ip prefix-list

I had to look at prefix-lists again a bit more in detail and how matching is done.

There are several key words that need to be understood for mathing the right addresses.

At first the most simple match is the:

ip prefix-list PRE_20 permit

which does just match for the first 24 bit in the address and nothing else.

If in case you have to match more addresses, maybe a range from subnets with a specific prefix, you can match it with „ge“ or „le“.

„ge“ means greater or equal

„le“ means less or equal

So if you want to match the following subnets:

You could create an prefix list with the following match:

ip prefix-list PRE_20 permit ge 16 le 16

This means, that first the matching is done one the subnet that is the same for all subnets:, that can include and

Here we already summarized the best match for both addresses. So this part is the same for all addresses. Then, since we don’t want to match the or the, we have to tell the prefix list, how to extend the variable match for addresse, that should be included in the match.

Se we want specially matches greater or equal /16 and maximal /16.

That means:

ip prefix-list PRE_20 permit ge 16 le 16

If we want to include for example only:

ip prefix-list PRE_22 permit ge 24 le 24

Another example would be to match a range of subnets with „le“

ip prefix-list le 18

Would match:

Where the 20.0. prefix must be in all network ranges at a minimum and every address with a maximum of /18 would match if 20.0. is in the prefix.

Leave a Reply