Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8016
Views
8
Helpful
2
Replies

access list vs prefix list

asit1111990
Level 1
Level 1

‎11-24-2016 08:38 AM - edited ‎03-05-2019 07:32 AM

Hello friends,

i was going through pages on internet and i came across a sentence in bgp that in bgp access list are used for traffic filtering and prefix list is used for route filtering . Is this statement correct? If we refer to below two commands:

access-list 10 deny 10.1.0.0 0.0.255.255

ip prefix-list prefiz deny 10.1.0.0/16

these two commands are doing the same things so why use prefix list for route filtering we can use access list for  filtering

Also there is one more statement that  if we have same prefix but different subnet mask access list falls apart and we need to use prefix list

eg:we have two routes coming from same neighbor

28.119.16.0/24 and 28.119.16.0/23

 in this case it is recommended to use prefix list but if i use access list (access-list 1 28.119.16.0 0.0.1.0)

 should it not filter out the /23 route and keep /24 route

Thank you!

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎11-28-2016 07:14 AM

If you found this statement in some document "in bgp access list are used for traffic filtering and prefix list is used for route filtering" then someone needs to edit the document and correct the erroneous statement because in absolute terms it is not correct to say that access list can not filter routes in BGP. It might be more correct to say that in current practice it is more common to use access list to filter traffic and to use prefix list to filter routes. But it is absolutely true that in BGP it is possible to use an extended access list to filter routes. A prefix list is more flexible and in current practice is the preferred method of filtering routes. But an extended access list correctly configured is also able to filter routes in BGP.

In your post you suggest a couple of standard access lists for filtering routes. A standard access list in BGP will not filter routes. 

HTH

Rick

HTH

Rick

asit1111990
Level 1
Level 1
In response to Richard Burts

‎12-06-2016 04:14 PM

Hi Richard,

Thank you for your reply. So basically standard access list can be used for route filtering but generally is not preferred. The statement will be valid for all other protocols except BGP because as you mentioned in bgp standard access list will not filter routers only it will filter traffic. As far as extended access list is concerned it will filter routes in BGP as well as all other protocol.                                                               Sorry if i am badgering you just wanted to clear my concept. :)

 Thanks !

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card