• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 92
  • Last Modified:

understanding Prefix-List

I am trying to understand the purpose of the number that comes after the "/".
example:
ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17

2 means match 2 bits of first octet 10

however whatever I put , the prefix list will care just about the ge 17

to clarify it I have this table before filtering:

R1(config)#do sh ip route 
      10.0.0.0/8 is variably subnetted, 6 subnets, 6 masks
D        10.1.0.0/16 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.2.0.0/17 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.3.0.0/18 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.4.0.0/19 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.5.0.0/20 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D        10.6.0.0/21 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0

Open in new window


if I use : ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17
router eigrp 1
 distribute-list prefix TEST in


R1(config)#do sh ip route

      10.0.0.0/8 is variably subnetted, 5 subnets, 5 masks
D        10.2.0.0/17 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.3.0.0/18 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.4.0.0/19 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.5.0.0/20 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D        10.6.0.0/21 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0

Open in new window


so what 's the purpose of the number that comes after the slash sign "/", example:10.0.0.0/2

Thank you
0
jskfan
Asked:
jskfan
  • 3
2 Solutions
 
Hemil AquinoNetwork EngineerCommented:
Here is a personal example that would help you to understand it better.

Let say I have two routers R1 and R2

R1 has the following loop-back interface with 32 bit subnet mask

lo0 10.0.0.1 255.255.255.255
lo1 10.0.1.1 255.255.255.255
lo2 10.0.2.1 255.255.255.255

All the network above it's been advertised. So, now I want to filter traffic preventing Lo2 to be advertise towards R2

R1(config)# Ip prefix-list Filter_10.0.2.1 deny 10.0.2.1 /32 ----"we are denying that specific subnet"
R1(config)# Ip prefix-list Filter_10.0.2.1 permit 0.0.0.0 /0 le 32 --- "below my description"

Permit anything else with any prefix-list
Ip prefix-list Filter_10.0.2.1 permit 0.0.0.0 /0

ge (greater) Minimum prefix length to be matched
le (less) Maximum prefix length to be matched

When I said (le 32) means: The prefix list should be less OR equal to 32. I have a 32 bit a address so all the network should be less or equal 32.
You follow me so far?

Another example.

I would like to include any routes in the range of 10.0.3.0/24 with a prefix length of 26 or greater. Essentially any advertised route that’s a /26,/27,/28,/29,/30,/31,or /32

R2(config)#ip prefix-list LIST1 permit 10.0.3.0/24 ge 26
R2#clear ip eigrp 100 neighbors
R2#sh ip route

     10.0.0.0/8 is variably subnetted, 7 subnets, 7 masks
D       10.0.3.128/26 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D       10.0.3.192/27 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D       10.0.3.224/28 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D       10.0.3.248/30 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D       10.0.3.252/31 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D       10.0.3.254/32 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D       10.0.3.240/29 [90/156160] via 192.168.1.1, 00:00:19, FastEthernet0/0
     192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, FastEthernet0/0

As you can see we are now collecting the desired routing information.  Like the  “gr” option the “le” or “less than or equal to” option has a similar effect but in reverse.   After clearing the list and creating the rule below the results are as follows:

R2(config)#ip prefix-list LIST1 permit 10.0.3.0/24 le 26
R2(config)#do clear ip eigrp neighbor
R2(config)#do sh ip route

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D       10.0.3.0/25 [90/156160] via 192.168.1.1, 00:00:02, FastEthernet0/0
D       10.0.3.128/26 [90/156160] via 192.168.1.1, 00:00:02, FastEthernet0/0
192.168.1.0/30 is subnetted, 1 subnets
C       192.168.1.0 is directly connected, FastEthernet0/0

The example configuration above will include /24, /25 and /26 prefixes falling inside the 10.0.3.0/24 range of network

Hope it helps,
0
 
jskfanAuthor Commented:
thanks Hemil Aquino
I had this one :  10.0.0.0/2 ge 17  -----you can see it is just 2 bits after the slash "/"


if it was  10.0.0.0/8 ge 17  or  10.0.0.0/16 ge 17, it would make sense , but  2 bits from the first octet , I could not tell what is covered to be permitted and what  is not...
0
 
jskfanAuthor Commented:
i know 10 in binary is 00001010

if  My prefix list is :
ip prefix-list LIST1 permit 10.0.0.0/2

you would think from the first octet (10) in binary it has  2 Zeros 00001010
 so any network that starts with 10 in our case  is permitted

but when I used that prefix list ... the routing table dis not show any of the Network 10
0
 
JustInCaseCommented:
Prefix list ip prefix-list LIST1 permit 10.0.0.0/2 without ge or le will permit exactly that network 0.0.0.0/2 (0.0.0.0 192.0.0.0). Router will automatically convert 10.0.0.0/2 to 0.0.0.0/2, since it is the same range as 0.0.0.0/2 (matches network range 0.0.0.0 - 63.255.255.255).

ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17 will be match for any network from range that first octet starts 0 - 63 that has subnet mask greater or equal to /17  -> and it did its job. As you can see from your outing output - route
D        10.1.0.0/16 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0

Open in new window

is missing is the second show ip route output (implicit deny at the end of prefix list matches 10.1.0.0/16).
0
 
jskfanAuthor Commented:
Thank you Guys !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now