Matching Address Classes with Prefix-Lists

Instead of using ACLs to match address classes like Class A, B or C ip prefix-lists can do the trick too.
Lets first start with the class definitions:

Class A: 0.0.0.0 – 127.255.255.255
Class B: 128.0.0.0 – 191.255.255.255
Class C: 192.0.0.0 – 223.255.255.255

The reserved addresses are all in the definition above since they still belong into the definitions even though they are only used for their special function. To show how to calculate the correct ip prefix-list statement they have to be taken into the calculation.

Now if we change the class definitions from decimal into binary, the classes can also be defined with the starting bits in the first octet:

Class A: 0
Class B: 10
Class C: 110

No matter what IP you take out of a class its first octet will always start in binary as shown above. Based on this list we can say that Class A needs one network bit, Class B two and Class C three to be matched on or in other words:

Class A: 1.0.0.0/1
Class B: 128.0.0.0/2
Class C: 192.0.0.0/3
Class D: 224.0.0.0/4

This is more or less how the prefix-lists can be build to match the address classes but if we use the statements above and put it together with a prefix-list, it wont work the way it should since then it would only match on the exact address and network bits. To get it working we have to expand it a bit so it matches all type of networks:

Class A: 1.0.0.0/1 le 32
Class B: 128.0.0.0/2 le 32
Class C: 192.0.0.0/3 le 32

This time the prefix-list would match on the specific classes and on all type of networks the keyword le 32 means match on all networks with a network potion of less or equal to 32 bits. To proof the working here’s a little scenario with two routers and EIGRP:

R1 got six loopbacks configured, two addresses for each class. All are advertised into EIGRP and R2 got all in his routing table:

R2#sh ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/156160] via 116.1.12.1, 00:00:12, FastEthernet0/0
D 100.0.0.0/8 [90/156160] via 116.1.12.1, 00:00:12, FastEthernet0/0
130.1.0.0/25 is subnetted, 1 subnets
D 130.1.1.0 [90/156160] via 116.1.12.1, 00:00:06, FastEthernet0/0
D 192.1.1.0/24 [90/156160] via 116.1.12.1, 00:00:06, FastEthernet0/0
D 180.1.0.0/16 [90/156160] via 116.1.12.1, 00:00:06, FastEthernet0/0
D 199.1.0.0/23 [90/156160] via 116.1.12.1, 00:00:06, FastEthernet0/0

R2 will now get three ip prefix-lists, for each class one:

ip prefix-list CLASS-A seq 5 permit 0.0.0.0/1 le 32
ip prefix-list CLASS-B seq 5 permit 128.0.0.0/2 le 32
ip prefix-list CLASS-C seq 5 permit 192.0.0.0/3 le 32

Now we can start playing around with the distribute-list command under the router eigrp 10

router eigrp 10
distribute-list prefix CLASS-A in fastEthernet 0/0

This will activate a filter on all ingress routing updates coming from fastethernet0/0 (or R1 in this case). You now can either wait until all routes timed out or to be faster just issue a clear ip route *.All routes that do not match the prefix-list CLASS-A will not be installed into the routing table so the routing table only contains the two loopback networks which belong into class A:

R2#sh ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/156160] via 116.1.12.1, 00:06:44, FastEthernet0/0
D 100.0.0.0/8 [90/156160] via 116.1.12.1, 00:06:44, FastEthernet0/0

Changing the distribute-list from prefix-list CLASS-A to CLASS-B would result in only having the class B networks in the routing table, same with the CLASS-C prefix-list.

Advertisements

9 comments

  1. pashtuk

    Thank you sonu, please let me know if you have any topics you’d like to see on the blog πŸ™‚

  2. killerkadoogan

    Hi Pashtuk,

    Under the technical definition of a CLASS C network, IE using classes. 192.168.0.0/16 is NOT a class C network. So ‘Class C: 192.0.0.0/3 le 32’ would also block or allow that ‘supernet’ of Class C’s, which isn’t a Class C in itself.

    Old-school routers (ie RIPv1) would convert the mask to /24,

    Class C is technically:
    bits 1-3 110 + a 24 bit mask.

    Cheers,

    KK

  3. killerkadoogan

    check out http://www.ietf.org/rfc/rfc791.txt

    “in class c, the high order three bits are one-one-zero, the next 21 bits are the network and the last 8 bits are the local address.”

    so the technically correct Class C prefix list is:
    192.0.0.0/3 ge 24 le 24

    you wouldn’t use that in the real world though πŸ˜‰

  4. AHA

    Doesn’t class A begins with 0.0.0.0? I know it’s used to define default routes and other functions…But class A starts with 0xxx ; 1 – 127. So your prefix-list and ACI has to begin with 0.0.0.0.

    Comments are welcomed

  5. yasir

    gre8 post.
    -Just one confirmation for my understanding, if i just want to match e.g only classful addresses in class B, it wud be,
    128.0.0.0/2 le 16 , correct?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s