I'm hoping you might be able to assist me; in repsect to BGP, what is the difference between distribute and prefix lists and when would you use one over the other?
both distribute-list and prefix-list allows to filter routes received or advertised to a specific neighbor using as criteria a list of IP prefixes.
Distribute-list invokes general purpose IP ACLs, either standard or extended.
What is difficult with IP access-lists to implement a criteria like:
of this big address block accepts prefixes with some specific mask lenghts
This was done by using IP extended ACLs in a peculiar way to attempt to verify mask range.
IP prefix-lists are specific of route filtering, they have been introduced in IOS 12.0 and allows to implement in an efficient and much more readable manner criteria like the above.
all prefixes with length between /24 and /18 from 184.108.40.206/16
ip prefix-list example seq 5 permit 220.127.116.11/16 le 18 ge 24
to write something similar with an extended ACL:
" source part" refers to the base network address 18.104.22.168
mask can be between 255.255.192.0 and 255.255.255.0 and this is the "destination part"
so the line should be:
access-list 111 permit ip host 22.214.171.124 255.255.192.0 0.0.63.0
that is really tricky to read.
Prefix-lists are also more efficient for the way they are implemented
So, the recommendation is to prefer prefix-lists over standard IP ACLs for BGP route filtering.
Also I prefer to put all matching criteria inside a route-map in order to be able to add other possible criteria like AS path access-lists without having to deal with the match order of different types of route filters (filter-list, distribute-list/prefix-list, route-map).
Again, in order to make configuration more readable.
Hope to help