From: Hunt Lee (ciscoforme3@xxxxxxxxxxxx)
Date: Wed Jul 03 2002 - 11:20:10 GMT-3
Assume that I've 4 BGP networks:
ip prefix-list TEST permit 172.16.0.0/24
ip prefix-list TEST permit 172.16.1.0/24
ip prefix-list TEST permit 172.16.2.0/24
ip prefix-list TEST permit 172.16.3.0/24
OR
ip prefix-list TEST permit 172.16.0.0/22 ge 24 le 24
And if I want to do this in Distribute-list with Extended ACL:
access-list 101 permit ip 172.16.0.0 0.0.3.255 255.255.255.0 0.0.0.0
Is this equal to the prefix-list statements??
Assume now that I have an extra aggregate 172.16.0.0/22 together with
the other 4 routes, but I want to permit only this aggregate, while
denying all the other more specific routes:-
ip prefix-list TEST permit 172.16.0.0/22
Is this the same as:-
access-list 101 permit ip 172.16.0.0 0.0.0.0 255.255.252.0 0.0.0.0
Also, I found an example on CCO that I'm a bit confused abt.
The example states that it will permit route 131.108.0/24, but deny
131.108.x.x/16 & all other subnets of 131.108.0.0
access-list 101 permit ip 131.108.0.0 0.0.0.0 255.255.255.0 0.0.0.0
access-list 101 deny ip 131.108.0.0 0.0.255.255 255.255.0.0
0.0.255.255
So the 1st line will permit the 131.108.0.0/24 subnet, but what's the
point of the 2nd line?? Isn't it true that anything else will be
implicitly deny?
Thanks!
H.
http://www.sold.com.au - SOLD.com.au
- Find yourself a bargain!
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:17 GMT-3