Difference between Distribute and Prefix lists...

Answered Question
May 2nd, 2010
User Badges:

Hi all,

     I'm hoping you might be able to assist me; in repsect to BGP, what is the difference between distribute and prefix lists and when would you use one over the other?


Thanks!

Correct Answer by Giuseppe Larosa about 6 years 10 months ago

Hello Lrm001c474,


both distribute-list and prefix-list allows to filter routes received or advertised to a specific neighbor using as criteria a list of IP prefixes.


Distribute-list invokes general purpose IP ACLs, either standard or extended.

What is difficult with IP access-lists to implement a criteria like:

of this big address block accepts prefixes with some specific mask lenghts


This was done by using IP extended ACLs in a peculiar way to attempt to verify mask range.


IP prefix-lists are specific of route filtering, they have been introduced in IOS 12.0 and allows to implement in an efficient and much more readable manner criteria like the above.


all prefixes with length between /24 and /18 from 150.200.0.0/16


becomes:

ip prefix-list example seq 5 permit 150.200.0.0/16 le 18 ge 24


to write something similar with an extended ACL:

" source part"  refers to the base network address 150.200.0.0

mask can be between 255.255.192.0 and 255.255.255.0 and this is the "destination part"

255.255.192.0 0.0.63.0


so the line should be:

access-list 111 permit ip host 150.200.0.0 255.255.192.0 0.0.63.0


that is really tricky to read.



Prefix-lists are also more efficient for the way they are implemented


So, the recommendation is to prefer prefix-lists over standard IP ACLs for BGP route filtering.


Also I prefer to put all matching criteria inside a route-map in order to be able to add other possible criteria like AS path access-lists without having to deal with the match order of different types of route filters (filter-list, distribute-list/prefix-list, route-map).

Again, in order to make configuration more readable.


Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Giuseppe Larosa Sun, 05/02/2010 - 10:43
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Lrm001c474,


both distribute-list and prefix-list allows to filter routes received or advertised to a specific neighbor using as criteria a list of IP prefixes.


Distribute-list invokes general purpose IP ACLs, either standard or extended.

What is difficult with IP access-lists to implement a criteria like:

of this big address block accepts prefixes with some specific mask lenghts


This was done by using IP extended ACLs in a peculiar way to attempt to verify mask range.


IP prefix-lists are specific of route filtering, they have been introduced in IOS 12.0 and allows to implement in an efficient and much more readable manner criteria like the above.


all prefixes with length between /24 and /18 from 150.200.0.0/16


becomes:

ip prefix-list example seq 5 permit 150.200.0.0/16 le 18 ge 24


to write something similar with an extended ACL:

" source part"  refers to the base network address 150.200.0.0

mask can be between 255.255.192.0 and 255.255.255.0 and this is the "destination part"

255.255.192.0 0.0.63.0


so the line should be:

access-list 111 permit ip host 150.200.0.0 255.255.192.0 0.0.63.0


that is really tricky to read.



Prefix-lists are also more efficient for the way they are implemented


So, the recommendation is to prefer prefix-lists over standard IP ACLs for BGP route filtering.


Also I prefer to put all matching criteria inside a route-map in order to be able to add other possible criteria like AS path access-lists without having to deal with the match order of different types of route filters (filter-list, distribute-list/prefix-list, route-map).

Again, in order to make configuration more readable.


Hope to help

Giuseppe

Actions

This Discussion