Routing

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

prefix-list-filter orlonger -- Gives different results then -- route-filter orlonger

Jump to Best Answer
  • 1.  prefix-list-filter orlonger -- Gives different results then -- route-filter orlonger

    Posted 04-10-2016 08:46

    Dears

    Not sure if this is the right behavior or not so would like your assistance please.

     

    I want to match on all loopback /32 prefixes. When I use do this using prefix-list-filter orlonger no matches occur however when i do this using route-filter orlonger there are matches ... Shouldn't both be the same ??

     

    ||||||||||||||||||

     

    # Hosts address to be matches as a test 

     

    root@R1# show interfaces lo0 | display set
    set interfaces lo0 unit 0 family inet address 20.0.0.1/32
    set interfaces lo0 unit 0 family inet address 20.0.0.2/32

     

    # Policy

     

    root@R1# show policy-options | display set
    set policy-options prefix-list EGRESS 0.0.0.0/31

     

    set policy-options policy-statement EGRESS_PREFIX_LIST term 1 from prefix-list-filter EGRESS orlonger
    set policy-options policy-statement EGRESS_PREFIX_LIST term 1 then accept
    set policy-options policy-statement EGRESS_PREFIX_LIST term 2 then reject

     

    set policy-options policy-statement EGRESS_ROUTER_FILTER term 1 from route-filter 0.0.0.0/0 orlonger
    set policy-options policy-statement EGRESS_ROUTER_FILTER term 1 then accept
    set policy-options policy-statement EGRESS_ROUTER_FILTER term 2 then reject

     

    # Test Reults

     

    root@R1# run test policy EGRESS_PREFIX_LIST 20.0.0.1/32

    Policy EGRESS_PREFIX_LIST: 0 prefix accepted, 1 prefix rejected

    [edit]

     

    root@R1# run test policy EGRESS_PREFIX_LIST 20.0.0.2/32

    Policy EGRESS_PREFIX_LIST: 0 prefix accepted, 1 prefix rejected

     


    root@R1# run test policy EGRESS_ROUTER_FILTER 20.0.0.1/32

    inet.0: 10 destinations, 12 routes (10 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    20.0.0.1/32 *[Direct/0] 04:50:47
    > via lo0.0
    [OSPF/10] 04:50:47, metric 0
    > via lo0.0

    Policy EGRESS_ROUTER_FILTER: 1 prefix accepted, 0 prefix rejected

    [edit]

     

     

    root@R1# run test policy EGRESS_ROUTER_FILTER 20.0.0.2/32

    inet.0: 10 destinations, 12 routes (10 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    20.0.0.2/32 *[Direct/0] 04:46:37
    > via lo0.0
    [OSPF/10] 04:46:37, metric 0
    > via lo0.0

    Policy EGRESS_ROUTER_FILTER: 1 prefix accepted, 0 prefix rejected

    [edit]
    root@R1#

     

     

    Many thanks

    Best Regards

    Sherif Ismail


    #prefix-list-filterorlongerroute-filterorlonger


  • 2.  RE: prefix-list-filter orlonger -- Gives different results then -- route-filter orlonger
    Best Answer

    Posted 04-10-2016 09:46

    Hi !

    Your logic is the wrong one as:

     

    root@R1# show policy-options | display set
    set policy-options prefix-list EGRESS 0.0.0.0/31

     

    set policy-options policy-statement EGRESS_PREFIX_LIST term 1 from prefix-list-filter EGRESS orlonger
    set policy-options policy-statement EGRESS_PREFIX_LIST term 1 then accept
    set policy-options policy-statement EGRESS_PREFIX_LIST term 2 then reject

     

    ######################

    the thing is that your statement as written means:

    the first 31 bit of the address has to match the 0.0.0.0 and the orlonger means the mask must be /31 or /32

    --- it would only match  0.0.0.1/31 or 0.0.0.0/31 or 0.0.0.0/32 or 0.0.0.1/32

     

     

    set policy-options policy-statement EGRESS_ROUTER_FILTER term 1 from route-filter 0.0.0.0/0 orlonger
    set policy-options policy-statement EGRESS_ROUTER_FILTER term 1 then accept
    set policy-options policy-statement EGRESS_ROUTER_FILTER term 2 then reject

     

    #############################

    the second one matches everything

    ##############################

     

    correct in my opinion would be:

    set policy-options policy-statement EGRESS_ROUTER_FILTER term 1 from route-filter 0.0.0.0/0 prefix-length-range /32-/32

    set policy-options policy-statement EGRESS_ROUTER_FILTER term 1 then accept
    set policy-options policy-statement EGRESS_ROUTER_FILTER term 2 then reject

     

    ---> this matches any address where the mask is /32

     

    with best regards

     

    alexander



  • 3.  RE: prefix-list-filter orlonger -- Gives different results then -- route-filter orlonger

    Posted 04-10-2016 10:27

    Many thanks Alexander



  • 4.  RE: prefix-list-filter orlonger -- Gives different results then -- route-filter orlonger

    Posted 05-20-2019 18:42
    awesome!!!