Home page logo
/

nanog logo nanog mailing list archives

Re: Question about prefix list
From: Randy <randy_94108 () yahoo com>
Date: Wed, 1 Feb 2012 20:13:38 -0800 (PST)

Ann,
the commas not withstanding, the le/ge operands as applicable to prefix-lists simply mean "less-than or equal-to" or 
greater-than or "equal-to" wrt netmasks in CIDR speak.

In you prefix-list below, the le operand means -
allow following ranges:

/22,/23,/24 deny all else
for the /21
it means allow /21 thru /24

Anything without an operand means an exact-match(permit/deny)

Homework for you:

What do the following do:

1) ip prefix-list foo deny 0.0.0.0/0 le32
2) ip prefix-list foo permit 0.0.0/0 le 32

Understand the above and you will understand how operands work in prefix-lists.
./Randy


--- On Wed, 2/1/12, Ann Kwok <annkwok80 () gmail com> wrote:

From: Ann Kwok <annkwok80 () gmail com>
Subject: Question about prefix list
To: nanog () nanog org
Date: Wednesday, February 1, 2012, 6:32 AM
Hi

I read this prefix list.

Can I know why there is "le 24" after network block in /22
and /21

Why don't have "le 24" after /24?

I also saw another prefix list before. They use "le 32"
instead of  "le 24"

What are their different?

ip prefix-list prefix-filter-as100 seq 10 permit
202,168.136.0/22 le 24
ip prefix-list prefix-filter-as100 seq 20 permit
202,22.92.0/22 le 24
ip prefix-list prefix-filter-as100 seq 30 permit
202,21.148.0/22 le 24
ip prefix-list prefix-filter-as100 seq 40 permit
203,178.88.0/21 le 24
ip prefix-list prefix-filter-as100 seq 50 permit
178.88.74.0/24

Thank you so much



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]