IP Access Control Lists (ACL), Prefix Lists, and Route-maps | 153IP Prefix ListsPrefix Lists are supported on platforms: c e sIP prefix lists control routing policy. An IP prefix list is a series of sequential filters that contain a matchingcriterion (examine IP route prefix) and an action (permit or deny) to process routes. The filters areprocessed in sequence so that if a route prefix does not match the criterion in the first filter, the secondfilter (if configured) is applied. When the route prefix matches a filter, FTOS drops or forwards the packetbased on the filter’s designated action. If the route prefix does not match any of the filters in the prefix list,the route is dropped (that is, implicit deny).A route prefix is an IP address pattern that matches on bits within the IP address. The format of a routeprefix is A.B.C.D/X where A.B.C.D is a dotted-decimal address and /X is the number of bits that should bematched of the dotted decimal address. For example, in 112.24.0.0/16, the first 16 bits of the address112.24.0.0 match all addresses between 112.24.0.0 to 112.24.255.255.Below are some examples that permit or deny filters for specific routes using the le and ge parameters,where x.x.x.x/x represents a route prefix:• To deny only /8 prefixes, enter deny x.x.x.x/x ge 8 le 8• To permit routes with the mask greater than /8 but less than /12, enter permit x.x.x.x/x ge 8le 12• To deny routes with a mask less than /24, enter deny x.x.x.x/x le 24• To permit routes with a mask greater than /20, enter permit x.x.x.x/x ge 20The following rules apply to prefix lists:• A prefix list without any permit or deny filters allows all routes.• An “implicit deny” is assumed (that is, the route is dropped) for all route prefixes that do not match apermit or deny filter in a configured prefix list.• Once a route matches a filter, the filter’s action is applied. No additional filters are applied to the route.Implementation InformationIn FTOS, prefix lists are used in processing routes for routing protocols (for example, RIP, OSPF, andBGP).Configuration Task List for Prefix ListsTo configure a prefix list, you must use commands in the PREFIX LIST, the ROUTER RIP, ROUTEROSPF, and ROUTER BGP modes. Basically, you create the prefix list in the PREFIX LIST mode, andassign that list to commands in the ROUTER RIP, ROUTER OSPF and ROUTER BGP modes.Note: The S-Series platform does not support all protocols. It is important to know which protocol you aresupporting prior to implementing Prefix-Lists.