 5 deny 0.0.0.0/32

  www.*menog*.net/.../*menog4*/.../*MENOG4*-Merike-*security*_WS.pdf<http://www.menog.net/.../menog4/.../MENOG4-Merike-security_WS.pdf>

Regards
Anantha Subramanian Natarajan

On Mon, Sep 14, 2009 at 12:16 PM, Joe Astorino <jastorino_at_ipexpert.com>wrote:

> Hey,
>
> No, as you can see in the test 0.0.0.0/32 does NOT match all routes OR the
> default...it would match 0.0.0.0 with a mask of 255.255.255.255 which is not
> the default route
>
> Regards,
>
> Joe Astorino - CCIE #24347 R&S
> Technical Instructor - IPexpert, Inc.
> Cell: +1.586.212.6107
> Fax: +1.810.454.0130
> Mailto: jastorino_at_ipexpert.com
>
> ------------------------------
> *From*: Anantha Subramanian Natarajan
> *Date*: Mon, 14 Sep 2009 05:50:03 -0500
> *To*: Joe Astorino<jastorino_at_ipexpert.com>; Cisco certification<
> ccielab_at_groupstudy.com>
> *Subject*: Re: Difference between 0.0.0.0/0 and 0.0.0.0/32
>
> Hi Joe,
>
> Awesome !!!!!!//Thank you very much
>
> So based on your test and explanation,is my understanding right that,
> 0.0.0.0/32 matches all routes *except *default route.Please correct me if
> I am wrong in understanding
>
> Once again thank you for your time
>
> Regards
> Anantha Subramanian Natarajan
>
> On Mon, Sep 14, 2009 at 12:57 AM, Joe Astorino <jastorino_at_ipexpert.com>wrote:
>
>> 0.0.0.0/0 le 32 <--- This matches ANY route. Basically the logic here is
>> "0 bits must match AND the subnet mask can be anything <= 32 bits (anything
>>
>> 0.0.0.0/0 <--- This matches ONLY the default route. The logic here is
>> that we are matching EXACTLY 0.0.0.0 with a mask of 0.0.0.0. Nothing more,
>> nothing less.
>>
>> 0.0.0.0/32 <--- Logically, this would match EXACTLY 0.0.0.0 with a mask
>> of 255.255.255.255. From my testing (see below) this does *NOT* match
>> every route. You will have to excuse the fact that tonight I have been
>> playing with VRFs...
>>
>>
>> *BEFORE applying the prefix-list called from a distribute-list in OSPF...
>> *
>> R1(config-router)#do sh ip route vrf VRF1 ospf
>>
>> Routing Table: VRF1
>>
>> 2.0.0.0/32 is subnetted, 1 subnets
>> O 2.2.2.2 [110/2] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> 100.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
>> O 100.100.56.0/24
>> [110/66] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> O 100.100.200.2/32
>> [110/1] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> O 100.100.200.4/32
>> [110/65] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> O 100.100.200.5/32
>> [110/65] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> O 100.100.200.6/32
>> [110/65] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> 4.0.0.0/32 is subnetted, 1 subnets
>> O 4.4.4.4 [110/66] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> 5.0.0.0/32 is subnetted, 1 subnets
>> O 5.5.5.5 [110/66] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> 6.0.0.0/32 is subnetted, 1 subnets
>> O 6.6.6.6 [110/66] via 100.100.12.2, 00:01:39, FastEthernet0/0.12
>> 7.0.0.0/32 is subnetted, 1 subnets
>> O 7.7.7.7 [110/67] via 100.100.12.2, 00:01:42, FastEthernet0/0.12
>>
>>
>> *Now, we create and apply the prefix-list...*
>>
>> ip prefix-list foo seq 5 permit 0.0.0.0/32
>>
>> *Apply to the OSPF process and check the routing table...*
>>
>> R1(config)#router ospf 1
>> R1(config-router)#distribute-list prefix foo in
>> R1(config-router)#do sh ip route vrf VRF1 ospf
>>
>> Routing Table: VRF1
>>
>> *You see we have NO OSPF learned routes...and that below the entire
>> routing table shows only connected routes...*
>>
>> R1(config-router)#do sh ip route vrf VRF1
>>
>> Routing Table: VRF1
>> Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
>> D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
>> N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
>> E1 - OSPF external type 1, E2 - OSPF external type 2
>> i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS
>> level-2
>> ia - IS-IS inter area, * - candidate default, U - per-user static
>> route
>> o - ODR, P - periodic downloaded static route
>>
>> Gateway of last resort is not set
>>
>> 1.0.0.0/32 is subnetted, 1 subnets
>> C 1.1.1.1 is directly connected, Loopback1
>> 100.0.0.0/24 is subnetted, 1 subnets
>> C 100.100.12.0 is directly connected, FastEthernet0/0.12
>>
>>
>>
>>
>>
>>
>>
>> On Mon, Sep 14, 2009 at 1:02 AM, Anantha Subramanian Natarajan <
>> anantha.natarajan_at_gravitant.com> wrote:
>>
>>> Hi Khurram,
>>>
>>> Thank you for clarifying .....So 0.0.0.0/0 le 32 is equal to 0.0.0.0/32?
>>>
>>> Thank You
>>>
>>> Regards
>>> Anantha Subramanian Natarajan
>>>
>>> On Sun, Sep 13, 2009 at 11:59 PM, Khurram Noor <
>>> engr.khurramnoor_at_googlemail.com> wrote:
>>>
>>> > 0.0.0.0/0 means (0.0.0.0 0.0.0.0) only default route where as
>>> 0.0.0.0/32means (0.0.0.0 255.255.255.255) all routes.
>>> >
>>> >
>>> > --
>>> > Khurram Noor
>>> > CCIE # 24419
>>> >
>>> > http://www.linkedin.com/in/khurramnoor
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Regards,
>>
>> Joe Astorino - CCIE #24347 R&S
>> Technical Instructor - IPexpert, Inc.
>> Cell: +1.586.212.6107
>> Fax: +1.810.454.0130
>> Mailto: jastorino_at_ipexpert.com

Blogs and organic groups at http://www.ccie.net
Received on Mon Sep 14 2009 - 17:35:46 ART