Prefix-Lists
This chapter covers some aspects related to protocols ip prefix-list <txt> and
protocols ipv6 prefix-list <txt>, which is one of the tools that allow to filter
routing prefixes within route-maps.
There are certain aspects that are worth mentioning before explaining the prefix-list configuration:
The rule id defines the execution order for prefix validation, being the most prioritary the 1.
The match condition is required to proceed with the final verdict. There could be specific matches, requiring the route coincide exactly with the defined prefix, or on the contrary, using netmask size based matches.
The action available for prefix-lists is either
acceptordeny. After the match condition, the first one confirms that a certain prefix is accepted and the other results in a denegation. The default action isdeny, meaning that a prefix reaching the latest rule configured without any match will result in a denegation.
Configuration
This is the syntax to create a protocols ip prefix-list <txt> or
protocols ipv6 prefix-list <txt>:
set protocols <ip/ipv6> prefix-list <pl_name> rule <rule_id> [ ... ]
A protocols ip prefix-list <txt> or protocols ipv6 prefix-list <txt> could
be assigned to any route-map as a match criteria inside it. For doing so, the following
command will be used:
set protocols route-map <rmap_name> rule <rule_id> match ip address prefix-list <pl_name>
Examples
Discarding the default route
Let’s suppose we want to set up a protocols route-map <txt> where a match with the
default route is necessary.
We want the following features:
Default-route will be denied by the route-map.
Any other prefix will be accepted.
On OSDx that can achieved by configuring the following commands:
set protocols ip prefix-list DEF_ROUTE rule 1 prefix 0.0.0.0/0
Finally, to use this prefix-list in a route-map you have to use these commands:
set protocols route-map DENY_DEF_ROUTE rule 1 action deny
set protocols route-map DENY_DEF_ROUTE rule 1 match ip address prefix-list DEF_ROUTE
set protocols route-map DENY_DEF_ROUTE rule 2 action permit
Accepting only a subnet
Let’s suppose we want to set up a protocols route-map <txt> where a match with a
defined subnet is necessary.
We want the following features:
Only a subnet from a certain prefix will be accepted by the route-map.
Other prefixes will be denied.
On OSDx that can achieved by configuring the following commands:
set protocols ip prefix-list SUBNET rule 1 ge 16
set protocols ip prefix-list SUBNET rule 1 prefix 10.0.0.0/8
Finally, to use this prefix-list in a route-map you have to use these commands:
set protocols route-map DENY_DEF_ROUTE rule 1 action permit
set protocols route-map DENY_DEF_ROUTE rule 1 match ip address prefix-list SUBNET
Monitoring
The related operational commands protocols ip prefix-list <txt> show and
protocols ipv6 prefix-list <txt> show can be used to display statistics related
to prefix-list filters.
Example:
admin@osdx$ protocols ip prefix-list test show
ZEBRA: ip prefix-list test: 1 entries
seq 1 permit 0.0.0.0/0
admin@osdx$