04-20-2006 07:20 AM - edited 03-03-2019 02:53 AM
Hi
I'm using the access list on router 1 while using the prefix-list on router 2. What advantage is there by using either?
Config:
I have two routers in two datacentres.
Router1 has the following config:
router bgp 10???
no synchronization
bgp log-neighbor-changes
network mmm.mmm.11.164 mask 255.255.255.252
network xxx.xxx.17.0 mask 255.255.255.224
network yyy.yyy.21.96 mask 255.255.255.224
neighbor mmm.mmm.11.165 remote-as 3???
neighbor mmm.mmm.11.165 soft-reconfiguration inbound
neighbor mmm.mmm.11.165 route-map isp-to-se in
neighbor mmm.mmm.11.165 route-map se-to-sip out
neighbor xxx.xxx.17.1 remote-as 1???
neighbor xxx.xxx.17.1 soft-reconfiguration inbound
!
access-list 1 remark ***** BGP Distribution List *****
access-list 1 permit xxx.xxx.17.0 0.0.0.31
!
route-map se-to-isp permit 10
match ip address 1
set metric 8000
set local-preference 50
!
route-map se-to-isp permit 10
set metric 50
!
And router 2:
router bgp 10???
no synchronization
bgp log-neighbor-changes
network kkk.kkk.10.0 mask 255.255.255.252
network xxx.xxx.17.0 mask 255.255.255.224
network yyy.yyy.21.96 mask 255.255.255.224
neighbor kkk.kkk.10.1 remote-as 3???
neighbor kkk.kkk.10.1 soft-reconfiguration inbound
neighbor kkk.kkk.10.1 route-map isp-to-se in
neighbor kkk.kkk.10.1 route-map se-to-isp out
neighbor xxx.xxx.17.2 remote-as 10???
neighbor xxx.xxx.17.2 soft-reconfiguration inbound
!
ip prefix-list mx-src seq 10 permit xxx.xxx.17.0/27
ip prefix-list mx-src seq 11 permit yyy.yyy.21.96/27
ip prefix-list mx-src seq 12 permit zzz.zzz.210.64/26
!
access-list 1 remark ***** BGP Distribution List *****
access-list 1 permit xxx.xxx.17.0 0.0.0.31
access-list 1 permit zzz.zzz.210.64 0.0.0.63
!
route-map se-to-isp permit 10
match ip address prefix-list mx-src
set metric 300
!
route-map isp-to-se permit 10
set metric 20
!
Thanks in advance
Dan
Solved! Go to Solution.
04-20-2006 07:39 AM
Hello,
both configurations obviously work. Prefix-list are better from a performance aspect - they are organized in a tree structure, whereas ACLs are processed line by line.
Having only a couple of lines in your example there is not too much difference though.
Generally, in the context of a route-map the access-list is not used to describe packets but routing updates. A routing update consists of the network part and the mask. The use of an extended access-list in this context has been redefined in such a way, that the first part (for packets: source) describes the network and the second part (for packets: destination) describes the mask.
An example:
ip prefix-list 1 seq 10 permit 1.1.0.0/16 ge 22
equals
access-list 100 permit ip 1.1.0.0 0.0.255.255 255.255.252.0 0.0.3.255
The use of prefix-lists is favourable, because of the better readability (and performance).
Hope this helps! Please rate all posts.
Regards, Martin
04-20-2006 07:39 AM
Hello,
both configurations obviously work. Prefix-list are better from a performance aspect - they are organized in a tree structure, whereas ACLs are processed line by line.
Having only a couple of lines in your example there is not too much difference though.
Generally, in the context of a route-map the access-list is not used to describe packets but routing updates. A routing update consists of the network part and the mask. The use of an extended access-list in this context has been redefined in such a way, that the first part (for packets: source) describes the network and the second part (for packets: destination) describes the mask.
An example:
ip prefix-list 1 seq 10 permit 1.1.0.0/16 ge 22
equals
access-list 100 permit ip 1.1.0.0 0.0.255.255 255.255.252.0 0.0.3.255
The use of prefix-lists is favourable, because of the better readability (and performance).
Hope this helps! Please rate all posts.
Regards, Martin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: