IP Prefix-List tricky question

A few days ago I did encounter a task in one of these preparation workbooks for CCIE R&S Lab which was very tricky. This task is not a hard one and does not require extensive knowledge (it can be a CCNP level question as well), but the way the question is formulated can create confusion.I would appreciate your comments on this topic.

The task states that I have a number of subnets from which the followings are important for
our issue:

10.4.1.4/30
10.4.2.8/29
10.4.3.16/28
10.4.4.32/27
10.4.5.64/26
10.4.6.128/25

The other present subnets are something like 10.7.x.x. I add this here just to see that it does not affect the result of this task.

The request is to configure a prefix-list following these rules:

– allow all subnets in 10.4.0.0
– as specific as possible, I should not allow other prefixes
– minimum number of prefix-lists

Considering the above one I did consider the following to be the correct answer:

ip prefix-list ONE permit 10.4.0.0/21 ge 25 le 30

However the proposed solution was:

ip prefix-list ONE seq 5 permit 10.4.0.0/22 ge 23 le 30
ip prefix-list ONE seq 10 permit 10.4.4.0/22 ge 23 le 28

Both solutions are working, nevertheless which one would be the correct one in the exam?

I asked this question on the GroupStudy List, and Maarten Vervoorn came up with a new proposal:

ip prefix-list ONE seq 5 permit 10.4.0.0/22 ge 28 le 30
ip prefix-list ONE seq 10 permit 10.4.4.0/22 ge 25 le 27

Also a good solution, but is the best solution? Hard to say. The advice that I got is that if you have such task in the lab exam to describe the issue to your proctor, explain all possible solution so he or she can see that you fully understand the multiple solutions and base on the answer pickup the best solution. I think this is the only way to solve this kind of questions. If you have other ideas, I would like to hear them.


Published by

Calin

Calin is a network engineer, with more than 20 years of experience in designing, installing, troubleshooting, and maintaining large enterprise WAN and LAN networks.

5 thoughts on “IP Prefix-List tricky question”

  1. dont know if i am being thick, but the actual solution and the solution posted by Maarten look the same to me, is that a typo?

  2. Hi,

    I think the question is whether specificity is more important than number of lines or not. 

    To be more clear, while your prefix list only has one line, it matches 10.4.0.64/26 (if my math isn’t failing me) which is not on the list. On the other hand, Maarten’s has two lines, but doesn’t match 10.4.0.64/26, hence, it’s more specific.

    The next step would be:

    10.4.1.4/30
    10.4.2.0/23 ge 28 le 29
    10.4.4.0/23 ge 26 le 27
    10.4.6.128/25

     which is even more restrictive (10.4.7 won’t match), but has four lines.

    So, my question to the proctor would be: “What’s more important: number of lines or specificity?” :)

    1. Thanks Gabriel!

      You’re 100% percent correct and this is what I wanted to point out, that in case some of the possible candidates get this kind of “grey area” questions in the exam, they should go to the proctor. Of course, you cannot go to ask if you don’t understand the question, but I guess everybody can figure this out :).

Leave a Reply to NetSecCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.