IP Prefix-List Question

Answered Question
May 5th, 2010
User Badges:

Hey,


Some clarity..


I want to allow the default into my AS but block everything else..

Would the config be:


ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32


or could we use


seq 5 deny 0.0.0.0/1 le 32


Or both would work..


Please let me know..


MAv

Correct Answer by Giuseppe Larosa about 6 years 11 months ago

Hello Paolo,

I hope you are well


there is an implicit deny at the end of a prefix-list like in an access-list.

So if you want to accept or send just a default route, you need just the first line as noted by Jon


Jon: the second line is not necessary or also wrong in this way?

I would say it is not necessary.


Edit:

a name has to be given to the prefix-list let's consider this just a mistyping


Hope to help

Giuseppe

Correct Answer by Jon Marshall about 6 years 11 months ago

Mavrick25 wrote:


Hey,


Some clarity..


I want to allow the default into my AS but block everything else..

Would the config be:


ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32


or could we use


seq 5 deny 0.0.0.0/1 le 32


Or both would work..


Please let me know..


MAv

Mav


The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Jon Marshall Wed, 05/05/2010 - 09:14
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Mavrick25 wrote:


Hey,


Some clarity..


I want to allow the default into my AS but block everything else..

Would the config be:


ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32


or could we use


seq 5 deny 0.0.0.0/1 le 32


Or both would work..


Please let me know..


MAv

Mav


The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.


Jon

Correct Answer
Giuseppe Larosa Wed, 05/05/2010 - 09:31
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Paolo,

I hope you are well


there is an implicit deny at the end of a prefix-list like in an access-list.

So if you want to accept or send just a default route, you need just the first line as noted by Jon


Jon: the second line is not necessary or also wrong in this way?

I would say it is not necessary.


Edit:

a name has to be given to the prefix-list let's consider this just a mistyping


Hope to help

Giuseppe

Actions

This Discussion