Greater flexibility can match on subnet masks

The ip prefix-list configuration command has several benefits compared to using the accesslist command. The intended use of prefix-lists is limited to route filtering, whereas access-lists were initially intended for packet filtering, which was then extended to filter routes.

The prefix-list is internally transformed into a tree structure, with each branching of the tree serving as a test. Cisco IOS software determines a verdict of either "permit" or "deny" much faster this way, compared to sequentially interpreting an access-list.

The configuration command-line interface (CLI) that you use when configuring the ip prefix-list command provides the ability to assign a line number to each line of the prefix-list. The router uses this number to sort the entries in the prefix-list. If the lines are initially assigned line numbers, with some spacing in between them, administrators can insert additional lines at a later time. Individual lines can also be removed without removing the entire list.

Routers match network numbers in a routing update against the prefix-list, using as many bits as indicated. For example, a prefix-list can be specified to be 10.0.0.0/16, which will match 10.0.0.0 routes but not 10.1.0.0 routes.

Optionally, the prefix-list can also specify the size of the subnet mask. In addition, the prefix-list can indicate that the subnet mask must be in a specified range.

3-42 Configuring BGP on Cisco Routers (BGP) v3.2 © 2005, Cisco Systems, Inc.

Was this article helpful?

0 0

Post a comment