prefix-set [name]
Defines a named set of IPv4 or IPv6 prefixes for use in routing policy language (RPL) configurations.
Overview
The 'prefix-set' command in Cisco IOS-XR defines a named set of IPv4 or IPv6 prefixes that can be referenced in route-policy configurations. This is a fundamental building block of the Routing Policy Language (RPL), which provides a flexible and powerful way to control route advertisement, redistribution, and filtering. A prefix-set can contain exact prefixes (e.g., 10.0.0.0/8) or prefixes with length qualifiers using the 'ge' (greater than or equal), 'le' (less than or equal), and 'eq' (equal) keywords. For example, '10.0.0.0/8 ge 16 le 24' matches any prefix within 10.0.0.0/8 that has a subnet length between 16 and 24 inclusive. Prefix-sets are typically used in route-policy 'if' statements to match the destination prefix of a route. They are also used in BGP neighbor policies, redistribution policies, and aggregate route configurations. On Cisco IOS-XR, prefix-sets are stored in the running configuration and can be displayed with 'show prefix-set [name]'. Unlike Cisco IOS, where prefix-lists are used, IOS-XR uses prefix-sets as part of RPL. The command is entered in global configuration mode, and the set is defined between the 'prefix-set [name]' and 'end-set' statements. Each entry is a prefix followed by optional length qualifiers, and entries are separated by commas. The set can be modified by adding or removing entries, but changes require re-applying any route-policies that reference the set. Understanding prefix-sets is essential for CCNP and CCIE candidates, as they are widely used in service provider and enterprise networks for traffic engineering and policy control.
prefix-set [name]
<prefix>/<length> [ge <ge-length>] [le <le-length>] [eq <eq-length>],
...
end-setWhen to Use This Command
- Filtering routes in a route-policy to match specific prefixes for redistribution.
- Creating a set of customer prefixes for BGP community tagging.
- Defining prefixes to be advertised or blocked in a BGP neighbor policy.
- Grouping prefixes for aggregate route generation or suppression.
Parameters
| Parameter | Syntax | Description |
|---|---|---|
| name | WORD | The name of the prefix-set. It must be unique within the router configuration and can contain alphanumeric characters, underscores, and hyphens. |
| prefix/length | A.B.C.D/length or X:X::X/length | The base prefix and its length. For IPv4, use dotted decimal notation; for IPv6, use colon-hexadecimal notation. The length is an integer from 0 to 32 (IPv4) or 0 to 128 (IPv6). |
| ge <ge-length> | ge <0-32> or <0-128> | Specifies the minimum prefix length to match. The prefix length must be greater than or equal to the base length and less than or equal to the le-length if specified. |
| le <le-length> | le <0-32> or <0-128> | Specifies the maximum prefix length to match. The prefix length must be less than or equal to this value and greater than or equal to the ge-length if specified. |
| eq <eq-length> | eq <0-32> or <0-128> | Specifies an exact prefix length to match. When used, the prefix length must equal this value. |
Command Examples
Basic prefix-set with exact prefixes
prefix-set CUSTOMER_PREFIXES
10.0.0.0/8,
172.16.0.0/12,
192.168.0.0/16
end-setDefines a set containing three exact prefixes. No output is shown; the set is stored in the running configuration.
Prefix-set with range matching
prefix-set RFC1918
10.0.0.0/8 ge 8 le 32,
172.16.0.0/12 ge 12 le 32,
192.168.0.0/16 ge 16 le 32
end-setMatches any prefix within the RFC1918 address blocks. The 'ge' and 'le' keywords allow matching subnets of any length within the given range.
Understanding the Output
The prefix-set command itself does not produce output; it defines a data structure used in route-policies. To verify the set, use 'show running-config' or 'show prefix-set [name]'. The 'show prefix-set' command displays the set's contents, including each entry with optional ge/le/eq qualifiers. A healthy set shows all intended prefixes correctly. Problems include missing prefixes, incorrect lengths, or syntax errors that prevent the set from being created.
Configuration Scenarios
BGP Route Filtering Using Prefix-Set
An ISP wants to filter incoming BGP routes from a customer to only accept prefixes within a specific range.
Topology
ISP-Router --- Customer-RouterSteps
- 1.Define a prefix-set that matches the customer's allocated prefixes.
- 2.Create a route-policy that uses the prefix-set to permit or deny routes.
- 3.Apply the route-policy to the BGP neighbor inbound.
!
prefix-set CUSTOMER_ALLOC
192.0.2.0/24 ge 24 le 28
end-set
!
route-policy FILTER_CUSTOMER
if destination in CUSTOMER_ALLOC then
pass
else
drop
endif
end-policy
!
router bgp 65000
neighbor 10.1.1.1
address-family ipv4 unicast
route-policy FILTER_CUSTOMER in
!
!
!Verify: Use 'show bgp neighbors 10.1.1.1 received routes' to verify that only matching prefixes are accepted.
Watch out: The prefix-set must be defined before the route-policy that references it; otherwise, the policy will fail to apply.
Troubleshooting with This Command
When troubleshooting prefix-set issues on Cisco IOS-XR, start by verifying the set's contents with 'show prefix-set [name]'. This command displays each entry and its qualifiers. If the set appears empty or missing entries, check the running configuration for syntax errors. Common issues include missing commas, incorrect prefix lengths, or using 'ge' without a base length that is shorter. If a route-policy that references the prefix-set is not working as expected, use 'show route-policy [name]' to display the policy logic and verify that the prefix-set is correctly referenced. Additionally, use 'show bgp policy' or 'show route-policy [name] detail' to see how routes are matched. For debugging, the 'debug route-policy' command can show which routes are permitted or denied. Remember that changes to a prefix-set do not automatically re-evaluate existing routes; you may need to clear BGP sessions or use 'clear route-policy' to reapply policies. On IOS-XR, prefix-sets are part of the RPL and are not directly equivalent to IOS prefix-lists; they offer more flexibility but require careful syntax.
CCNA Exam Tips
Remember that prefix-set entries are comma-separated; the last entry may optionally have a trailing comma.
Understand the difference between exact match (no ge/le/eq) and range match (ge, le, eq).
Prefix-sets are used in 'route-policy' statements with the 'if destination in <prefix-set>' condition.
Common Mistakes
Forgetting the comma after each entry (except the last) causes a syntax error.
Using 'ge' without specifying a base prefix length that is shorter than or equal to ge-length.
Confusing prefix-set with community-set or as-path-set; each has distinct syntax and purpose.
Platform Notes
Cisco IOS-XR uses prefix-sets as part of the Routing Policy Language (RPL), which is distinct from the prefix-list used in Cisco IOS. In IOS, prefix-lists are defined with 'ip prefix-list' and used with 'match ip address prefix-list'. In IOS-XR, prefix-sets are defined with 'prefix-set' and used in route-policy conditions like 'if destination in <prefix-set>'. The syntax is more flexible, allowing range matching with ge/le/eq. IOS-XR also supports IPv6 prefix-sets natively. There is no direct 'show prefix-set' equivalent in IOS; instead, 'show ip prefix-list' is used. For multi-vendor environments, note that Juniper uses prefix-lists in a similar way but with different syntax. Version differences: In earlier IOS-XR releases, prefix-sets were limited to 1000 entries; newer versions have higher limits. Always check the documentation for your specific release.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions