Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IP Prefix-List Question

Hey,

Some clarity..

I want to allow the default into my AS but block everything else..

Would the config be:

ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32

or could we use

seq 5 deny 0.0.0.0/1 le 32

Or both would work..

Please let me know..

MAv

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Blue

Re: IP Prefix-List Question

Mavrick25 wrote:

Hey,

Some clarity..

I want to allow the default into my AS but block everything else..

Would the config be:

ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32

or could we use

seq 5 deny 0.0.0.0/1 le 32

Or both would work..

Please let me know..

MAv

Mav

The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.

Jon

Hall of Fame Super Silver

Re: IP Prefix-List Question

Hello Paolo,

I hope you are well

there is an implicit deny at the end of a prefix-list like in an access-list.

So if you want to accept or send just a default route, you need just the first line as noted by Jon

Jon: the second line is not necessary or also wrong in this way?

I would say it is not necessary.

Edit:

a name has to be given to the prefix-list let's consider this just a mistyping

Hope to help

Giuseppe

2 REPLIES
Hall of Fame Super Blue

Re: IP Prefix-List Question

Mavrick25 wrote:

Hey,

Some clarity..

I want to allow the default into my AS but block everything else..

Would the config be:

ip prefix-list permit seq 5 permi 0.0.0.0/0
ip prefix list deny seq 10 deny 0.0.0.0/0 le 32

or could we use

seq 5 deny 0.0.0.0/1 le 32

Or both would work..

Please let me know..

MAv

Mav

The config would be the first one ie. permit the default-route then deny everything else. The second one of just denying won't work.

Jon

Hall of Fame Super Silver

Re: IP Prefix-List Question

Hello Paolo,

I hope you are well

there is an implicit deny at the end of a prefix-list like in an access-list.

So if you want to accept or send just a default route, you need just the first line as noted by Jon

Jon: the second line is not necessary or also wrong in this way?

I would say it is not necessary.

Edit:

a name has to be given to the prefix-list let's consider this just a mistyping

Hope to help

Giuseppe

669
Views
5
Helpful
2
Replies