Dynamic Routing Prefix Lists¶
Prefix List entries determine parts of networks which can be allowed or denied in specific contexts used in routing daemons. For example, a prefix list may be used to match specific routes in a route map.
The order of entries inside prefix lists is important, and this order is determined by a sequence number.
Prefix List Configuration¶
To create a new prefix list, use the
route dynamic prefix-list <name>
command, which enters
tnsr(config)# route dynamic prefix-list mypl tnsr(config-prefix-list)#
config-prefix-list mode contains the following commands:
- description <text>
A text comment to describe this prefix list.
- sequence <sequence-number> (permit|deny) <prefix> [ge <lower-bound>] [le <upper-bound>]
Creates a new rule with the specified sequence number to
denya given prefix. This may optionally be bound by an upper or lower prefix size limit. When no upper or lower bound is set, the prefix will be matched only exactly as given. Setting bounds allows a prefix list to also match more specific routes which are a part of the specified network.
- sequence <sequence-number>
The sequence number for this rule, which controls the order in which rules are matched inside this prefix list. Each rule in a prefix list must have a unique sequence number. Best practice is to leave gaps in the sequence to allow for adding rules in the future. For example, use
30, rather than
The action to take for this rule, either
The IP prefix to match for this rule, given in network/prefix notation. For example,
- ge <lower-bound>
Sets a lower bound for the prefix length. This must be greater than the prefix length given in
<prefix>, and less than or equal to the value of
le <upper-bound>, if present.
- le <upper-bound>
Sets an upper bound for the prefix length. This must be greater than the prefix length given in
<prefix>, and greater than or equal to the value of
ge <upper-bound>, if present.
Prefix List Examples¶
For example, the following prefix list will match any of the RFC1918 networks:
tnsr(config)# route dynamic prefix-list RFC1918 tnsr(config-prefix-list)# description List of RFC1918 private address space tnsr(config-prefix-list)# sequence 10 permit 10.0.0.0/8 le 32 tnsr(config-prefix-list)# sequence 20 permit 172.16.0.0/12 le 32 tnsr(config-prefix-list)# sequence 30 permit 192.168.0.0/16 le 32
For each of these entries, the prefix list will match based on the bits
specified in the prefix. A match will occur for any network included in the
specified range. For example,
10.0.0.0/8 le 32 means a route for any smaller
10.0.0.0/8 will also match, so long as the prefix length is
10.2.0.0/16 will also match this entry, as will
10.34.157.82/32. Taken as a whole, this prefix list will match not only the
list of RFC1918 networks exactly, but any smaller network wholly contained
As another example, consider this rule instead:
tnsr(config-prefix-list)# sequence 10 deny 10.0.0.0/8 ge 24 le 32
This matches routes for networks inside of
10.0.0.0/8 with a prefix length
greater than or equal to
24 but less than or equal to
32. Meaning it
will not match larger networks such as
10.2.0.0/16 but it will match
more specific networks such as
10.2.56.128/29 anywhere inside the
10.0.0.0/8 address space. This type of rule can be used to exclude small
prefixes from being matched by a route map, for example.
Prefix lists are then used in another context, such as with a route map, to match routes any of the specified networks when taking other actions.
Prefix List Status¶
To view prefix lists, use the
show route dynamic prefix-list [name] command.
Add the name of a prefix list to restrict the output to a single prefix list.
tnsr(config)# show route dynamic prefix-list Prefix Name: RFC1918 Description: List of RFC1918 private address space Seq Action Prefix LE Len GE Len --- ------ -------------- ------ ------ 10 permit 10.0.0.0/8 32 20 permit 172.16.0.0/12 32 30 permit 192.168.0.0/16 32 Prefix Name: mypl Description: Seq Action Prefix LE Len GE Len --- ------ -------------- ------ ------ 10 deny 192.168.0.0/16