Skip to main content

Prefix list




In this scenario I want to filter 192.168.3.x /25 , /26, /27 networks form R1 route update.
I can use access list but I need to set the rules for every network. In prefix list it will easy to filter.

R2(config-router)#do sh ip bgp
BGP table version is 8, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 192.168.1.0      10.10.10.1               0             0 1 i
*> 192.168.2.0      10.10.10.1               0             0 1 i
*> 192.168.3.0/25   10.10.10.1               0             0 1 i
*> 192.168.3.128/26 10.10.10.1               0             0 1 i
*> 192.168.3.192/27 10.10.10.1               0             0 1 i
*> 192.168.4.0/25   10.10.10.1               0             0 1 i
*> 192.168.4.128/26 10.10.10.1               0             0 1 i


When we want to exclude the all of 192.168.3.0 networks, first we need to set the deny rule and permit rule for other networks. If we don't set permit rule all network will be excluded because we need to notice all deny rule is always under the rule.

First we apply the prefix list.

ip prefix-list NEI_1 seq 5 deny 192.168.3.0/24 ge 25 le 27
ip prefix-list NEI_1 seq 10 permit 0.0.0.0/0 le 32

And apply the prefix list to BGP.

router bgp 2
 no synchronization
 bgp router-id 2.2.2.2
 bgp log-neighbor-changes
 neighbor 10.10.10.1 remote-as 1
 neighbor 10.10.10.1 prefix-list NEI_1 in
 no auto-summary

Now we can check BGP network, 192.168.3.0 network is gone.

R2#sh ip bgp

   Network          Next Hop            Metric LocPrf Weight Path
*> 192.168.1.0      10.10.10.1               0             0 1 i
*> 192.168.2.0      10.10.10.1               0             0 1 i
*> 192.168.4.0/25   10.10.10.1               0             0 1 i
*> 192.168.4.128/26 10.10.10.1               0             0 1 i

If we want to set the prefix list 192.168.x.x/16 and filter all /25 network.
we can play the range setup from ge to le. 'ge' for minimum and 'le' for maximum.

ip prefix-list NEI_1 seq 5 deny 192.168.3.0/16 ge 25 le 25

Now all of /25 network have been removed from routing table.

R2#sh ip bgp

   Network          Next Hop            Metric LocPrf Weight Path
*> 192.168.1.0      10.10.10.1               0             0 1 i
*> 192.168.2.0      10.10.10.1               0             0 1 i
*> 192.168.3.128/26 10.10.10.1               0             0 1 i
*> 192.168.3.192/27 10.10.10.1               0             0 1 i
*> 192.168.4.128/26 10.10.10.1               0             0 1 i



R2#sh ip route bgp
     192.168.4.0/26 is subnetted, 1 subnets
B       192.168.4.128 [20/0] via 10.10.10.1, 00:00:57
B    192.168.1.0/24 [20/0] via 10.10.10.1, 00:00:57
B    192.168.2.0/24 [20/0] via 10.10.10.1, 00:00:57
     192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
B       192.168.3.192/27 [20/0] via 10.10.10.1, 00:00:57
B       192.168.3.128/26 [20/0] via 10.10.10.1, 00:00:57


Comments

Post a Comment

Popular posts from this blog

Access-list at SVI

SVI (Switch Virtual Interfaces) We use the SVI for inter vlan routing. In this scenario I will configure the access list with SVI. In this scenario I want to permit vlan 10 network to vlan 50 Server farm. Vlan 10 and vlan 20 can communicate each other. First create vlan and then interface vlan#. Switch(config)#vlan 10 Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.10.254 255.255.255.0 Switch(config)#vlan 20 Switch(config)#interface vlan 20 Switch(config-if)#ip address 192.168.20.254 255.255.255.0 Switch(config)#vlan 50 Switch(config)#interface vlan 50 Switch(config-if)#ip address 192.168.50.254 255.255.255.0 when we finish the vlan interface create make sure the switch port are belong to each vlan. Port to vlan assign configure is Switch(config)#interface g0/1 Switch(config-if)#switchport access vlan 10 Switch(config)#interface g0/2 Switch(config-if)#switchport access vlan 20 Switch(config)#int...
1 comment
Read more

OSPF Stub

The following restrictions apply to stub areas:     You cannot create a virtual link through a stub area.   A stub area cannot contain an AS boundary router.   You cannot configure the backbone as a stub area.   You cannot configure an area as both a stub area and an not-so-stubby area (NSSA). Ref : Juniper.net
Post a Comment
Read more

OSPF Virtual Link

OSPF Virtual Link OSPF virtual link is use for that area far from backbone area 0. At this figure 1.1 area 2 is far from area 0 so area 2 can't reach other area. Figure 1.1 After configure OSPF, neighbor is up but router 2 don't see 3.3.3.0/24 network. R3#sh ip ospf nei Neighbor ID     Pri   State           Dead Time   Address         Interface 2.2.2.2           1   FULL/DR         00:00:39    10.1.2.1        FastEthernet0/0 R2#sh ip route      10.0.0.0/30 is subnetted, 2 subnets C       10.1.2.0 is directly connected, FastEthernet1/0 C       10.1.1.0 is directly connected, FastEthernet0/0 One of OSPF rule all area must connect to area 0.In this cause we can use virtual link at area 1. R2 router ospf 1  router-id 2.2.2.2  log-adjace...
Post a Comment
Read more