06-12-2007 04:13 AM - edited 03-05-2019 04:38 PM
hi every1, plz some 1 solve this problem
suppose i have 10 contigiuous networks connected on my routers loopback interfaces
10.1.0.1/16
10.2.0.1/16
10.3.0.1/16
10.4.0.1/16
10.5.0.1/16
10.6.0.1/16
10.7.0.1/16
10.8.0.1/16
10.9.0.1/16
10.10.0.1/16
now i want to advertise only network 10.1.0.0 - 10.4.0.0/16 using prefix list, can some 1 tell me is it possible like i know how to do it in access-list but not getting it in prefix, plz tell me wat will be the prefix list for this???
06-12-2007 04:33 AM
You can certainly do this with prefix-lists. The prefix-list to cover 10.1.0.0/16 - 10.4.0.0/16 would be as follow:
ip prefix-list test seq 5 permit 10.1.0.0/16
ip prefix-list test seq 10 permit 10.2.0.0/15
ip prefix-list test seq 15 permit 10.4.0.0/16
It would have been easier to aggregate 10.0.0.0/16 - 10.3.0.0, which is aggregatable with the following statement.
ip prefix-list test seq 5 permit 10.0.0.0/14
Hope this helps,
06-12-2007 04:38 AM
Oops,
I forgot. It should look like this:
ip prefix-list test seq 5 permit 10.1.0.0/16
ip prefix-list test seq 10 permit 10.2.0.0/15 le 16
ip prefix-list test seq 15 permit 10.4.0.0/16
And also for the second example:
ip prefix-list test seq 5 permit 10.0.0.0/14 le 16
Hope this helps,
06-01-2017 07:41 PM
Hi ,
I have a router which is learning route 10.227.0.0/24 via BGP
sh ip route | i 10.227
B 10.227.0.0/24 [20/0] via 192.168.155.241, 1w2d
B 10.227.2.0/24 [20/0] via 192.168.155.241, 1w2d
B 10.227.3.0/24 [20/0] via 192.168.155.241, 1w2d
B 10.227.4.0/24 [20/0] via 192.168.155.241, 1w2d
B 10.227.5.0/24 [20/0] via 192.168.155.241, 19:20:57
B 10.227.6.0/24 [20/0] via 192.168.155.241, 1w2d
B 10.227.7.0/24 [20/0] via 192.168.155.241, 2d02h
B 10.227.8.0/24 [20/0] via 192.168.155.241, 1w2d
B 10.227.9.0/24 [20/0] via 192.168.155.241, 1w2d
But when I am trying to redistribute 10.227.0.0/16 from BGP to ospf it doesn't work
ip prefix list WAN-ROUTES seq 450 permit 10.227.0.0/16
sh ip ospf database | I 10.227
whereas when I check other prefixes it gets redistributed
Please help me out with this issue
Thanks,
Prabhu
06-01-2017 08:34 PM
The issue is with your prefix list. Since you specified /16 so it will only match a prefix with the length of /16 but there is no bgp route/prefix with a subnet mask of /16 but /24, therefore it's not working. Also make sure there is no prefix list above seq 450 that would deny it.
This is what you need:
ip prefix-list WAN-ROUTES seq 450 permit 10.227.0.0/16 le 24
I labbed it in gns3 and it worked fine.
B 10.227.0.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.2.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.3.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.4.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.5.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.6.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.7.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.8.0/24 [20/0] via 10.10.10.1, 00:11:12
B 10.227.9.0/24 [20/0] via 10.10.10.1, 00:11:12
12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
06-01-2017 08:57 PM
Hi ,
Thanks for your reply, but if you add the statement
ip prefix-list WAN-ROUTES seq 450 permit 10.227.0.0/16 le 24
can you please tell me what is the sh ip route output
since I need 10.227.0.0/16 to be present when I run sh ip route cmd
but I feel it will be 10.227.0.0/24 if the above prefix list is added
Regards,
Prabhu
06-01-2017 09:06 PM
Hi ,
I have tried the prefix list stated by you
ip prefix-list WAN-ROUTES seq 450 permit 10.227.0.0/16 le 24
but still show ip route is showing route for 10.227.0.0/24 and not for 10.227.0.0/16
sh ip route | i 10.227.0.0
B 10.227.0.0/24 [20/0] via 192.168.155.241, 1w2d
sh ip route 10.227.0.0
Routing entry for 10.227.0.0/24
Known via "bgp 64610", distance 20, metric 0
Tag 2856, type external
Redistributing via ospf 100
Advertised by ospf 100 metric-type 1 subnets route-map BGP-TO-OSPF
Last update from 192.168.155.241 1w2d ago
Routing Descriptor Blocks:
* 192.168.155.241, from 192.168.155.241, 1w2d ago
Route metric is 0, traffic share count is 1
AS Hops 2
Route tag 2856
MPLS label: none
sh ip ospf database | i 10.227
10.227.0.0 172.30.248.250 57 0x80000001 0x004F05 2856
10.227.2.0 172.30.248.250 57 0x80000001 0x003919 2856
10.227.3.0 172.30.248.250 57 0x80000001 0x002E23 2856
10.227.4.0 172.30.248.250 57 0x80000001 0x00232D 2856
10.227.5.0 172.30.248.250 57 0x80000001 0x001837 2856
10.227.6.0 172.30.248.250 57 0x80000001 0x000D41 2856
10.227.7.0 172.30.248.250 57 0x80000001 0x00024B 2856
10.227.8.0 172.30.248.250 57 0x80000001 0x00F655 2856
10.227.9.0 172.30.248.250 57 0x80000001 0x00EB5F 2856
10.227.10.0 172.30.248.250 57 0x80000001 0x00E069 2856
10.227.11.0 172.30.248.250 57 0x80000001 0x00D573 2856
10.227.12.0 172.30.248.250 57 0x80000001 0x00CA7D 2856
10.227.13.0 172.30.248.250 57 0x80000001 0x00BF87 2856
10.227.14.0 172.30.248.250 57 0x80000001 0x00B491 2856
10.227.15.0 172.30.248.250 57 0x80000001 0x00A99B 2856
10.227.16.0 172.30.248.250 57 0x80000001 0x009EA5 2856
10.227.17.0 172.30.248.250 57 0x80000001 0x0093AF 2856
10.227.18.0 172.30.248.250 57 0x80000001 0x0088B9 2856
10.227.19.0 172.30.248.250 57 0x80000001 0x007DC3 2856
10.227.20.0 172.30.248.250 57 0x80000001 0x0072CD 2856
10.227.21.0 172.30.248.250 57 0x80000001 0x0067D7 2856
10.227.22.0 172.30.248.250 57 0x80000001 0x005CE1 2856
10.227.23.0 172.30.248.250 57 0x80000001 0x0051EB 2856
10.227.24.0 172.30.248.250 57 0x80000001 0x0046F5 2856
10.227.29.0 172.30.248.250 59 0x80000001 0x000F28 2856
10.227.30.0 172.30.248.250 59 0x80000001 0x000432 2856
10.227.31.0 172.30.248.250 59 0x80000001 0x00F83C 2856
10.227.32.0 172.30.248.250 59 0x80000001 0x00ED46 2856
10.227.33.0 172.30.248.250 59 0x80000001 0x00E250 2856
10.227.34.0 172.30.248.250 59 0x80000001 0x00D75A 2856
10.227.35.0 172.30.248.250 59 0x80000001 0x00CC64 2856
10.227.36.0 172.30.248.250 59 0x80000001 0x00C16E 2856
10.227.37.0 172.30.248.250 59 0x80000001 0x00B678 2856
10.227.38.0 172.30.248.250 59 0x80000001 0x00AB82 2856
10.227.39.0 172.30.248.250 59 0x80000001 0x00A08C 2856
10.227.40.0 172.30.248.250 59 0x80000001 0x009596 2856
10.227.41.0 172.30.248.250 59 0x80000001 0x008AA0 2856
10.227.44.0 172.30.248.250 59 0x80000001 0x0069BE 2856
10.227.47.0 172.30.248.250 59 0x80000001 0x0048DC 2856
10.227.48.0 172.30.248.250 59 0x80000001 0x003DE6 2856
10.227.49.0 172.30.248.250 59 0x80000001 0x0032F0 2856
10.227.50.0 172.30.248.250 59 0x80000001 0x0027FA 2856
10.227.51.0 172.30.248.250 59 0x80000001 0x001C05 2856
10.227.52.0 172.30.248.250 59 0x80000001 0x00110F 2856
10.227.54.0 172.30.248.250 59 0x80000001 0x00FA23 2856
10.227.56.0 172.30.248.250 59 0x80000001 0x00E437 2856
10.227.60.0 172.30.248.250 59 0x80000001 0x00B85F 2856
10.227.62.0 172.30.248.250 59 0x80000001 0x00A273 2856
10.227.63.0 172.30.248.250 59 0x80000001 0x00977D 2856
10.227.64.0 172.30.248.250 59 0x80000001 0x008C87 2856
10.227.65.0 172.30.248.250 59 0x80000001 0x008191 2856
10.227.66.0 172.30.248.250 59 0x80000001 0x00769B 2856
10.227.67.0 172.30.248.250 59 0x80000001 0x006BA5 2856
10.227.69.0 172.30.248.250 59 0x80000001 0x0055B9 2856
10.227.70.0 172.30.248.250 59 0x80000001 0x004AC3 2856
10.227.71.0 172.30.248.250 59 0x80000001 0x003FCD 2856
10.227.72.0 172.30.248.250 59 0x80000001 0x0034D7 2856
10.227.74.0 172.30.248.250 59 0x80000001 0x001EEB 2856
10.227.76.0 172.30.248.250 59 0x80000001 0x0008FF 2856
10.227.78.0 172.30.248.250 59 0x80000001 0x00F114 2856
10.227.79.0 172.30.248.250 59 0x80000001 0x00E61E 2856
10.227.80.0 172.30.248.250 59 0x80000001 0x00DB28 2856
10.227.81.0 172.30.248.250 59 0x80000001 0x00D032 2856
10.227.82.0 172.30.248.250 59 0x80000001 0x00C53C 2856
10.227.84.0 172.30.248.250 59 0x80000001 0x00AF50 2856
10.227.86.0 172.30.248.250 59 0x80000001 0x009964 2856
10.227.87.0 172.30.248.250 59 0x80000001 0x008E6E 2856
10.227.88.0 172.30.248.250 59 0x80000001 0x008378 2856
10.227.89.0 172.30.248.250 59 0x80000001 0x007882 2856
10.227.91.0 172.30.248.250 59 0x80000001 0x006296 2856
10.227.92.0 172.30.248.250 59 0x80000001 0x0057A0 2856
10.227.93.0 172.30.248.250 59 0x80000001 0x004CAA 2856
10.227.94.0 172.30.248.250 59 0x80000001 0x0041B4 2856
10.227.95.0 172.30.248.250 59 0x80000001 0x0036BE 2856
10.227.96.0 172.30.248.250 59 0x80000001 0x001CDA 2856
10.227.96.255 172.30.248.250 59 0x80000001 0x002BC8 2856
10.227.102.0 172.30.248.250 59 0x80000001 0x00E805 2856
10.227.103.0 172.30.248.250 59 0x80000001 0x00DD0F 2856
10.227.104.0 172.30.248.250 59 0x80000001 0x00D219 2856
10.227.105.0 172.30.248.250 59 0x80000001 0x00C723 2856
10.227.106.0 172.30.248.250 59 0x80000001 0x00BC2D 2856
10.227.115.0 172.30.248.250 59 0x80000001 0x005987 2856
10.227.116.0 172.30.248.250 59 0x80000001 0x004E91 2856
10.227.117.0 172.30.248.250 59 0x80000001 0x00439B 2856
10.227.118.0 172.30.248.250 59 0x80000001 0x0038A5 2856
10.227.119.0 172.30.248.250 59 0x80000001 0x002DAF 2856
10.227.120.0 172.30.248.250 59 0x80000001 0x0022B9 2856
10.227.121.0 172.30.248.250 59 0x80000001 0x0017C3 2856
10.227.123.0 172.30.248.250 59 0x80000001 0x0001D7 2856
10.227.136.0 172.30.248.250 59 0x80000001 0x00715A 2856
10.227.140.0 172.30.248.250 59 0x80000001 0x004582 2856
10.227.143.0 172.30.248.250 59 0x80000001 0x0024A0 2856
10.227.145.0 172.30.248.250 59 0x80000001 0x000EB4 2856
10.227.146.0 172.30.248.250 60 0x80000001 0x0003BE 2856
10.227.148.0 172.30.248.250 60 0x80000001 0x00ECD2 2856
Regards,
Prabhu
06-01-2017 09:29 PM
Prefix list is matching the bgp routes in the local rib and route-map used by OSPF for redistribution is calling the prefix-list. You can use a standard access-list and result will be the same.
ip access-list standard test
permit 10.227.0.0 0.0.255.255
* I am not sure how you can aggregate bgp routes in current scenario using a prefix list or access-list unless you advertise an aggregate address from the upstream bgp router or create a static route for 10.227.0.0/16 and redistribute it into ospf.
06-01-2017 09:37 PM
06-01-2017 11:52 PM
Hi ,
I thinkg you are right
in this case the upstream router advertises 10.227.0.0/24
sh ip bgp | i 10.227.0
*> 10.227.0.0/24 192.168.155.241
whereas prefix list created as below
ip prefix-list WAN-routes seq 450 permit 10.227.0.0/16 le 24
so /16 is not there in BGP table whereas /24 is present in bgp table hence even after applying above prefix list still we are getting route for /24 and not /16
sh ip route 10.227.0.0
Routing entry for 10.227.0.0/24
Known via "bgp 64610", distance 20, metric 0
Tag 2856, type external
Redistributing via ospf 100
Advertised by ospf 100 metric-type 1 subnets route-map BGP-TO-OSPF
Last update from 192.168.155.241 1w2d ago
Routing Descriptor Blocks:
* 192.168.155.241, from 192.168.155.241, 1w2d ago
Route metric is 0, traffic share count is 1
AS Hops 2
Route tag 2856
MPLS label: none
Hence I should make upstream router to advertise /16 instead of /24 - am I right ?
Regards,
Prabhu
06-02-2017 02:32 AM
Correct. That's what I can think of.
upstream bgp router:
aggregate-address 10.227.0.0 255.255.0.0 summary-only
* with this command only /16 would be advertised, if you remove summariy-only then aggregate address would be advertised in addition to more specified routes.
06-01-2017 08:59 PM
Forgot to add the command for redistribution under the ospf process:
redistribute bgp AS subnets route-map WAN-ROUTES
* You may already have it configured the right way, but I just wanted to add it to make sure that all pieces are covered.
06-12-2007 04:42 AM
thanks for the reply but i didnt understand any of u, plz i m not an expert just started prefix list, i understand the ge and le and seq and all but i didnt understand how to specify the range of ip addres that i need to block ( or allow ), can u explain that by keeping my example, can i specify my range ( i.e. from 10.1.0.0 - 10.4.0.0 ) in a single prefix statement ?? i m really confused here plz explain to me how can i do it?
still thanks for ur feedback but i didnt get it really
06-12-2007 04:54 AM
Shaila,
You couldn't permit 10.1.0.0/16 - 10.4.0.0/16 in a single statement without also including other prefixes since these prefixes do not fall on a common boundary.
The first portion of the prefix-list is key in this exercise.
for instance
10.0.0.0/14 le 16 ge 16
would include 10.0.0.0/16 - 10.3.0.0/16
10.0.0.0/13 le 16 ge 16
would include 10.0.0.0/16 - 10.7.0.0/16
10.0.0.0/12 le 16 ge 16
would include 10.0.0.0/16 - 10.15.0.0/16
Let me know if this makes sense to you,
06-12-2007 04:34 AM
Hi ,
You can use the following command for advertising 10.1.0.0 anc 10.4.0.0 /16 netwrks.
ip prefix-list XXX ser 5 permit 10.1.0.0/16
ip prefix-list YYY seq 10 permit 10.4.0.0/16.
Details - Prefix-list:
To create a prefix list or add a prefix-list entry, use the ip prefix-list command in global configuration mode. To delete a prefix-list entry, use the no form of this command.
ip prefix-list {list-name | list-number} [seq number] {deny network/length | permit network/length} [ge ge-length] [le le-length]
The ip prefix-list command is used to configure IP prefix filtering. Prefix lists are configured with permit or deny keywords to either permit or deny the prefix based on the matching condition. A prefix list consists of an IP address and a bit mask. The IP address can be a classful network, a subnet, or a single host route. The bit mask is entered as a number from 1 to 32. An implicit deny is applied to traffic that does not match any prefix-list entry.
Prefix lists are configured to match an exact prefix length or a prefix range. The ge and le keywords are used to specify a range of the prefix lengths to match, providing more flexible configuration than can be configured with just the network/length argument. The prefix list is processed using an exact match when neither the ge nor le keyword is entered. If only the ge value is entered, the range is the value entered for the ge ge-length argument to a full 32-bit length. If only the le value is entered, the range is from value entered for the network/length argument to the le le-length argument. If both the ge ge-length and le le-length keywords and arguments are entered, the range falls between the values used for the ge-length and le-length arguments. The following formula shows this behavior:
network/length < ge ge-length < le le-length <= 32
A prefix list is configured with a name and/or sequence number. One or the other must be entered when configuring this command. If a sequence number is not entered, a default sequence number of 5 is applied to the prefix list, and subsequent prefix list entries will be increment by 5 (for example, 5, 10, 15, and onwards). If a sequence number is entered for the first prefix list entry but not subsequent entries, then the subsequent entries will also be incremented by 5 (For example, if the first configured sequence number is 3, then subsequent entries will be 8, 13, 18, and onwards). Default sequence numbers can be suppressed by entering the no form of this command with the seq keyword.
Prefix lists are evaluated starting with the lowest sequence number. The longest most specific prefix is matched. The first successful match is processed for a given prefix. Once a match occurs, the permit or deny statement is processed, and the rest of the list is not evaluated.
--------------------------------------------------------------------------------
Tip For best performance, the most frequently processed prefix list statements should be configured with the lowest sequence numbers. The seq number keyword and argument can be used for resequencing.
--------------------------------------------------------------------------------
The prefix list is applied to inbound or outbound updates for specific peer by entering the neighbor prefix-list command. Prefix list information and counters are displayed in the output of the show ip prefix-list command. Prefix-list counters can be reset by entering the clear ip prefix-list command.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide