05-05-2010 07:05 AM - edited 03-04-2019 08:22 AM
Hey,
Some clarity..
I want to allow the default into my AS but block everything else..
Would the config be:
ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32
or could we use
seq 5 deny 0.0.0.0/1 le 32
Or both would work..
Please let me know..
MAv
Solved! Go to Solution.
05-05-2010 09:14 AM
Mavrick25 wrote:
Hey,
Some clarity..
I want to allow the default into my AS but block everything else..
Would the config be:
ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32or could we use
seq 5 deny 0.0.0.0/1 le 32
Or both would work..
Please let me know..
MAv
Mav
The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.
Jon
05-05-2010 09:31 AM
Hello Paolo,
I hope you are well
there is an implicit deny at the end of a prefix-list like in an access-list.
So if you want to accept or send just a default route, you need just the first line as noted by Jon
Jon: the second line is not necessary or also wrong in this way?
I would say it is not necessary.
Edit:
a name has to be given to the prefix-list let's consider this just a mistyping
Hope to help
Giuseppe
05-05-2010 09:14 AM
Mavrick25 wrote:
Hey,
Some clarity..
I want to allow the default into my AS but block everything else..
Would the config be:
ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32or could we use
seq 5 deny 0.0.0.0/1 le 32
Or both would work..
Please let me know..
MAv
Mav
The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.
Jon
05-05-2010 09:31 AM
Hello Paolo,
I hope you are well
there is an implicit deny at the end of a prefix-list like in an access-list.
So if you want to accept or send just a default route, you need just the first line as noted by Jon
Jon: the second line is not necessary or also wrong in this way?
I would say it is not necessary.
Edit:
a name has to be given to the prefix-list let's consider this just a mistyping
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: