Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access list or prefix-list

Hi

I'm using the access list on router 1 while using the prefix-list on router 2. What advantage is there by using either?

Config:

I have two routers in two datacentres.

Router1 has the following config:

router bgp 10???

no synchronization

bgp log-neighbor-changes

network mmm.mmm.11.164 mask 255.255.255.252

network xxx.xxx.17.0 mask 255.255.255.224

network yyy.yyy.21.96 mask 255.255.255.224

neighbor mmm.mmm.11.165 remote-as 3???

neighbor mmm.mmm.11.165 soft-reconfiguration inbound

neighbor mmm.mmm.11.165 route-map isp-to-se in

neighbor mmm.mmm.11.165 route-map se-to-sip out

neighbor xxx.xxx.17.1 remote-as 1???

neighbor xxx.xxx.17.1 soft-reconfiguration inbound

!

access-list 1 remark ***** BGP Distribution List *****

access-list 1 permit xxx.xxx.17.0 0.0.0.31

!

route-map se-to-isp permit 10

match ip address 1

set metric 8000

set local-preference 50

!

route-map se-to-isp permit 10

set metric 50

!

And router 2:

router bgp 10???

no synchronization

bgp log-neighbor-changes

network kkk.kkk.10.0 mask 255.255.255.252

network xxx.xxx.17.0 mask 255.255.255.224

network yyy.yyy.21.96 mask 255.255.255.224

neighbor kkk.kkk.10.1 remote-as 3???

neighbor kkk.kkk.10.1 soft-reconfiguration inbound

neighbor kkk.kkk.10.1 route-map isp-to-se in

neighbor kkk.kkk.10.1 route-map se-to-isp out

neighbor xxx.xxx.17.2 remote-as 10???

neighbor xxx.xxx.17.2 soft-reconfiguration inbound

!

ip prefix-list mx-src seq 10 permit xxx.xxx.17.0/27

ip prefix-list mx-src seq 11 permit yyy.yyy.21.96/27

ip prefix-list mx-src seq 12 permit zzz.zzz.210.64/26

!

access-list 1 remark ***** BGP Distribution List *****

access-list 1 permit xxx.xxx.17.0 0.0.0.31

access-list 1 permit zzz.zzz.210.64 0.0.0.63

!

route-map se-to-isp permit 10

match ip address prefix-list mx-src

set metric 300

!

route-map isp-to-se permit 10

set metric 20

!

Thanks in advance

Dan

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Access list or prefix-list

Hello,

both configurations obviously work. Prefix-list are better from a performance aspect - they are organized in a tree structure, whereas ACLs are processed line by line.

Having only a couple of lines in your example there is not too much difference though.

Generally, in the context of a route-map the access-list is not used to describe packets but routing updates. A routing update consists of the network part and the mask. The use of an extended access-list in this context has been redefined in such a way, that the first part (for packets: source) describes the network and the second part (for packets: destination) describes the mask.

An example:

ip prefix-list 1 seq 10 permit 1.1.0.0/16 ge 22

equals

access-list 100 permit ip 1.1.0.0 0.0.255.255 255.255.252.0 0.0.3.255

The use of prefix-lists is favourable, because of the better readability (and performance).

Hope this helps! Please rate all posts.

Regards, Martin

1 REPLY

Re: Access list or prefix-list

Hello,

both configurations obviously work. Prefix-list are better from a performance aspect - they are organized in a tree structure, whereas ACLs are processed line by line.

Having only a couple of lines in your example there is not too much difference though.

Generally, in the context of a route-map the access-list is not used to describe packets but routing updates. A routing update consists of the network part and the mask. The use of an extended access-list in this context has been redefined in such a way, that the first part (for packets: source) describes the network and the second part (for packets: destination) describes the mask.

An example:

ip prefix-list 1 seq 10 permit 1.1.0.0/16 ge 22

equals

access-list 100 permit ip 1.1.0.0 0.0.255.255 255.255.252.0 0.0.3.255

The use of prefix-lists is favourable, because of the better readability (and performance).

Hope this helps! Please rate all posts.

Regards, Martin

424
Views
0
Helpful
1
Replies
CreatePlease login to create content