Prefix lists provide an alternative method to matching networks with a routing protocol.
The prefix list can identify a specific IP address, network, or an entire network range. It is flexible enough to allow of selection of multiple network ranges too.
Prefix matching in it’s simplest form can be defined with a 192.168.1.0/24, where it matches the network 192.168.1.0 with a subnet mask of 255.255.255.0
The prefix matching can be enhanced with the use of pattern matching.
There are two pattern matching keywords that can be used with prefix matching, le or ge.
le is less than or equal to (<=)
ge is greater than or equal to (>=)
Using a prefix with the syntax 192.168.0.0/16 ge 24 with some example scenarios:
192.168.0.0/16 – No match
192.168.7.0/24 – Match
192.168.4.0/26 – Match
The no match is due to the prefix length being 16, much less than the specified ‘ge 24’ in the command.
The 192.168.0.0/16 portion of the command allows networks from 192.168.0.0 to 192.168.255.255 to be selectable, but only with a prefix length of 24 or greater.
A prefix list can contain multiple prefix statements for network matching, with either a permit or deny option if that prefix statement is matched.
Similar to access control lists, prefix lists are evaluated from top to bottom.
To configure a prefix list, enter the command
ip prefix-list followed by the prefix list name, the sequence number with
seq and whether to
deny it. Finally on the same statement, add the prefix matching statement.
ip prefix-list testing 5 permit 192.168.0.0/16 ge 24
Prefix Lists with IPv6
Prefix lists with IPv6 operate in a very similar way, the command is changed from
ip prefix-list to