IP Prefix-List Question

Answered Question
May 5th, 2010

Hey,

Some clarity..

I want to allow the default into my AS but block everything else..

Would the config be:

ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32

or could we use

seq 5 deny 0.0.0.0/1 le 32

Or both would work..

Please let me know..

MAv

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 3 years 11 months ago

Hello Paolo,

I hope you are well

there is an implicit deny at the end of a prefix-list like in an access-list.

So if you want to accept or send just a default route, you need just the first line as noted by Jon

Jon: the second line is not necessary or also wrong in this way?

I would say it is not necessary.

Edit:

a name has to be given to the prefix-list let's consider this just a mistyping

Hope to help

Giuseppe

Correct Answer by Jon Marshall about 3 years 11 months ago

Mavrick25 wrote:

Hey,

Some clarity..

I want to allow the default into my AS but block everything else..

Would the config be:

ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32

or could we use

seq 5 deny 0.0.0.0/1 le 32

Or both would work..

Please let me know..

MAv

Mav

The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (3 ratings)
Correct Answer
Jon Marshall Wed, 05/05/2010 - 09:14

Mavrick25 wrote:

Hey,

Some clarity..

I want to allow the default into my AS but block everything else..

Would the config be:

ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32

or could we use

seq 5 deny 0.0.0.0/1 le 32

Or both would work..

Please let me know..

MAv

Mav

The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.

Jon

Correct Answer
Giuseppe Larosa Wed, 05/05/2010 - 09:31

Hello Paolo,

I hope you are well

there is an implicit deny at the end of a prefix-list like in an access-list.

So if you want to accept or send just a default route, you need just the first line as noted by Jon

Jon: the second line is not necessary or also wrong in this way?

I would say it is not necessary.

Edit:

a name has to be given to the prefix-list let's consider this just a mistyping

Hope to help

Giuseppe

Actions

Login or Register to take actions

This Discussion

Posted May 5, 2010 at 7:05 AM
Stats:
Replies:2 Avg. Rating:5
Views:647 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard