understanding Prefix-List
I am trying to understand the purpose of the number that comes after the "/".
example:
ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17
2 means match 2 bits of first octet 10
however whatever I put , the prefix list will care just about the ge 17
to clarify it I have this table before filtering:
if I use : ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17
router eigrp 1
distribute-list prefix TEST in
so what 's the purpose of the number that comes after the slash sign "/", example:10.0.0.0/2
Thank you
example:
ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17
2 means match 2 bits of first octet 10
however whatever I put , the prefix list will care just about the ge 17
to clarify it I have this table before filtering:
R1(config)#do sh ip route
10.0.0.0/8 is variably subnetted, 6 subnets, 6 masks
D 10.1.0.0/16 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D 10.2.0.0/17 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D 10.3.0.0/18 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D 10.4.0.0/19 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D 10.5.0.0/20 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
D 10.6.0.0/21 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
if I use : ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17
router eigrp 1
distribute-list prefix TEST in
R1(config)#do sh ip route
10.0.0.0/8 is variably subnetted, 5 subnets, 5 masks
D 10.2.0.0/17 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D 10.3.0.0/18 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D 10.4.0.0/19 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D 10.5.0.0/20 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
D 10.6.0.0/21 [90/156160] via 192.168.12.2, 00:00:03, FastEthernet0/0
so what 's the purpose of the number that comes after the slash sign "/", example:10.0.0.0/2
Thank you
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
thanks Hemil Aquino
I had this one : 10.0.0.0/2 ge 17 -----you can see it is just 2 bits after the slash "/"
if it was 10.0.0.0/8 ge 17 or 10.0.0.0/16 ge 17, it would make sense , but 2 bits from the first octet , I could not tell what is covered to be permitted and what is not...
I had this one : 10.0.0.0/2 ge 17 -----you can see it is just 2 bits after the slash "/"
if it was 10.0.0.0/8 ge 17 or 10.0.0.0/16 ge 17, it would make sense , but 2 bits from the first octet , I could not tell what is covered to be permitted and what is not...
i know 10 in binary is 00001010
if My prefix list is :
ip prefix-list LIST1 permit 10.0.0.0/2
you would think from the first octet (10) in binary it has 2 Zeros 00001010
so any network that starts with 10 in our case is permitted
but when I used that prefix list ... the routing table dis not show any of the Network 10
if My prefix list is :
ip prefix-list LIST1 permit 10.0.0.0/2
you would think from the first octet (10) in binary it has 2 Zeros 00001010
so any network that starts with 10 in our case is permitted
but when I used that prefix list ... the routing table dis not show any of the Network 10
Prefix list ip prefix-list LIST1 permit 10.0.0.0/2 without ge or le will permit exactly that network 0.0.0.0/2 (0.0.0.0 192.0.0.0). Router will automatically convert 10.0.0.0/2 to 0.0.0.0/2, since it is the same range as 0.0.0.0/2 (matches network range 0.0.0.0 - 63.255.255.255).
ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17 will be match for any network from range that first octet starts 0 - 63 that has subnet mask greater or equal to /17 -> and it did its job. As you can see from your outing output - route
ip prefix-list TEST seq 5 permit 10.0.0.0/2 ge 17 will be match for any network from range that first octet starts 0 - 63 that has subnet mask greater or equal to /17 -> and it did its job. As you can see from your outing output - route
D 10.1.0.0/16 [90/156160] via 192.168.12.2, 00:00:01, FastEthernet0/0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
Let say I have two routers R1 and R2
R1 has the following loop-back interface with 32 bit subnet mask
lo0 10.0.0.1 255.255.255.255
lo1 10.0.1.1 255.255.255.255
lo2 10.0.2.1 255.255.255.255
All the network above it's been advertised. So, now I want to filter traffic preventing Lo2 to be advertise towards R2
R1(config)# Ip prefix-list Filter_10.0.2.1 deny 10.0.2.1 /32 ----"we are denying that specific subnet"
R1(config)# Ip prefix-list Filter_10.0.2.1 permit 0.0.0.0 /0 le 32 --- "below my description"
Permit anything else with any prefix-list
Ip prefix-list Filter_10.0.2.1 permit 0.0.0.0 /0
ge (greater) Minimum prefix length to be matched
le (less) Maximum prefix length to be matched
When I said (le 32) means: The prefix list should be less OR equal to 32. I have a 32 bit a address so all the network should be less or equal 32.
You follow me so far?
Another example.
I would like to include any routes in the range of 10.0.3.0/24 with a prefix length of 26 or greater. Essentially any advertised route that’s a /26,/27,/28,/29,/30,/31,or
R2(config)#ip prefix-list LIST1 permit 10.0.3.0/24 ge 26
R2#clear ip eigrp 100 neighbors
R2#sh ip route
10.0.0.0/8 is variably subnetted, 7 subnets, 7 masks
D 10.0.3.128/26 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D 10.0.3.192/27 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D 10.0.3.224/28 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D 10.0.3.248/30 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D 10.0.3.252/31 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D 10.0.3.254/32 [90/156160] via 192.168.1.1, 00:00:17, FastEthernet0/0
D 10.0.3.240/29 [90/156160] via 192.168.1.1, 00:00:19, FastEthernet0/0
192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.0 is directly connected, FastEthernet0/0
As you can see we are now collecting the desired routing information. Like the “gr” option the “le” or “less than or equal to” option has a similar effect but in reverse. After clearing the list and creating the rule below the results are as follows:
R2(config)#ip prefix-list LIST1 permit 10.0.3.0/24 le 26
R2(config)#do clear ip eigrp neighbor
R2(config)#do sh ip route
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D 10.0.3.0/25 [90/156160] via 192.168.1.1, 00:00:02, FastEthernet0/0
D 10.0.3.128/26 [90/156160] via 192.168.1.1, 00:00:02, FastEthernet0/0
192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.0 is directly connected, FastEthernet0/0
The example configuration above will include /24, /25 and /26 prefixes falling inside the 10.0.3.0/24 range of network
Hope it helps,