ip prefix-list

To create a prefix list to match IP packets or routes against, use the ip prefix-list command. To remove the prefix-list, use the no form of this command.

ip prefix-list name [ seq number ] { permit | deny } prefix [ eq length | [ ge length ] [ le length ]]

no ip prefix-list name [ seq number ] { permit | deny } prefix [ eq length | [ ge length ] [ le length ]]

Syntax Description

name
IP prefix list name. The name can be any alphanumeric string up to 63 characters.
seq number
(Optional) Specifies the number to order entries in the prefix list. The range is from 1 to 4294967294.
permit
Allows routes or IP packets that match the prefix list.
deny
Rejects routes or IP packets that match the prefix list.
prefix
IP prefix in A.B.C.D/length format.
eq length
(Optional) Specifies the prefix length to match. The range is from 1 to 32.
ge length
(Optional) Specifies the prefix length to match. The range is from 1 to 32.
le length
(Optional) Specifies the prefix length to match. The range is from 1 to 32.

Command Default

None

Command Modes

Global configuration mode

Command History

Release
Modification
5.0(3)N1(1)
This command was introduced.

Usage Guidelines

Configure prefix lists with permit or deny keywords to either permit or deny the prefix based on the matching condition. A prefix list consists of an IP address and a bit mask. The bit mask is entered as a number from 1 to 32. An implicit deny is applied to traffic that does not match any prefix-list entry.

You can configure prefix lists to match an exact prefix length or a prefix range. Use the ge and le keywords to specify a range of the prefix lengths to match, which provides a more flexible configuration. If you do not configure a sequence number, Cisco NX-OS applies a default sequence number of 5 to the prefix list and subsequent prefix list entries are incremented by 5 (for example, 5, 10, 15, and so on). If you configure a sequence number for the first prefix list entry but not subsequent entries, then Cisco NX-OS increments the subsequent entries by 5 (for example, if the first configured sequence number is 3, then subsequent entries will be 8, 13, 18, and so on). You can suppress default sequence numbers by entering the no form of this command with the seq keyword.

Cisco NX-OS evaluates prefix lists that start with the lowest sequence number and continue down the list until a match is made. Once a match is made, the permit or deny statement is applied to that network and the rest of the list is not evaluated.


Tip For the best performance of your network, you should configure the most frequently processed prefix list statements with the lowest sequence numbers. The seq number keyword and argument can be used for resequencing.


The prefix list is applied to inbound or outbound updates for specific peer by entering the prefix-list command in neighbor address-family mode. Prefix list information and counters are displayed in the output of the show ip prefix-list command. Prefix-list counters can be reset by entering the clear ip prefix-list command.

Examples

This example shows how to configure a prefix list and apply it to a Border Gateway Protocol (BGP) peer:

switch# configure terminal
switch(config)# ip prefix-list allowprefix 10 permit 192.0.2.0 eq 24
switch(config)# ip prefix-list allowprefix 20 permit 209.165.201.0 eq 27
switch(config) router bgp 65536:20
switch(config-router)# neighbor 192.0.2.1/16 remote-as 65536:20
switch(config-router-neighbor)# address-family ipv4 unicast
switch(config-router-neighbor-af)# prefix-list allowprefix in
switch(config-router-neighbor-af)#

Related Commands

Command
Description
clear ip prefix-list
Clears counters for IP prefix lists.
prefix-list
Applies a prefix list to BGP peer.
show ip prefix-list
Displays information about IP prefix lists.