|
|
|
The user can create prefix lists or trees and configure routemaps to allow or reject the lists.
Prefix List Syntax
To turn a prefix list off:
set prefix-list <list_name> off
To remove a sequence number from a prefix list:
set prefix-list <list_name> sequence-number <seq_number> off
To configure a prefix on a given sequence number:
set prefix-list <list_name> sequence-number <seq_number> prefix
<prefix_mask> <match_type> [restrict {on | off}]
Example 1
Configure a prefix list called non-local to restrict prefixes 192.168.0.0/16, 10.0.0.0/8, and 172.16.0.0/12, but allow all other IPv4 prefixes:
set prefix-list non-local sequence-number 5 prefix 10.0.0.0/8 all restrict on
set prefix-list non-local sequence-number 10 prefix 192.168.0.0/16 all restrict on
set prefix-list non-local sequence-number 15 prefix 172.16.0.0/12 all restrict on
set prefix-list non-local sequence-number 20 prefix 0.0.0.0/0 all
Example 2
Configure a prefix-list called no-5-net to restrict prefix 5.0.0.0/8 but allow all other /8 prefixes. Any other prefixes will not be matched by this list (and therefore will be restricted unless another prefix list matches them):
set prefix-list no-5-net sequence-number 1 prefix 5.0.0.0/8 exact restrict on
set prefix-list no-5-net sequence-number 2 prefix 0.0.0.0/0 between 8 and 8
Prefix Tree Syntax
To turn a prefix tree off:
set prefix-tree <tree_name> off
To remove a prefix from a prefix tree:
set prefix-tree <tree_name> prefix <prefix_mask> off
To Add or change a prefix in a prefix tree:
set prefix-tree <tree_name> prefix <prefix_mask> <match_type> [restrict {on | off}]
To add a mask range to a prefix:
set prefix-tree <tree_name> prefix <prefix_mask> between <low> and <high> [restrict { on | off}]
To remove a mask range from a prefix:
set prefix-tree <tree_name> prefix <prefix_mask> between <low> and <high> off
Example 3
Configure a prefix tree called non-local to restrict all prefixes with mask lengths which are shorter than or equal to /8, 192.168.0.0/16, and 172.16.0.0/12, but allow all other IPv4 prefixes:
set prefix-tree non-local prefix 0.0.0.0/0 between 0 and 8 restrict on
set prefix-tree non-local prefix 0.0.0.0/0 between 9 and 32
set prefix-tree non-local prefix 192.168.0.0/16 all restrict on
set prefix-tree non-local prefix 172.16.0.0/12 all restrict on
Example 4
Configure a prefix tree named "10-net" to allow 10.1.1.0/24, restrict all sub-prefixes of 10.1.0.0/16, and allow all sub-prefixes of 10.0.0.0/8, except 10.0.0.0/8 itself. Any other prefixes will not be matched by this list (and thus will be restricted unless another prefix tree matches them):
set prefix-tree 10-net prefix 10.0.0.0/8 refines
set prefix-tree 10-net prefix 10.1.0.0/16 all restrict
set prefix-tree 10-net prefix 10.1.1.0/24 exact
