Prefix List entries determine parts of networks which can be allowed or denied in specific contexts used in routing daemons. For example, a prefix list may be used to match specific routes in a route map.
Prefix lists are managed on the Prefix Lists tab under Services > FRR Global/Zebra.
Prefix List Configuration¶
To create a new prefix list, click Add from the Prefix Lists tab.
The top section of the page sets data about the prefix list itself:
- IP Type
The IP version to match using this access list, either
The name of this prefix list, which will be visible in drop-down lists throughout FRR where prefix lists can be selected.
A text comment to describe this prefix list.
Prefix List Entries¶
The Prefix list entries list contains rules which govern the behavior of the list. A prefix list can have multiple rules. To add more entries to the list, click Add.
The order of entries inside prefix lists is important, and this order is determined by a sequence number.
Each rule in a prefix list must have a unique sequence number. Best practice is to leave gaps in the sequence to allow for adding rules in the future. For example, use
30, rather than
The order of rules displayed in the GUI may be different than the order set by the sequence numbers. The sequence number order is the true order in which rules are evaluated.
The action to take for this rule, either
The network prefix to match. This may optionally be bound by Minimum Prefix (lower bound) or Maximum Prefix (upper bound) size limit. When no upper or lower bound is set, the prefix will be matched only exactly as given. Setting bounds allows a prefix list to also match more specific routes which are a contained within the given prefix.
When set, matches any prefix.
- Minimum Prefix
Also known as
ge. Sets a lower bound for the prefix length. This must be greater than the prefix length given in Network, and less than or equal to the value of Maximum Prefix, if present.
- Maximum Prefix
Also known as
le. Sets an upper bound for the prefix length. This must be greater than the prefix length given in Network, and greater than or equal to the value of Minimum Prefix, if present.
Prefix List Examples¶
For example, the following prefix list will match any of the RFC1918 networks:
Sequence: 10, Action: Permit, Network:
10.0.0.0/8, Maximum Prefix:
Sequence: 20, Action: Permit, Network:
172.16.0.0/12, Maximum Prefix:
Sequence: 30, Action: Permit, Network:
192.168.0.0/16, Maximum Prefix:
For each of these entries, the prefix list will match based on the bits
specified in the prefix. A match will occur for any network included in the
specified range. For example,
10.0.0.0/8 with a Maximum Prefix of
means a route for any smaller network inside
10.0.0.0/8 will also match, so
long as the prefix length is less than
10.2.0.0/16 will also
match this entry, as will
10.34.157.82/32. Taken as a whole, this prefix
list will match not only the list of RFC1918 networks exactly, but any smaller
network wholly contained inside.
As another example, consider this rule instead:
Sequence: 10, Action: Deny, Network:
10.0.0.0/8, Minimum Prefix:
24, Maximum Prefix:
This matches routes for networks inside of
10.0.0.0/8 with a prefix length
greater than or equal to
24 but less than or equal to
32. Meaning it
will not match larger networks such as
10.2.0.0/16 but it will match
more specific networks such as
10.2.56.128/29 anywhere inside the
10.0.0.0/8 address space. This type of rule can be used to exclude small
prefixes from being matched by a route map, for example.