11-17-2005 09:13 AM - edited 03-03-2019 11:00 AM
Hi,
Can prefix-list ISP-IN deny 128.0.0.0/2 ge 17 actually block the entire Class B addresses when applied on a BGP neighbor..
11-17-2005 10:48 AM
No. If you want to filter the 128.0.0.0/16 net, then the following prefix list is what you need.
ip prefix-list ISP-IN deny 128.0.0.0/16 le 17
This prefix list precisely matches the class B net and subnets of same class B aren't matched.
HTH,
Sundar
11-17-2005 11:08 AM
Hi,
I shall be more specific in my query now.
Lets say I want to deny the entire class B network i.e. 128.0.0.0 -191.255.255.255 will the ip prefix-list ISP-IN deny 128.0.0.0/2 ge 17 work ??
Tx/Rgs
K Gupta
11-17-2005 12:36 PM
The answer is yes, assuming you want to accept the /16 and reject any more specific prefixes.
Hope this helps,
11-21-2005 10:59 AM
Hi,
I tried to figure the prefix-list out but somehow not able to understand how 128.0.0.0/2 can cover till the 191.0.0.0 network ..Gr8 help if u help me uncover the trick
regs
Kas
11-21-2005 01:35 PM
128.0.0.0/2 means that the first and second bits have to be 1 and 0 respectively. Anything in the range of 128.0.0.0 (0x10000000) to 191.255.255.255 ( 0xbfffffff) will match.
let me know if it helps,
11-21-2005 01:36 PM
Let's take a look.
128.0.0.0/2 transalates to binary value of 10000000 and the subnet mask of 2 bits transalates to 11000000.
The first 2 bits have to be always 10 (or 128 only)and cannot change and the 6 later bits (don't care bits) can be 1 or 0. If all 6 later bits are on, i.e 10111111 - IP is 191. Hence, all IP addresses in the range of 128-191 falls within this range.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide