Cisco vizsgák (CCNA, CCNP, CCIE) - PROHARDVER! Hozzászólások

Hirdetés

Legfrissebb anyagok

PROHARDVER! témák

Mobilarena témák

IT café témák

GAMEPOD témák

LOGOUT témák

Téma összefoglaló

Utoljára frissítve: 2020-02-27 09:43

PROHARDVER!

--- Még az új vizsgarendszer előtti információk, majd frissítjük! ---

Gyakran ismételt kérdések
Olvasd el a cikkeket itt.

Új hozzászólás Aktív témák

#11893 crok Topikgazda

Új Válasz 2016-12-02 16:50:11 #11893
Új hozzászólás
Összes hozzászólása itt Válaszok az összes hozzászólására itt Válaszok erre a hozzászólásra
Privát üzenet küldése

crok

Topikgazda

Prefix-list 101 - kellett ma egy srácnak valami kézzelfoghatóbb mint a Google..
http://www.ciscopress.com/articles/article.asp?p=2273507&seqNum=11
http://blog.ine.com/2007/12/26/how-do-prefix-lists-work/
http://packetlife.net/blog/2010/feb/1/understanding-ip-prefix-lists/
To limit/filter sending or receiving of prefixes via BGP we can use prefix lists:
Example config:
How it is applied:
router bgp 65000 neighbor 1.2.3.4 prefix-list permit-bgp-default-and-some-others-only-from-pe in
ip prefix-list permit-bgp-default-and-some-others-only-from-pe seq 50 permit 10.15.20.0/24 ip prefix-list permit-bgp-default-and-some-others-only-from-pe seq 51 permit 10.15.30.0/24 ip prefix-list permit-bgp-default-and-some-others-only-from-pe seq 100 permit 0.0.0.0/0
This will allow only 10.15.20.0/24, 10.15.30.0/24 and the default route to be learned and installed to the routing table.
ip prefix-list permit-bgp-default-only-from-netw seq 50 deny 10.15.20.0/24 ip prefix-list permit-bgp-default-only-from-netw seq 51 deny 10.15.30.0/24 ip prefix-list permit-bgp-default-only-from-netw seq 100 permit 0.0.0.0/0 le 32
This will deny 10.15.20.0/24, 10.15.30.0/24 and allow everything else to be learned and installed to the routing table.
So, you can specify the subnet mask of the prefixes (most likely) like:
/##: exact match
/## le #: longer or equal - match the subnet with prefix length ## or has prefix length up to #, prefix length must be between ## and # but not longer
/## ge #: greater or equal - match the subnet with prefix length ## or has prefix length down to #, prefix length must be between ## and # but not longer
ip prefix-list permit-bgp-default-only-from-netw seq 105 permit 10.15.30.0/24 le 30
This is permitting every prefixes that matches into 10.15.30.0/24 and the prefix length ("subnet mask") is not more than 30.
For example it matches 10.15.30.0/24, 10.15.30.64/26 and 10.15.30.192/27 but not matching 10.15.30.254/32.
ip prefix-list permit-bgp-default-only-from-netw seq 110 permit 10.0.0.0/8 ge 24
This is permitting everything between from 10.0.0.0/8 range up to the prefix length /24
For example it matches 10.0.0.0/8, 10.12.0.0/16, 10.12.34.0/24 but not mathing 10.12.34.64/26 because it's length is longer than /24..
ip prefix-list permit-bgp-default-only-from-netw seq 115 permit 10.0.0.0/8 ge 24 le 26
For example it matches 10.15.30.0/24, 10.15.30.128/25 and 10.15.30.192/26 but but not matching 10.15.0.0/16 nor 10.15.30.254/32.
Seq is to identify the statement in the config - like in ACLs, it is needed for modification, deletion, addition..
ProTip: if you change the config of a prefix-list that is somehow attached to a BGP peer you should clear the BGP peer to make the change happen in the BGP table (soft or hard reset both works most of the time.. of soft does not do the trick do the hard kick) like clear ip bgp and stuff..
[Bocs hogy angol, de így mehet majd ki bárkinek aki legközelebb megkeres ezzel, mindegy milyen országban ül.. meg amúgy is a szama nyelve az angol ( : ]