Scribd
Upload
20 views

Prefix List

The document discusses prefix lists in Juniper Networks devices. Prefix lists are named lists of IP addresses that can be used to match routes in routing policies and firewall filters. The document provides examples of configuring prefix lists and using them in routing policies.

Uploaded by

sathyamoorthy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
20 views

Prefix List

The document discusses prefix lists in Juniper Networks devices. Prefix lists are named lists of IP addresses that can be used to match routes in routing policies and firewall filters. The document provides examples of configuring prefix lists and using them in routing policies.

Uploaded by

sathyamoorthy
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Prefix List

Prefix List
• Named list of IP addresses used to match routes

• Configured under the [edit policy-options] hierarchy

• Can be referenced in multiple terms within a single policy or in


different policies

• Can be used with routing policies and firewall filters


prefix-list rfc1918 {
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
}
policy-statement my-policy {
term reject-rfc1918 {
from {
prefix-list rfc1918;
}
then reject;
}
}
prefix-list vpn-clients {
172.16.1.16/28;
172.16.1.32/28;
172.16.1.48/28;
172.16.1.64/28;
172.16.2.16/28;
172.16.2.32/28;
172.16.2.48/28;
172.16.2.64/28;
172.16.3.16/28;
172.16.3.32/28;
172.16.3.48/28;
172.16.3.64/28;
}
prefix-list customer-list {
10.1.1.0/24;
172.16.16.0/24;
}
policy-statement my-policy {
term customers {
from {
prefix-list customer-list;
}
then accept;
}
term others {
then reject;
}
}
Prefix List Filter
• With prefix-list-filter, you can specify a match type of
exact, longer, or orlonger on the listed prefixes

• You can specify an optional action to be taken if the filter matches

• The action is executed immediately after the match occurs, and the
then statement is not evaluated
prefix-list rfc1918 {
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
}
policy-statement my-policy {
term reject-rfc1918 {
from {
prefix-list-filter rfc1918 orlonger reject;
}
}
}

You might also like