A tiny bit of help needed with IP Prefix list

how do you prevent all /24 subnets in a prefix list?
i tried 0.0.0.0/24 thinking that may work but it didn't.

I also want to know how to prevent all subnets with a /24 to /28 inclusive
I tried seq 5 deny 0.0.0.0/24 le 28 and then a seq 10 permit 0.0.0.0/0 le 32 on the last line. It didn't work.

Please help.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

Nate--IRL--

Maybe something like?

ip prefix-list PRFX deny 10.0.0.0/8 ge 24 le 24

Now that you ask I'm not sure - I'll have to check.

Nate

nomane

Have you tried [FONT=Verdana, Helvetica, sans-serif]0.0.0.0/0 ge 24 le 24?[/FONT]

networker050184

^ That was going to be my suggestion.

wave

How are you applying the prefix-list? Are you using a distribute-list? Route-map?

If you're using a route-map remember that it's the permit and deny statements in the route-map not the prefix-list that control permit/deny.

If you're using a distribute-list, what you had should work. I just tested this:

ip prefix-list TESTER seq 5 deny 0.0.0.0/24 le 28

router eigrp 1
distribute-list prefix TESTER in

networker050184

Are you sure that is working as planned? What you are saying is match anything with the first 24 bits all zeros. If all you have configured is what you have listed it will block all routes.

wave

Yes you're right, it was blocking all routes.

wave

ip prefix-list TESTER seq 5 deny 0.0.0.0/0 ge 24 le 24
ip prefix-list TESTER seq 10 permit 0.0.0.0/0 le 32

MrXpert

nomane wrote: »

Have you tried 0.0.0.0/0 ge 24 le 24?

cool! thanks that sorted it!