cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4808
Views
5
Helpful
2
Replies

Prefix List - Default and Private IPs

Mokhalil82
Level 4
Level 4

Hi

 

I am looking to modify my current prefix list on a router that faces the MPLS. Currently my routing table show all the private and service provider routes. I just want to receive any private routes and a default route but not any of the service provider public routes. 

 

I have come up with the following Inbound prefix list

ip prefix-list PL-TW-IN seq 10 permit 10.0.0.0/8 le 32
ip prefix-list PL-TW-IN seq 15 permit 172.16.0.0/12 le 32
ip prefix-list PL-TW-IN seq 20 permit 192.168.0.0/16 le 32
ip prefix-list PL-TW-IN seq 25 permit 0.0.0.0/0
ip prefix-list PL-TW-IN seq 30 deny 0.0.0.0/0 le 32

 

Will this allow all private addresses and the default route, but block anything else?

1 Accepted Solution

Accepted Solutions

Francesco Molino
VIP Alumni
VIP Alumni
Hi

Your prefix-list is correct and will allow exactly what you want:
- Allow RFC1918 private address
- Allow a default route
- Deny everything else


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni
Hi

Your prefix-list is correct and will allow exactly what you want:
- Allow RFC1918 private address
- Allow a default route
- Deny everything else


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Hey, I know a bit old, but to make it more clear to people learning prefix-lists and route-maps:

To be even more precise, it sort of depends on how you use it:

 

 

ip prefix-list PL permit A
ip prefix-list PL deny B

route-map RM1 permit 10
  match ip address prefix PL
route-map RM1 deny 20

route-map RM2 deny 10
  match ip address prefix PL
route-map RM2 permit 20

 

 

Route-maps RM1 and RM2, obviously, do exactly the opposite. Which basically means the result depends on both prefix-list and route-map order and logic. Seems confusing, but it allows you to do lot of magic if properly used.

 

So in your case you'll achieve desired result only if used in a route-map like this:

route-map RM-TW-IN permit 10
  match ip address prefix PL-TW-IN
route-map RM1 deny 20

Jozef

Review Cisco Networking for a $25 gift card