deny (ip-prefix-list)
Creates and configures a deny prefix-list rule. The deny rule specifies
match criteria based on which prefixes received from (or transmitted to) a BGP neighbor are
filtered. A deny action is applied on these filtered prefixes. For example, in the BGP
router neighbor context a filter is applied using a IP prefix list. The list contains a deny
rule with a prefix to match as 192.168.13.0/24. All prefixes received from the neighbor
matching this prefix are denied.
Supported in the following platforms:
- Service Platforms — NX9500, NX9600
Syntax
deny prefix-list <1-4292967294> [<PREFIX-TO-MATCH/MASK>|any]
deny prefix-list <1-4292967294> [<PREFIX-TO-MATCH/MASK> {ge <0-32>|le <0-32>}|any]
Parameters
deny prefix-list <1-4292967294> [<PREFIX-TO-MATCH/MASK> {ge <0-32>|le <0-32>}|any]
| deny prefix-list <1-4294967295>
[<PREFIX-TO-MATCH/MASK>|any] |
Creates and configures a deny prefix-list rule
- <1-4294967295> – Configures a sequence number for this deny rule. Specify a
value from 1 - 4294967295. Within a prefix list, rules are applied in an
ascending order of their sequence number. Rules with lower sequence number are
applied first.
- <PREFIX-TO-MATCH/MASK> – Specify the prefix to match. For example
10.0.0.0/8 or 192.168.13.0/24. Routes matching the specified prefix are
filtered.
- ge <0-32> – Optional. Specifies a greater than or equal to value
for the IP prefix length (subnet mask)
- le <0-32> – Optional. Specifies a less than or equal to value for
the IP prefix length
The ‘ge‘ and ‘le‘ options specify a IP prefix length range. Use
these options to specify a more specific (granular) prefix match
criteria.
- any – Sets the prefix match criteria to any. When selected, all
routes are filtered, and the action applied is deny. At the backend,
this option sets the match criteria to 0.0.0.0/0 le 32.
|
Examples
nx9500-6C8809(config-bgp-ip-prefix-list-test)#deny prefix-list 1 168.192.13.0/24
nx9500-6C8809(config-bgp-ip-prefix-list-test)#show context
bgp ip-prefix-list test
deny prefix-list 1 168.192.13.0/24
nx9500-6C8809(config-bgp-ip-prefix-list-test)#
