prefix-list question

crrimsoncrrimson MemberMember Posts: 36 ■■□□□□□□□□
I've been racking by brain on this, and I think the way I'm thinking about this problem is causing me to make prefix-lists seem harder than they should be.

Can you do this?
Block ranges 10.17.80.0 - 10.17.255.255 with a single prefix-list statement?

C 10.17.0.0/19 is directly connected, Loopback5
C 10.17.32.0/20 is directly connected, Loopback1
C 10.17.80.0/20 is directly connected, Loopback3
C 10.17.64.0/20 is directly connected, Loopback2
C 10.17.96.0/20 is directly connected, Loopback4
C 10.17.128.0/17 is directly connected, Loopback6

Thanks

Comments

  • poguepogue Senior Member Member Posts: 213
    Hmmm...

    Look at the first few bits of the 3rd octet.. That is the first part the prefix list matches on..

    If you match on 17 bits, it covers range of either 0-127, or 128-255.

    If you match on 18 bits.. You have to pick a range of 0-63, 64-127, 128-191, 192-255.

    Etc, etc..etc..

    I think the closest you can get is using ip prefix-list mindbender seq 5 deny 10.17.64.0/18 ge 20. If I am right, (remember, I am still studying for the CCNP ROUTE) this covers 10.17.64.0/20 -10.17.96.0/20 out of the list above, but not 10.17.128.0/20, as this network requires one to change the third octet first two bits to 10, instead of 01.

    Again, I think this is correct.. If I am proven wrong, I will edit my post and defer to the experts.

    By the way..Why do you have to do it with one line instead of multiple?

    Russ

    Using this math, any of the above networks that has a 01xxxxxx in the third octet will be filtered.
    Currently working on: CCNA:Security
    Up next: CCNA:Voice
  • crrimsoncrrimson Member Member Posts: 36 ■■□□□□□□□□
    Thanks for the reply. I guess I was not really thinking about this correctly, and thought you could filter multiple subnets ranges ignoring the subnetted boundaries. I also tried by using an ACL filtering and I had thought it would filter all networks between

    10.17.80.0 - 10.17.255.255

    ip access list standard 1
    deny 10.17.80.0 0.0.175.255
    permit any

    Instead it only filtered the 10.17.80.0/20 network from being distributed.

    As to why? As I was reading along in the book, I decided to make up an arbitrary exercise and then do it in GNS3. Turned out to be way more frustrating than I had planned!
Sign In or Register to comment.