The formats of a prefix list entry and an IP access control list (ACL) entry are similar. A prefix list entry consists of a name, an action (deny or permit), the prefix number, and the prefix length. The syntax of the command is ip prefix-list {list-name} [seq seq-num] {deny | permit} {prefix/length} [ge ge-value] [le le-value]. The network number can be any valid IP address or prefix, while the bit mask can be a number from 0 to 32. The prefix is automatically converted to match the prefix length value, eg: entering 10.11.12.0/8 would result in 10.0.0.0/8.
Note: If a prefix is permitted, the route will be used; if a prefix is denied, the route is not used.
The basic form of prefix list assumes an exact match of both prefix number and prefix length. Additional parameters are required to match a range of prefixes. When a prefix range ends at /32, the ge-value (greater-than-or-equal-to) can be specified. The ge-value must be greater than the length specified by the prefix/length parameter, and less than 32. When the ge parameter is specified, the prefixes with mask length from the ge-value to 32 (inclusive) will be matched.
If the prefix length does not end at /32, the le (less-than-or-equal-to) parameter must be specified. When both the ge and le parameters are specified, the prefixes with mask length between the ge-value and le-value (inclusive) will be matched. The specified ge-value and le-value must satisfy the following condition:
prefix-length < ge-value < le-value ≤ 32
Representation of Prefix Length Ranges for the ip prefix-list Command
Below is an example of using both the ge and le parameters to match a portion of 172.16.1.0/24:
ip prefix-list pl-test permit 172.16.1.0/24 ge 25 le 30
Note that 172.16.1.0/24 and all the /31s and /32s are not in the range.
Below lists the prefixes that are being matched by the prefix range:
| 2 /25s | 172.16.1.0/25, 172.16.1.128/25. |
| 4 /26s | 172.16.1.0/26, 172.16.1.64/26, 172.16.1.128/26, 172.16.1.192/26. |
| 8 /27s | 172.16.1.0/27, 172.16.1.32/27 … 172.16.1.192/27, 172.16.1.224/27. |
| 16 /28s | 172.16.1.0/28, 172.16.1.16/28 … 172.16.1.224/28, 172.16.1.240/28. |
| 32 /29s | 172.16.1.0/29, 172.16.1.8/29 … 172.16.1.240/29, 172.16.1.248/29. |
| 64 /30s | 172.16.1.0/30, 172.16.1.4/30 … 172.16.1.248/30, 172.16.1.252/30. |
When a prefix list is configured without a sequence number, the default sequence number of 5 will be applied to the prefix list, and subsequent prefix list entries will be incremented by 5, eg: 5, 10, 15, etc. If a sequence number is entered for the first prefix list entry but not subsequent entries, the subsequent entries will also be incremented by 5, eg: if the first configured sequence number is 3, then the subsequent sequence numbers will be 8, 13, 18, etc.
Below lists some examples of prefix lists:
| ip prefix-list pl-test permit 0.0.0.0/0 A prefix list entry configured to match only the default route 0.0.0.0/0. |
| ip prefix-list pl-test permit 0.0.0.0/0 le 32 A prefix list entry configured to match any address or subnet – match all (permit any any). |
| ip prefix-list pl-test permit 0.0.0.0/0 ge 8 le 24 A prefix list entry configured to match any prefix that has a prefix length from 8 to 24 bits. |
| ip prefix-list pl-test permit 0.0.0.0/0 ge 30 le 30 A prefix list entry configured to match any prefix with prefix length of 30. |
| ip prefix-list pl-test permit 172.16.1.0/24 A prefix list entry configured to match the 172.16.1.0/24 subnet. |
| ip prefix-list pl-test permit 10.0.0.0/8 le 24 A prefix list entry configured to match subnets from the 10.0.0.0/8 network that have a prefix length that is less than or equal to 24 bits. |
| ip prefix-list pl-test permit 10.0.0.0/8 ge 25 A prefix list entry configured to match subnets from the 10.0.0.0/8 network that have a prefix length that is greater than or equal to 25 bits. |
| ip prefix-list pl-test permit 10.0.0.0/8 le 32 A prefix list entry configured to match any prefix from the 10.0.0.0/8 network. |
Network Setup for IP Prefix Lists
The sample network above was setup to observe how RT2 uses prefix lists to determine which subnets to be redistributed from OSPF into EIGRP.
Below shows the configuration on RT2:
! router ospf 100 network 12.12.12.2 0.0.0.0 area 0 ! router eigrp 100 redistribute ospf 100 route-map OSPF-EIGRP network 23.23.23.2 0.0.0.0 default-metric 10000 100 255 1 1500 no auto-summary ! ip prefix-list OSPF-EIGRP-routes seq 5 permit 10.0.0.0/8 ip prefix-list OSPF-EIGRP-routes seq 10 permit 11.0.0.0/8 ge 9 ip prefix-list OSPF-EIGRP-routes seq 15 permit 12.0.0.0/8 ge 9 ip prefix-list OSPF-EIGRP-routes seq 20 permit 13.0.0.0/8 ge 9 le 24 ip prefix-list OSPF-EIGRP-routes seq 25 permit 172.16.0.0/16 ip prefix-list OSPF-EIGRP-routes seq 30 permit 172.17.0.0/16 ge 24 ip prefix-list OSPF-EIGRP-routes seq 35 permit 172.18.0.0/16 ge 24 ip prefix-list OSPF-EIGRP-routes seq 40 permit 172.19.0.0/16 ge 24 le 30 ! route-map OSPF-EIGRP permit 10 match ip address prefix-list OSPF-EIGRP-routes !
Below shows the routing table on RT3:
RT3#sh ip route
Gateway of last resort is not set
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet0/0
D EX 172.16.0.0/16 [170/284160] via 23.23.23.2, 00:01:29, FastEthernet0/0
172.19.0.0/16 is variably subnetted, 2 subnets, 2 masks
D EX 172.19.2.0/30 [170/284160] via 23.23.23.2, 00:00:04, FastEthernet0/0
D EX 172.19.1.0/28 [170/284160] via 23.23.23.2, 00:00:04, FastEthernet0/0
172.18.0.0/24 is subnetted, 1 subnets
D EX 172.18.1.0 [170/284160] via 23.23.23.2, 00:00:24, FastEthernet0/0
D EX 10.0.0.0/8 [170/284160] via 23.23.23.2, 00:04:52, FastEthernet0/0
12.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
D EX 12.11.0.0/16 [170/284160] via 23.23.23.2, 00:03:06, FastEthernet0/0
D EX 12.12.12.0/24 [170/284160] via 23.23.23.2, 00:03:06, FastEthernet0/0
D EX 12.13.14.0/24 [170/284160] via 23.23.23.2, 00:03:06, FastEthernet0/0
13.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D EX 13.12.0.0/16 [170/284160] via 23.23.23.2, 00:02:35, FastEthernet0/0
D EX 13.14.15.0/24 [170/284160] via 23.23.23.2, 00:02:35, FastEthernet0/0
RT3#
No comments:
Post a Comment