On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!
Course Of The Month
7 days, 12 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
understanding Prefix-List
Posted on 2013-01-05
I am trying to understand he usage of Prefix-List , but it seems like they are abit complex.
for instance:
1***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 ge 24 le 24
is it permitting 1902.168.0.0 all the way 192.168.1.0 ?
2***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 le 32
is it permitting anything that starts with 192.168.X.X all the way 192.18.254.254 ?
3*** what about this, doe s it need "le" or "ge"
0.0.0.0/0
4*** what about these:
0.0.0.0/0 le 32
0.0.0.0/32
Thank you
for instance:
1***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 ge 24 le 24
is it permitting 1902.168.0.0 all the way 192.168.1.0 ?
2***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 le 32
is it permitting anything that starts with 192.168.X.X all the way 192.18.254.254 ?
3*** what about this, doe s it need "le" or "ge"
0.0.0.0/0
4*** what about these:
0.0.0.0/0 le 32
0.0.0.0/32
Thank you
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
5
3
- +1
12 Comments
Active 1 day ago
Check the links below, for good explanations.
https://learningnetwork.cisco.com/servlet/JiveServlet/download/24682-4806/How%20do%20prefix%20list%20work.pdf
http://packetlife.net/blog/2010/feb/1/understanding-ip-prefix-lists/
https://learningnetwork.cisco.com/servlet/JiveServlet/download/24682-4806/How%20do%20prefix%20list%20work.pdf
http://packetlife.net/blog/2010/feb/1/understanding-ip-prefix-lists/
Active 1 day ago
Can you please check my post above and tell me if I am understanding it the right way or wrong way ?
thanks
thanks
We are dealing with prefixes or subnets only here, do you understand subnets?
1***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 ge 24 le 24
is it permitting 1902.168.0.0 all the way 192.168.1.0 ?
is this case of prefix lists 1*** means match all prefixes within the 192.168.1.0/24 networks a) greater an than or equal to 24 bits and b) less than or equal to 24 bits
Fancy way of stating match 192.168.1.0/24 Remember 192.168.1.0/24 is a subnet, all possible networks that can be subnetted by this parent block is in play, so 192.168.1.0/25, 192.168.1.128/25, and so on, get it?
2***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 le 32
is it permitting anything that starts with 192.168.X.X all the way 192.18.254.254 ?
means match all prefixes within the 192.168.1.0/16 networks less than or equal to 32 bits,
so it means all possible subnets than can be subnetted from 192.168.1.0/16.
3*** what about this, doe s it need "le" or "ge"
0.0.0.0/0
with subnets this is sometimes used to mean all subnets when used with le 32
0.0.0.0/0 is a wildcard.
4*** what about these:
0.0.0.0/0 le 32
0.0.0.0/32
0.0.0.0/32 is an exact match meaning literally network 0.0.0.0 255.255.255.255 you see?
the important point here is that prefix lists deal with parent blocks and possible subnets that can be derived from that parent block.
harbor235 ;}
1***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 ge 24 le 24
is it permitting 1902.168.0.0 all the way 192.168.1.0 ?
is this case of prefix lists 1*** means match all prefixes within the 192.168.1.0/24 networks a) greater an than or equal to 24 bits and b) less than or equal to 24 bits
Fancy way of stating match 192.168.1.0/24 Remember 192.168.1.0/24 is a subnet, all possible networks that can be subnetted by this parent block is in play, so 192.168.1.0/25, 192.168.1.128/25, and so on, get it?
2***what is this saying:
ip prefix-list test seq 12 permit 192.168.1.0/16 le 32
is it permitting anything that starts with 192.168.X.X all the way 192.18.254.254 ?
means match all prefixes within the 192.168.1.0/16 networks less than or equal to 32 bits,
so it means all possible subnets than can be subnetted from 192.168.1.0/16.
3*** what about this, doe s it need "le" or "ge"
0.0.0.0/0
with subnets this is sometimes used to mean all subnets when used with le 32
0.0.0.0/0 is a wildcard.
4*** what about these:
0.0.0.0/0 le 32
0.0.0.0/32
0.0.0.0/32 is an exact match meaning literally network 0.0.0.0 255.255.255.255 you see?
the important point here is that prefix lists deal with parent blocks and possible subnets that can be derived from that parent block.
harbor235 ;}
It is important to note that the prefix-list is use for matching prefixes (routes) and not individual IP addresses.
Active 1 day ago
sorry I did not get it
ip prefix-list test seq 12 permit 192.168.1.0/16 ge 24 le 24
so /16 is meaningless since it will pass only subnets with 24 bits ?
I see you mention 25 bits .... I did not get get it...
since the condition says greater or equal 24 and less or equal 24...which means to me just 24
ip prefix-list test seq 12 permit 192.168.1.0/16 ge 24 le 24
so /16 is meaningless since it will pass only subnets with 24 bits ?
I see you mention 25 bits .... I did not get get it...
since the condition says greater or equal 24 and less or equal 24...which means to me just 24
The prefix that matches must have the exact subnet mask /24, and the prefix needs to be within 192.168.1.0/16 - which is the same as 192.168.0.0/16.
That would mean all 192.168.x.y/24 .
That would mean all 192.168.x.y/24 .
Active 1 day ago
I initially understood:
it will take : 192.168.1.0 to 192.168.254.0
Until I saw this, I extracted this from the pdf link given to me above:
ip prefix-list mylist seq 10 permit 172.16.0.0/16 ge 24 le 26
This will take the entire class B network 172.16.0.0 (172.16.0.0/16) and
pass only subnets with a /24, /25 or /26 mask (ge 24 le 26). So the exact
network 172.16.0.0/16 would actually fail the list because it does not have
a mask of /24, /25 or /26.
it will take : 192.168.1.0 to 192.168.254.0
Until I saw this, I extracted this from the pdf link given to me above:
ip prefix-list mylist seq 10 permit 172.16.0.0/16 ge 24 le 26
This will take the entire class B network 172.16.0.0 (172.16.0.0/16) and
pass only subnets with a /24, /25 or /26 mask (ge 24 le 26). So the exact
network 172.16.0.0/16 would actually fail the list because it does not have
a mask of /24, /25 or /26.
Featured Post
Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| Network Switches | 3 | 61 | |
| ACL not working | 11 | 63 | |
| Extended ping | 6 | 52 | |
| HP Storage and Cisco Nexus | 4 | 70 |
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Use of TCL script on Cisco devices:
- create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works. This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
- Linux
- Windows OS
- Networking
- Paessler
- Network Management
- Network Analysis, Network Operations
Suggested Courses
Course of the Month7 days, 12 hours left to enroll
737 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.