Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Reg: Prefix List

Hi Guys,

What does the following prefix-list mean. Does it mean permit a default route to the neighbour (i mean send a default to the neighbour)

ip prefix-list BGP-to-Telstra seq 10 permit 0.0.0.0/0

And also what does the following mean. specially the ie 32:

ip prefix-list BGP-from-Telstra seq 5 permit 10.0.0.0/8 le 32

Tks

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Reg: Prefix List

The first line matches (in theory) only the default route. Although it could also match any route with a 0 subnet mask, but in practice this doesn't come up.

ip prefix-list BGP-from-Telstra seq 5 permit 10.0.0.0/8 le 32

The second line matches any route in 10.0.0/8. The le 32 means less than or equal to 32 bit subnet mask. In practice this will match every subnet in 10.0.0.0/8 no matter how it is subnetted.

This looks like a pretty standard enterprise MPLS access list to me, it says:

Allow the default route

Allow the enterprise routes in the 10.0.0.0/8 network.

Regards,

R.

3 REPLIES
Bronze

Re: Reg: Prefix List

The first line matches (in theory) only the default route. Although it could also match any route with a 0 subnet mask, but in practice this doesn't come up.

ip prefix-list BGP-from-Telstra seq 5 permit 10.0.0.0/8 le 32

The second line matches any route in 10.0.0/8. The le 32 means less than or equal to 32 bit subnet mask. In practice this will match every subnet in 10.0.0.0/8 no matter how it is subnetted.

This looks like a pretty standard enterprise MPLS access list to me, it says:

Allow the default route

Allow the enterprise routes in the 10.0.0.0/8 network.

Regards,

R.

Community Member

Re: Reg: Prefix List

so what is matched by

ip prefix-list BGP-from-Telstra seq 5 permit 0.0.0.0/32

and

ip prefix-list BGP-from-Telstra seq 5 permit 0.0.0.0/0 le 32

Bronze

Re: Reg: Prefix List

The first one (/32) probably doesn't match anything. Have you ever seen the route "0.0.0.0" with subnet mask "255.255.255.255"? If you do, it's probably being spoofed.

The second one:

ip prefix-list BGP-from-Telstra seq 5 permit 0.0.0.0/0 le 32

That permits every route of every prefix length.

Regards,

Ryan

542
Views
5
Helpful
3
Replies
CreatePlease to create content