There is therefore increasing pressure to convert to IPv6, with its 128-bit address size. In the following chapter we discuss some companion protocols: ICMP, ARP, DHCP and DNS.ĭespite its ubiquity, IPv4 faces an unsettled future: the Internet has run out of new large blocks of IPv4 addresses ( 1.10 IP - Internet Protocol). We will see how the IP layer enables efficient, scalable routing.
Most of the Internet today (2020) still uses IPv4, though IPv6 is making inroads.
In this chapter we discuss the original core IP protocol – known as version 4, or IPv4, and with a 32-bit address size. (Just talk to the IPv6 people, or the IP-multicasting or IP-reservations groups.) But if you want to change the IP layer, you will encounter difficulty. If you want to run your own LAN protocol somewhere, or if you want to run your own transport protocol, the Internet backbone will still work just fine for you. When using the “ge” (greater than or equal to) and “le”(less than or equal to) values, you must satisfy the condition: Len < ge <= le.There are multiple LAN protocols below the IP layer and multiple transport protocols above, but IP itself stands alone. The first line block all the network with subnet mask /32, while the last line permit any. Ip prefix-list Ciscozine-PL permit 0.0.0.0/0 le 32 Example #6: Deny all the loopback network (/32) ip prefix-list Ciscozine-PL deny 0.0.0.0/0 ge 32 le 32 Only the second statement is valid the third and fourth are not valid due to lesser subnet mask and the first one is not valid due the different network. Example #5: Permits all prefixes in the 192.168.0.0/24 with subnet mask between 26 and 30 bits ip prefix-list Ciscozine-PL permit 192.168.0.0/24 ge 26 le 30 The second is not valid due to different prefix, while the fourth due to a greater subnet mask. This check the first 16 bits of the prefix 10.0.0.0, where the subnet mask must be less than or equal to 30. Example #4: Permit all prefixes in the 10.0.0.0/16 with subnet mask less or equal /30 ip prefix-list Ciscozine-PL permit 10.0.0.0/16 le 30 This match only the network 0.0.0.0 with the prefix length 0. Note: the first line can be written like: ip prefix-list Ciscozine-PL deny 10.0.0.0/24 ge 24 le 24 Example #3: Permit only the default route ip prefix-list Ciscozine-PL permit 0.0.0.0/0 Example #2: Block the prefix 10.0.0.0/24 ip prefix-list Ciscozine-PL deny 10.0.0.0/24ĭue to the implicit deny of the prefix list, a second line is required to permit the other networks: ip prefix-list Ciscozine-PL permit 0.0.0.0/0 le 32 This check the first 0 bits of the prefix 0.0.0.0 and the subnet mask must be less than or equal to 32: it permits all the network. Example #1: Permit all the prefix ip prefix-list Ciscozine-PL permit 0.0.0.0/0 le 32 The power of the prefix list happens when you use the “ge” or/and “le” keyword.
Prefix list syntax is: ip prefix-list list-name deny | permit network/len įor instance, to block 200.200.200.0/24 network, the command would be: ip prefix-list Ciscozine-PL deny 200.200.200.0/24 Moreover, the prefix-list also allows you to specify networks in much more natural format that ACLs. ACLs used in distribute list filter networks only by network addresses but they do not perform matching on subnet mask in other words, for an ACL used in distribute list, the networks 192.168.100.0/24 and 192.168.100.0/28 are indistinguishable. The most notable and important difference is that a prefix-list allows you to filter networks based on their subnet mask. Prefix lists are used in route maps and route filtering operations and can be used as an alternative to access lists in many route filtering commands.
0 kommentar(er)
