guys can someone please tell me how to use prefix-list (i mean kindly see the attached file) i am not getting le or ge how we do that.... how we calculate that can someone please tell me the easiest way as i cant get my head around it.......
(Optional) Specifies the lesser value of a range (the "from" portion of the range description) by applying the ge-length argument to the range specified. The ge-length argument represents the minimum prefix length to be matched.
Note The ge keyword represents the greater than or equal to operator.
(Optional) Specifies the greater value of a range (the "to" portion of the range description) by applying the le-length argument to the range specified. The le-length argument represents the maximum prefix length to be matched.
Note The le keyword represents the less than or equal to operator.
Here is what it means:
The following examples show how a prefix list can be used.
To deny the default route 0.0.0.0/0:
ip prefix-list abc deny 0.0.0.0/0
To permit the prefix10.0.0.0/8:
ip prefix-list abc permit 10.0.0.0/8
The following examples show how to specify a group of prefixes.
To accept a mask length of up to 24 bits in routes with the prefix 192/16:
ip prefix-list abc permit 192.168.0.0/16 le 24
To deny mask lengths greater than 25 bits in routes with the prefix 192/16:
ip prefix-list abc deny 192.168.0.0/16 ge 25
To permit mask lengths from 8 to 24 bits in all address space:
ip prefix-list abc permit 0.0.0.0/0 ge 8 le 24
To deny mask lengths greater than 25 bits in all address space:
ip prefix-list abc deny 0.0.0.0/0 ge 25
To deny all routes with a prefix of 10/8:
ip prefix-list abc deny 10.0.0.0/8 le 32
To deny all masks with a length greater than 25 bits routes with a prefix of 192.168.1/24:
If "/" or the "len" is used alone then this matches the subnet mask, while the prefix must be an exact match (as if the "/" did both the bit match and the subnet mask).
Ex: "172.16.8.0/24" the number after the / is BOTH bits checked and subnet mask. So in this case it will check the 24 bits from left to right (won't care about the last 8 bits) AND it will make sure that it has a 24 bit mask. BOTH the 24 bits checked and the 24 bit subnet mask must match for the network to be permitted or denied.
While if using "le" and "ge" the "/" will be used to do bit match manipulation while the "le" and the "ge" do the subnet mask manipulation.
In the case of using "le" with the "/", the "/" will act as the lower limit of the subnet mask, as the subnet mask can't be any lower than the bits we are checking, which is extremely logical.
In the case of using "ge" with the "/" the "/" will act as the bit matcher, while the subnetmask can be anything starting from the "ge" value up to 32.
In the case of using both "le" and "ge", the "/" does the bit match, and the "le" and "ge" does the subnet mask ranging (The subnetmask can be anything from "ge" to "le").
If both "le" and "ge" are used equally, this means that we are matching an exact subnet mask, and the "/" does the bit matching.
Ex: "172.16.8.0/24 ge 25" the number directly after the / becomes ONLY bits checked and the number after the ge is the subnet mask manipulator. So in this case we are going to check the first 24 bits of the network from left to right for an exact match. If those match we are then going to check the subnet mask, which in this case can be GREATER THAN OR EQUAL TO 25 bits - meaning that as long as the first 24 bits of the network match the subnet mask could be 25,26,27,28,29,30,31,or 32 bits. They would all match.
Ex: "172.16.8.0/24 le 28" Again this will check the first 24 bits of the network to make sure that they match. Then it will check to make sure that the subnet mask is LESS THAN OR EQUAL TO 28 bits. Now this isn't going to be 28 bits down to 0 bits, the subnet mask can't be any lower than the bits we are checking. So the valid range of subnet masks for this one would be 28 bits down to 24 bits (24,25,26,27,and 28). All of those would match.
Ex: "172.16.8.0/24 ge 25 le 27" here we are checking the first 24 bits to make sure they exactly match. Then our subnet mask must be GREATER THAN OR EQUAL TO 25 bits LESS THAN OR EQUAL TO 27 bits. Meaning that 25,26,and 27 bit subnet masks would match.).
Ex: "0.0.0.0/0 ge 24 le 24" any route with /24 subnet mask.
Ex: "0.0.0.0/0 le 32" any route with a subnet mask from 0 to 32 = any route.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...