i saw in you prefix-list filtering in EIGRP example you are advertsting loopback in EIGRP using:
R2(config-router)#network 172.16.0.0 0.0.3.255
my question why you are using Wildcard mask 0.0.3.255 for these loopbacks
loopback0 : 172.16.0.0/24
loopback1 : 172.16.1.0/24
loopback2 : 172.16.2.0/24
loopback3 : 172.16.0.3/24
i think it should be 0.0.0.255 beacuse all loopbacks are /24
waiting you
Hello Rafie
This is the topology for the lesson you are referring to:
So within the EIGRP configuration of R2, Rene issues the following command:
R2(config-router)#network 172.16.0.0 0.0.3.255
What this command does is it specifies which networks will participate in EIGRP. If he were to use the 0.0.0.255 wildcard mask, he would have to issue it four times like this, once for each subnet:
R2(config-router)#network 172.16.0.0 0.0.0.255
R2(config-router)#network 172.16.1.0 0.0.0.255
R2(config-router)#network 172.16.2.0 0.0.0.255
R2(config-router)#network 172.16.3.0 0.0.0.255
However, the 0.0.3.255 wildcard mask includes all four subnets, so he needs only one statement. How does it include all four subnets? Remember that the combination of network address and wildcard mask give us a range of addresses. Let’s determine that range now.
First let’s write out the network address and the wildcard mask in binary:
Network: 10101100.00010000.00000000.00000000
Wildcard Mask: 00000000.00000000.00000011.11111111
Now, let’s determine the range of addresses that this includes. We’ll do this by setting all host bits to 0 and then setting all host bits to 1.
Host bits to 0:
Starting address: 10101100.00010000.00000000.00000000
Wildcard Mask: 00000000.00000000.00000011.11111111
Host bits to 1:
Ending address: 10101100.00010000.00000011.11111111
Wildcard Mask: 00000000.00000000.00000011.11111111
So what are the starting and ending addresses in dotted decimal format? They are:
You can see that all four of our subnets are included within that range, all because Rene used a larger wildcard mask. Does that make sense?
I hope this has been helpful!
Laz
“If I have a network with 10.0.0.0 /21, it will be denied by this prefix list. It falls within the 10.0.0.0 /8 range, but it has a subnet mask of /21. I’m using the le operator, which says that the subnet mask should be /19 or smaller.”
I’m confused… a /21 is technically smaller than a /19. Is the ge/le operator referencing the cidr number (more, or fewer bits) itself and not the actual size of the subnet? That is a little confusing. So a “smaller” subnet mask than /19 is effectively a larger/less-specific subnet, i.e. /18…/17…/16?
My brain immediately thinks /17 is greater than /19 due to the subnet including more addresses, but i guess if you break it down to binary bits, 10000000 is less than 11000000
Hello Trevor
Yes, you’re correct. In the context of subnet masks, a smaller CIDR notation (like /19) actually represents a larger network because it includes more IP addresses. Conversely, a larger CIDR notation (like /21) represents a smaller network with fewer IP addresses.
Even so, the “le” and “ge” operators used by the prefix lists always refer to “less than or equal to” and “greater than or equal to” in a numerical context. In other words, /20 is considered “ge” /19.
Think about it this way:
Does that make sense? It can be a bit counter-intuitive, but just remember that the ‘le’ and ‘ge’ operators are referring to the CIDR notation number, not the actual size of the subnet.
I hope this has been helpful!
Laz
summary
172.16.0.0/24
172.16.1.0/24
172.16.2.0/24
172.16.3.0/24
is
172.16.0.0/22 ?
Hello Armando.
Yes, the smallest summary route that will cover all 4 of those prefixes is 172.16.0.0/22. This will essentialy cover anything that falls under 172.16.0.0 - 172.16.3.255
David
Hello Armando
Yes, that is correct. In order to see this, let’s represent the last two octets of these networks in binary like so:
172.16.00000000.00000000
172.16.00000001.00000000
172.16.00000010.00000000
172.16.00000011.00000000
As you can see, all of the bits in bold are the same for all four networks. Those are the first 22 bits. Starting at bit 23, the bits are not the same for all four networks. Therefore, it is the first 22 bits that can be used as the subnet mask.
A /22 subnet mask corresponds to 255.255.252.0.
I hope this has been helpful!
Laz
Hello,
Can I have ideas about the difference between a prefix-list without any operator (i.e. le, ge or eq) and a prefix-list with eq operator?
Just take the example in your lesson, what is the difference between the following 2 entries?
ip prefix-list FILTERTHIS seq 5 deny 172.16.1.0/24
vs:
ip prefix-list FILTERTHIS seq 5 deny 172.16.1.0/24 eq 24
Hello Anson
When you issue a command like this:
ip prefix-list FILTERTHIS seq 5 deny 172.16.1.0/24
you are essentially matching that specific network, including both the network and the prefix length. It’s the same as issuing an access list that denies that particular network.
Now if your router allowed you to use the eq operator, then there would essentially be no difference between the two commands. However, the eq operator is actually not part of the syntax. Take a look:
R1(config)#ip prefix-list FILTERTHIS seq 5 deny 172.16.1.0/24 ?
ge Minimum prefix length to be matched
le Maximum prefix length to be matched
<cr> <cr>
R1(config)#ip prefix-list FILTERTHIS seq 5 deny 172.16.1.0/24
Notice there’s no eq. To issue a prefix list to equal a particular prefix, you simply issue the specific prefix without any operator.
I hope this has been helpful!
Laz