GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: replacing a prefix-list with access-list posted 02/27/2007
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Thank Dennis,
is this for BGP or for other routing protocols?
Which protocols?

Thank


2007/2/27, Brian Dennis <bdennis@xxxxxxxxxxxxxxxxxxxxxx>:
Ernesto,

The syntax of the extended ACL is:

access-list <ACL #> permit ip <network> <wildcard mask of network>
<subnet mask> <wildcard mask of subnet mask>

The source portion of the extended ACL is used to match the network portion
of the BGP route and the destination portion of the ACL is used to match the
subnet mask of the BGP route.  Here are some examples:

access-list 100 permit ip 10.0.0.0 0.0.0.0 255.255.0.0 0.0.0.0
Matches 10.0.0.0/16 - Only

access-list 100 permit ip 10.0.0.0 0.0.0.0 255.255.255.0 0.0.0.0
Matches 10.0.0.0/24 - Only

access-list 100 permit ip 10.1.1.0 0.0.0.0 255.255.255.0 0.0.0.0
Matches 10.1.1.0/24 - Only

access-list 100 permit ip 10.0.0.0 0.0.255.0 255.255.255.0 0.0.0.0
Matches 10.0.X.0/24 - Any number in the 3rd octet of the network with a
/24 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.0 255.255.255.0 0.0.0.0
Matches 10.X.X.0/24 - Any number in the 2nd & 3rd octet of the network with
a /24 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.255.255.240 0.0.0.0
Matches 10.X.X.X/28 - Any number in the 2nd, 3rd & 4th octet of the network
with a /28 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.255.255.0 0.0.0.255
Matches 10.X.X.X/24 to 10.X.X.X/32 - Any number in the 2nd, 3rd & 4th octet
of the network with a /24 to /32 subnet mask.

access-list 100 permit ip 10.0.0.0 0.255.255.255 255.255.255.128 0.0.0.127
Matches 10.X.X.X/25 to 10.X.X.X/32 - Any number in the 2nd, 3rd & 4th octet
of the network with a /25 to /32 subnet mask


--


Brian Dennis, CCIE4 #2210 (R&S/ISP-Dial/Security/SP)
bdennis@xxxxxxxxxxxxxxxxxxxxxx

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)




On 2/26/07 9:22 PM, "Ernesto Mazuelos" <ernesto.mazuelos@xxxxxxxxx> wrote:


> Hi,
> I have found in cisco.com a way of replacing a prefix-list with access-list,
> however I don't understand the way as it is applied.
> particularly, because the destination of the access-list is
> 255.255.255.0 as a subnet mask?
>     thanks to everybody
>
>
> !
> ip bgp-community new-format
> !
> !
> ip prefix-list rr seq 10 permit 189.168.58.0/23
> ip prefix-list rr seq 20 permit 189.168.60.0/23
> access-list 100 permit ip host 189.168.56.0 host 255.255.254.0 <=====
> don't understand
> !
> route-map tto permit 10
>  match ip address 100
>  set community 645:200
> !
> route-map tto permit 20
> !
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html