Download Complete PDF Send Feedback Print This Page

Previous

Synchronize Contents

Next

Prefix Lists and Prefix Trees

Related Topics

Prefix Lists and Prefix Trees Overview

ip prefix-list

ip prefix-list sequence-number

ip prefix-tree

show ip prefix-list

show ip prefix-tree

Prefix Lists and Prefix Trees Overview

Advanced Routing Suite provides two types of prefix based lists; Prefix Lists and Prefix Trees. Prefix Trees return the longest match as the true match whereas Prefix Lists simulate a sequential lookup and return the first matched entry as the true match. The entries are ordered according to entry-seq.

ip prefix-list

Name

ip prefix-list - creates a prefix list

Syntax

ip prefix-list list_id [seq seq_value]?
[deny | permit] [network/masklen] [ge length]? [le length]?

no ip prefix-list list_id [seq seq_value]?
[deny | permit] [network/masklen] [ge length]? [le length]?

Mode

Global Configuration

Parameters

list_id - a string of characters or an integer

seq seq_value - this is specified as an integer between 0 and 4,294,967,295, inclusive. Note: Sequence numbers are generated automatically in increments of 5 unless automatic generation is turned off. If automatic generation is disabled, then the sequence number must be specified. Otherwise, specifying this command is optional.

deny | permit - denies or permits the specified source address

network/masklen - specify a valid IPv4 address with a mask length. The IPv4 address is specified in dotted-quad format; the mask length is an integer from 0 to 32, inclusive. Note that the "/" is required.

ge length - specifies that the IPv4 address matches (prefix, mask) pairs with exactly the same prefix address and mask lengths that are greater than or equal to the value of the ge command. This value can be in the range of 0 to 32, but it must be at least the value of masklen and no greater than the value of le.

le length - specifies that the IPv4 address matches (prefix, mask) pairs with exactly the same prefix address and mask lengths that are less than or equal to the value of the le command. This value can be in the range of 0 to 32, but it must be at least the value of masklen and no less than the value of ge.

Description

Prefix lists simulate a sequential lookup and return the first matched entry as the true match. The entries are ordered according to the sequential value. Sequence numbers are generated automatically unless automatic generation is disabled. If the automatic generation of sequence numbers is disabled, then the sequence number for each entry must be specified.

The optional ge and le commands can be used to specify the range of the prefix length to be matched for prefixes that are more specific than a network and netmask value. If only the gelength is specified, then the range is assumed to be from gelength to 32. If only the lelength is specified, then the range is assumed to be less than the lelength. An exact match is assumed when neither ge nor le is specified.

Use the negative form of this command to delete all entries or specific entries in a prefix list. One way to remove a specific entry from a prefix list is to specify all parameters that were specified when the entry was created. Another way is to specify the sequence number of the entry, which is either automatically generated or explicitly configured.

Default

Prefix lists are not configured by default.

Command History

NGC 2.2 - This command was introduced.

Examples

Example 1

The following example configures a prefix list "abc" that denies all prefixes in 128.0.0.0/8 with a prefix length of 24.

(config)# ip prefix-list abc deny 128.0.0.0/8 ge 24 le 24

Example 2

The following example configures a prefix list "abc" with three list entries. The first and second entries permit all routes matching 10.0.0.0 with prefix length equal to 8 (first entry) except 10.1.1.1 (second entry). The third entry permits all other IPv4 routes. An implicit deny is assumed for all other routes.

(config)# ip prefix-list abc permit 10.0.0.0/8 ge 8 le8

(config)# ip prefix-list abc deny 10.1.1.1/32 ge 32 le 32

(config)# ip prefix-list abc permit 0.0.0.0/0 le 32

ip prefix-list sequence-number

Name

ip prefix-list sequence-number - specifies whether Advanced Routing Suite should use automatic sequence numbering when configuring prefix lists

Syntax

ip prefix-list sequence-number

no ip prefix-list sequence-number

Mode

Global Configuration

Parameters

none

Description

Sequence values are generated in increments of 5, with the first sequence value generated being 5, then 10, then 15, and so on. If a sequence value is specified for an entry, and then not specified for subsequent entries, the assigned (generated) sequence values are then incremented in units of 5 based on the highest sequence number present in the list.

Note: Sequence numbers are generated automatically in increments of 5 unless automatic generation is turned off. If automatic generation is disabled, then the sequence number must be specified. Otherwise, specifying this command is optional. Use the negative form of the sequence command, no ip prefix-list sequence-number, to turn off automatic sequence number generation.

Default

Sequence numbers are generated automatically by Advanced Routing Suite. Therefore, if ip prefix-list sequence-number is not specified, it is the same as if the user had specified the following:

(config)# ip prefix-list sequence-number

Command History

NGC 2.2 - This command was introduced.

Examples

The following example configures four entries in prefix list "abc." The first entry explicitly configures sequence number 3. The two subsequent entries will, therefore, have automatically generated sequence numbers of 8 and 13 respectively. Sequence numbering is then turned off, and the fourth entry is configured with a sequence number of 20. The show ip prefix-list query that follows displays the prefix list entries with their sequence numbers.

(config)# ip prefix-list abc seq 3 permit 10.11.0.0/16 ge 20 le 20

(config)# ip prefix-list abc deny 10.10.0.0/16 ge 24 le 28

(config)# ip prefix-list abc permit 12.12.0.0 16

(config)# no ip prefix-list sequence-number

(config)# ip prefix-list abc seq 20 permit 192.168.0.0/16

(config)# exit

# show ip prefix-list abc

ip prefix-list abc: 4 entries
seq 3 permit 10.11.0.0/16 ge 20 le 20
seq 8 deny 10.10.0.0/16 ge 24 le 28
seq 13 permit 12.12.0.0/16
seq 20 permit 192.168.0.0/16

#

ip prefix-tree

Name

ip prefix-tree - configures a prefix tree

Syntax

ip prefix-tree tree_id [deny | permit]
[network/masklen] [ge length]? [le length]?

no ip prefix-tree list_id [deny | permit]
[network/masklen] [ge length]? [le length]?

Mode

Global Configuration

Parameters

tree_id - a string of characters

deny | permit - denies or permits the specified source address

network/masklen - specify a valid IPv4 address with a mask length. The IPv4 address is specified in dotted-quad format; the mask length is an integer from 0 to 32, inclusive. Note that the "/" is required.

ge length - specifies that the IPv4 address matches (prefix, mask) pairs with exactly the same prefix address and mask lengths that are greater than or equal to the value of the ge command. This value can be in the range of 0 to 32, but it must be at least the value of masklen and no greater than the value of le.

le length - specifies that the IPv4 address matches (prefix, mask) pairs with exactly the same prefix address and mask lengths that are less than or equal to the value of the le command. This value can be in the range of 0 to 32, but it must be at least the value of masklen and no less than the value of ge.

Description

Prefix Trees return the longest match as the true match whereas Prefix Lists simulate a sequential lookup and return the first matched entry as the true match.

The optional ge and le commands can be used to specify the range of the prefix length to be matched for prefixes that are more specific than a network and netmask value. If only the gelength is specified, then the range is assumed to be from gelength to 32. If only the lelength is specified, then the range is assumed to be less than the lelength.

Use the negative form of this command to delete all entries or specific entries in a prefix tree. You can remove a specific entry from a prefix tree by specifying all parameters that were specified when the entry was created.

Default

Prefix trees are not configured by default.

Command History

NGC 2.2 - This command was introduced.

Examples

Example 1

The following example configures a prefix tree "abc" that denies all prefixes in 128.0.0.0/8 with a prefix length of 24.

(config)# ip prefix-tree abc deny 128.0.0.0/8 ge 24 le 24

Example 2

The following example configures a prefix tree "abc" with three list entries. The first and second entries permit all routes matching 10.0.0.0 with prefix length equal to 8 (first entry) except 10.1.1.1 (second entry). The third entry permits all other IPv4 routes. An implicit deny is assumed for all other routes.

(config)# ip prefix-tree abc permit 10.0.0.0/8 ge 8 le8

(config)# ip prefix-tree abc deny 10.1.1.1/32 ge 32 le 32

(config)# ip prefix-tree abc permit 0.0.0.0/0 le 32

show ip prefix-list

Name

show ip prefix-list - displays information about all or specific prefix lists

Syntax

show ip prefix-list [ detail | summary ]? [ list_id ]?

Mode

Privileged Execution

Parameters

detail | summary - optionally specify whether you want the query to respond with a more verbose format. Summary information is returned by default.

list_id - a string of characters or an integer that represents the ID of a configured prefix list. Specifying this is optional. Advanced Routing Suite will return information for all configured IPv4 prefix lists if a list_id is not specified.

Description

The show ip prefix-list query displays information about all or specific prefix lists.

This query has two forms. If it is issued without arguments, then information about all configured IPv4 prefix lists is returned. Alternatively, the query can be issued naming a specific prefix list. In this case, the reply will contain information pertaining only to the referenced prefix list.

Command History

NGC 2.2 - This command was introduced.

Examples

Example 1

The following query is a request for summary information about a prefix list named "pfxtest1".

# show ip prefix-list pfxtest1

ip prefix-list pfxtest1: 3 entries
seq 3 deny 10.10.0.0/16 ge 20 le 20
seq 8 permit 10.10.0.0/16 ge 24 le 28
seq 13 permit 12.12.0.0/16

Example 2

The following query is a request for summary information about all configured IPv4 prefix lists.

# show ip prefix-list

ip prefix-list pfxtest1: 3 entries
seq 3 deny 10.10.0.0/16 ge 20 le 20
seq 8 permit 10.10.0.0/16 ge 24 le 28
seq 13 permit 12.12.0.0/16

ip prefix-list pfxtest2: 4 entries
seq 3 permit 10.2.2.2/24 ge 24 le 24
seq 8 deny 10.1.1.1/32 ge 32 le 32
seq 10 permit 10.0.0.0/8 ge 8 le 8
seq 11 permit 0.0.0.0/8 le 8

Example 3

The following is a request for detail information about a prefix list named "pfxtest2".

# show ip prefix-list detail pfxtest2

ip prefix-list pfxtest2:
count: 4, sequences 3 - 11
seq 3 permit 10.2.2.2/24 ge 24 le 24
seq 8 deny 10.1.1.1/32 ge 32 le 32
seq 10 permit 10.0.0.0/8 ge 8 le 8
seq 11 permit 0.0.0.0/8 le 8

show ip prefix-tree

Name

show ip prefix-tree - displays information about all or specific prefix trees

Syntax

show ip prefix-tree [ detail | summary ]? [ tree_id ]?

Mode

Privileged Execution

Parameters

detail | summary - optionally specify whether you want the query to respond with a more verbose format. Summary information is returned by default.

tree_id - a string of characters or an integer that represents the ID of a configured prefix tree. Specifying this is optional. Advanced Routing Suite will return information for all configured IPv4 prefix trees if a tree_id is not specified.

Description

The show ip prefix-tree query displays information about all or specific prefix trees.

This query has two forms. If it is issued without arguments, then summary information about all configured IPv4 prefix trees is returned. Alternatively, the query can be issued naming a specific prefix tree. In this case, the reply will contain information pertaining only to the referenced prefix tree.

Command History

NGC 2.2 - This command was introduced.

Examples

Example 1

The following query is a request for summary information about a prefix tree named "pfxtest1".

# show ip prefix-tree pfxtest1

ip prefix-tree abc: 1 entries
deny 128.0.0.0 0.255.255.255 ge 24 le 24

Example 2

The following query is a request for summary information about all configured IPv4 prefix trees.

# show ip prefix-tree

ip prefix-tree pfxtest1: 3 entries
deny 10.10.0.0 0.0.255.255 ge 20 le 20
permit 10.10.0.0 0.0.255.255 ge 24 le 28
permit 12.12.0.0 0.0.255.255

ip prefix-tree pfxtest2: 4 entries
permit 10.2.2.2 0.255.255.255 ge 24 le 24
deny 10.1.1.1 255.255.255.255 ge 32 le 32
permit 10.0.0.0 0.0.0.255 ge 8 le 8
permit 0.0.0.0 0.0.0.255 le 8

Example 3

The following is a request for detail information about a prefix tree named "pfxtest2".

# show ip prefix-tree detail pfxtest2

ip prefix-tree pfxtest2:
count: 4, sequences 3 - 11
permit 10.2.2.2 0.255.255.255 ge 24 le 24
deny 10.1.1.1 255.255.255.255 ge 32 le 32
permit 10.0.0.0 0.0.0.255 ge 8 le 8
permit 0.0.0.0 0.0.0.255 le 8

  
Top of Page ©2013 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print