cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1645
Views
10
Helpful
5
Replies

Prefix List

Hello there,

 

What is the difference between those commands?

and I'm not asking about the deny or permit actions

10 deny 172.18.30.154/16 ge 25

10 permit 172.20.10.171/16 le 24

5 Replies 5

Richard Burts
Hall of Fame
Hall of Fame

There are several parts to the commands in the prefix list. I assume that your question is mostly about the ge and le and will explain them. If the question is really about something else please clarify and I will try again.

ge stands for greater or equal. ge 25 means that a prefix with length of 25, or 26, or greater will be a match but a prefix with length of 24 or less would not be a match.

le stands for less or equal. le 24 means that a prefix with length of 24, or 23, or less will be a match but a prefix with length of 25 or greater would not be a match.

HTH

Rick

Thanks Richard.

 

But what I meant by my question is the meaning of the range ( 16 ge 25 ) or ( 16 le 24)

As I understand, 16 ge 25 means greater than or equal 16 to 25, but what about 16 le 24? Does it mean from 16 but less than or equal 24?

 

BR,

 

Ahmed 

balaji.bandi
Hall of Fame
Hall of Fame

This always confuses me too but once you look closely you will be able to figure it out easily

 

ge (GREATER than or EQUAL to) and le (LESS than or EQUAL  to) 

 

10 deny 172.18.30.154/16 ge 25   - <<-----  /25  or higher will be denied here.

 

10 permit 172.20.10.171/16 le 24  << /24 or less allowed here.   (check the Line numbers - if not it will override others)

 

Note this input is based on only information provided on a post here in this thread.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help


@AhmedElHiramy0999 wrote:

Hello there,

 

What is the difference between those commands?

and I'm not asking about the deny or permit actions

10 deny 172.18.30.154/16 ge 25  <-- deny any networks 172.18.x.x greater than /25

10 permit 172.20.10.171/16 le 24 <-- permit any networks 172.20.x.x less than /24


 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Ahmed 

I tried to explain the meaning of the range, but apparently was not in a way that you understood. So let me try a different way of explaining. A prefix list might identify a single prefix, or it might identify a group of subnets, or it might identify a group of networks. To do this the statements in a prefix list have several elements:

- the prefix statement specifies a prefix such as 172.18.30.154 and this specifies a network prefix to be processed to see if it is a match.

- then the prefix statement specifies a length which identifies how many bits in the specified prefix must be examined and must match such as 172.18.30.154/16 in this case it specifies that only the first 16 bits are significant (in this case the content of the third and fourth octet are not significant - only the first and second octet must match. So in this case anything with 172.18 is what must match. But it is not necessarily true that any prefix that starts with 172.18 will be a match.

- then the prefix statement might specify a range. Specifying a range means that prefixes with different subnet masks could be a match such as 172.18.30.154/16 ge 25. In this case the range is ge 25. ge stands for greater than or equal. So in this case any prefix that starts with 172.18 and has a prefix length of 25 or more (/25,/26, /27, etc) will be a match but any prefix that starts with 172.18 and has a prefix length of less than /25 (/24, /23, /22, etc) will not be a match.

In your follow up post you say "As I understand, 16 ge 25 means greater than or equal 16 to 25". This is not correct. The number 16 is not part of the range but is the thing that defines how much of the prefix must match. In this case ge 25 means that the range is 25 through 32. You also asked " what about 16 le 24? Does it mean from 16 but less than or equal 24?". In this case le 24 it means that the range is 0 through 24. 

 

HTH

Rick
Review Cisco Networking for a $25 gift card