============ Prefix-Lists ============ .. sidebar:: Contents .. contents:: :depth: 3 :local: This chapter covers some aspects related to :osdx:cfg:`protocols ip prefix-list *` and :osdx:cfg:`protocols ipv6 prefix-list *`, which is one of the tools that allow to filter routing prefixes within route-maps. There are certain aspects that are worth mentioning before explaining the prefix-list configuration: * The **rule** id defines the execution order for prefix validation, being the most prioritary the 1. * The **match** condition is required to proceed with the final verdict. There could be specific matches, requiring the route coincide exactly with the defined prefix, or on the contrary, using netmask size based matches. * The **action** available for prefix-lists is either ``accept`` or ``deny``. After the **match** condition, the first one confirms that a certain prefix is accepted and the other results in a denegation. The default action is ``deny``, meaning that a prefix reaching the latest rule configured without any match will result in a denegation. Configuration ============= This is the syntax to create a :osdx:cfg:`protocols ip prefix-list *` or :osdx:cfg:`protocols ipv6 prefix-list *`: .. code-block:: none set protocols prefix-list rule [ ... ] A :osdx:cfg:`protocols ip prefix-list *` or :osdx:cfg:`protocols ipv6 prefix-list *` could be assigned to any route-map as a match criteria inside it. For doing so, the following command will be used: .. code-block:: none set protocols route-map rule match ip address prefix-list Examples ======== Discarding the default route ---------------------------- Let's suppose we want to set up a :osdx:cfg:`protocols route-map *` where a match with the default route is necessary. We want the following features: * Default-route will be denied by the route-map. * Any other prefix will be accepted. On OSDx that can achieved by configuring the following commands: .. code-block:: none set protocols ip prefix-list DEF_ROUTE rule 1 prefix 0.0.0.0/0 Finally, to use this prefix-list in a route-map you have to use these commands: .. code-block:: none set protocols route-map DENY_DEF_ROUTE rule 1 action deny set protocols route-map DENY_DEF_ROUTE rule 1 match ip address prefix-list DEF_ROUTE set protocols route-map DENY_DEF_ROUTE rule 2 action permit Accepting only a subnet ----------------------- Let's suppose we want to set up a :osdx:cfg:`protocols route-map *` where a match with a defined subnet is necessary. We want the following features: * Only a subnet from a certain prefix will be accepted by the route-map. * Other prefixes will be denied. On OSDx that can achieved by configuring the following commands: .. code-block:: none set protocols ip prefix-list SUBNET rule 1 ge 16 set protocols ip prefix-list SUBNET rule 1 prefix 10.0.0.0/8 Finally, to use this prefix-list in a route-map you have to use these commands: .. code-block:: none set protocols route-map DENY_DEF_ROUTE rule 1 action permit set protocols route-map DENY_DEF_ROUTE rule 1 match ip address prefix-list SUBNET Monitoring ========== The related operational commands :osdx:op:`protocols ip prefix-list * show` and :osdx:op:`protocols ipv6 prefix-list * show` can be used to display statistics related to ``prefix-list`` filters. *Example:* .. code-block:: none admin@osdx$ protocols ip prefix-list test show ZEBRA: ip prefix-list test: 1 entries seq 1 permit 0.0.0.0/0 admin@osdx$ .. depth=4 to show prefix-list rule options .. osdx:cmdtree:: cfg :maxdepth: 4 protocols ip prefix-list protocols ipv6 prefix-list