Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12754
Views
24
Helpful
1
Replies

ACL VS Prefix-list

Go to solution
miracle_david@yahoo.com
Level 1
Level 1

‎06-18-2020 06:28 AM - last edited on ‎01-11-2022 02:48 PM by Community Manager

Hi gentlemen,

What are the differences between these 2 commands & benefits of each over the other one?

What does "route-map" do?

Thanks

1 person had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-18-2020 08:48 AM - last edited on ‎01-11-2022 02:52 PM by Community Manager

Hello miracle_david@yahoo.com ,

"IP access-lists" have different uses:

a) an "IP access-list" either standard or extended can be used to filter user traffic   ( this is not possible with prefix-list)

b) an "IP access-list" can be used in route filtering and matching

 

The prefix-list have been introduced speclfically for route / prefix filtering they allow to match a range of prefixes within an address block this is not easy to implement with an IP extended ACL and not all routing protocols support this use of IP extended ACL.

Example:

ip prefix-list EXAMPLE permit 10.100.0.0/16 ge 20 le 24

 

This means all prefixes within 10.100.0.0/16 with prefix length between 20 and 24 are accepted:

 

10.100.128.0/17 is not a match

10.100.20.0/24 is a match

10.100.21.128/25 is not a match

10.100.0.0/23 is a match


A "route-map" is similar to an if then logic and allows to use match and set action in each "route-map" block/clause.

"Route-maps" are the most flexible way to implement route filtering in route redistribution and in other cases like applied to a "BGP neighbor" for example.

To be noted "route-maps" are also used to implement PBR policy based routing that moves beyond normal destination based routing.

An access-list or a prefix-list can be invoked in a match ip address statement in a "route-map" clause. The prefix list requires the use of the additional keyword prefix to be able to discriminate between named ACLs and prefix-lists.

 

route-map EXAMPLE permit 10

match ip address 101




route-map EXAMPLE permit 20

match ip address prefix EXAMPLE


Hope to help

Giuseppe

 

View solution in original post

1 Reply 1

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-18-2020 08:48 AM - last edited on ‎01-11-2022 02:52 PM by Community Manager

Hello miracle_david@yahoo.com ,

"IP access-lists" have different uses:

a) an "IP access-list" either standard or extended can be used to filter user traffic   ( this is not possible with prefix-list)

b) an "IP access-list" can be used in route filtering and matching

 

The prefix-list have been introduced speclfically for route / prefix filtering they allow to match a range of prefixes within an address block this is not easy to implement with an IP extended ACL and not all routing protocols support this use of IP extended ACL.

Example:

ip prefix-list EXAMPLE permit 10.100.0.0/16 ge 20 le 24

 

This means all prefixes within 10.100.0.0/16 with prefix length between 20 and 24 are accepted:

 

10.100.128.0/17 is not a match

10.100.20.0/24 is a match

10.100.21.128/25 is not a match

10.100.0.0/23 is a match


A "route-map" is similar to an if then logic and allows to use match and set action in each "route-map" block/clause.

"Route-maps" are the most flexible way to implement route filtering in route redistribution and in other cases like applied to a "BGP neighbor" for example.

To be noted "route-maps" are also used to implement PBR policy based routing that moves beyond normal destination based routing.

An access-list or a prefix-list can be invoked in a match ip address statement in a "route-map" clause. The prefix list requires the use of the additional keyword prefix to be able to discriminate between named ACLs and prefix-lists.

 

route-map EXAMPLE permit 10

match ip address 101




route-map EXAMPLE permit 20

match ip address prefix EXAMPLE


Hope to help

Giuseppe

 

Customers Also Viewed These Support Documents