5 FRR provides many very flexible filtering features. Filtering is used
6 for both input and output of the routing information. Once filtering is
7 defined, it can be applied in any direction.
12 .. index:: access-list NAME permit IPV4-NETWORK
13 .. clicmd:: access-list NAME permit IPV4-NETWORK
15 .. index:: access-list NAME deny IPV4-NETWORK
16 .. clicmd:: access-list NAME deny IPV4-NETWORK
18 Basic filtering is done by `access-list` as shown in the
23 access-list filter deny 10.0.0.0/9
24 access-list filter permit 10.0.0.0/8
30 *ip prefix-list* provides the most powerful prefix based
31 filtering mechanism. In addition to *access-list* functionality,
32 *ip prefix-list* has prefix length range specification and
33 sequential number specification. You can add or delete prefix based
34 filters to arbitrary points of prefix-list using sequential number specification.
36 If no ip prefix-list is specified, it acts as permit. If *ip prefix-list*
37 is defined, and no match is found, default deny is applied.
39 .. index:: ip prefix-list NAME (permit|deny) PREFIX [le LEN] [ge LEN]
40 .. clicmd:: ip prefix-list NAME (permit|deny) PREFIX [le LEN] [ge LEN]
42 .. index:: ip prefix-list NAME seq NUMBER (permit|deny) PREFIX [le LEN] [ge LEN]
43 .. clicmd:: ip prefix-list NAME seq NUMBER (permit|deny) PREFIX [le LEN] [ge LEN]
45 You can create *ip prefix-list* using above commands.
48 seq `number` can be set either automatically or manually. In the
49 case that sequential numbers are set manually, the user may pick any
50 number less than 4294967295. In the case that sequential number are set
51 automatically, the sequential number will increase by a unit of five (5)
52 per list. If a list with no specified sequential number is created
53 after a list with a specified sequential number, the list will
54 automatically pick the next multiple of five (5) as the list number.
55 For example, if a list with number 2 already exists and a new list with
56 no specified number is created, the next list will be numbered 5. If
57 lists 2 and 7 already exist and a new list with no specified number is
58 created, the new list will be numbered 10.
61 Specifies prefix length. The prefix list will be applied if the prefix
62 length is less than or equal to the le prefix length.
65 Specifies prefix length. The prefix list will be applied if the prefix
66 length is greater than or equal to the ge prefix length.
69 Less than or equal to prefix numbers and greater than or equal to
70 prefix numbers can be used together. The order of the le and ge
71 commands does not matter.
73 If a prefix list with a different sequential number but with the exact
74 same rules as a previous list is created, an error will result.
75 However, in the case that the sequential number and the rules are
76 exactly similar, no error will result.
78 If a list with the same sequential number as a previous list is created,
79 the new list will overwrite the old list.
81 Matching of IP Prefix is performed from the smaller sequential number to the
82 larger. The matching will stop once any rule has been applied.
84 In the case of no le or ge command, the prefix length must match exactly the
85 length specified in the prefix list.
87 .. index:: no ip prefix-list NAME
88 .. clicmd:: no ip prefix-list NAME
90 .. _ip-prefix-list-description:
92 ip prefix-list description
93 --------------------------
95 .. index:: ip prefix-list NAME description DESC
96 .. clicmd:: ip prefix-list NAME description DESC
98 Descriptions may be added to prefix lists. This command adds a
99 description to the prefix list.
101 .. index:: no ip prefix-list NAME description [DESC]
102 .. clicmd:: no ip prefix-list NAME description [DESC]
104 Deletes the description from a prefix list. It is possible to use the
105 command without the full description.
107 .. _ip-prefix-list-sequential-number-control:
109 ip prefix-list sequential number control
110 ----------------------------------------
112 .. index:: ip prefix-list sequence-number
113 .. clicmd:: ip prefix-list sequence-number
115 With this command, the IP prefix list sequential number is displayed.
116 This is the default behavior.
118 .. index:: no ip prefix-list sequence-number
119 .. clicmd:: no ip prefix-list sequence-number
121 With this command, the IP prefix list sequential number is not
124 .. _showing-ip-prefix-list:
126 Showing ip prefix-list
127 ----------------------
129 .. index:: show ip prefix-list
130 .. clicmd:: show ip prefix-list
132 Display all IP prefix lists.
134 .. index:: show ip prefix-list NAME
135 .. clicmd:: show ip prefix-list NAME
137 Show IP prefix list can be used with a prefix list name.
139 .. index:: show ip prefix-list NAME seq NUM
140 .. clicmd:: show ip prefix-list NAME seq NUM
142 Show IP prefix list can be used with a prefix list name and sequential
145 .. index:: show ip prefix-list NAME A.B.C.D/M
146 .. clicmd:: show ip prefix-list NAME A.B.C.D/M
148 If the command longer is used, all prefix lists with prefix lengths equal to
149 or longer than the specified length will be displayed. If the command first
150 match is used, the first prefix length match will be displayed.
152 .. index:: show ip prefix-list NAME A.B.C.D/M longer
153 .. clicmd:: show ip prefix-list NAME A.B.C.D/M longer
154 .. index:: show ip prefix-list NAME A.B.C.D/M first-match
155 .. clicmd:: show ip prefix-list NAME A.B.C.D/M first-match
156 .. index:: show ip prefix-list summary
157 .. clicmd:: show ip prefix-list summary
158 .. index:: show ip prefix-list summary NAME
159 .. clicmd:: show ip prefix-list summary NAME
160 .. index:: show ip prefix-list detail
161 .. clicmd:: show ip prefix-list detail
162 .. index:: show ip prefix-list detail NAME
163 .. clicmd:: show ip prefix-list detail NAME
165 Clear counter of ip prefix-list
166 -------------------------------
168 .. index:: clear ip prefix-list
169 .. clicmd:: clear ip prefix-list
171 Clears the counters of all IP prefix lists. Clear IP Prefix List can be used
172 with a specified name and prefix.
174 .. index:: clear ip prefix-list NAME
175 .. clicmd:: clear ip prefix-list NAME
177 .. index:: clear ip prefix-list NAME A.B.C.D/M
178 .. clicmd:: clear ip prefix-list NAME A.B.C.D/M