network prefix matching

Hello,

I was wondering if anybody could direct me to some resources on how IP prefix matching works, e.g. BGP using IP prefixes to transmit reachable destinations of that BGP speaker (network-layer reachability information).

I get confused with how the equality operators work (le, ge etc), for instance, what exactly does 192.168.0.0/16 less than /24 match out? The way I see it the /16 would match anything higher then 192.168.0.0 but the /24 limits it to 192.168.0.254.

Any help appreciated.

Thanks!

what exactly does 192.168.0.0/16 less than /24 match out

192.168.0.0/16 is the range on which you want to match, in other words it is anything between 192.168.0.0 and 192.168.255.255

less than /24 means that any subnet within this range and with a netmask smaller than 24 will match.

so 192.168.3.0/23 will match
but 192.168.3.0/24 won't match.

Finally, 192.168.0.0/15 won't match because it is greater than your range (192.168.0.0/16)

And hop! A small link!

Hey Krik - thanks for the explanation and link.

What you've explained makes sense - I was thinking in terms of indivdual addresses rather than subnets i.e. I figured if you are going to accept 192.168.0.0/16 it seemed odd to deny 192.168.xxx.xxx/32 when you've already accepted the entire /16 range of addresses.

However, I am a little bit confused on the whole point of the operation - I'm guessing in the context of BGP it is prudent to deny small subnets from your peers to keep your routing table down? for instance if in your peering relationship you only accept 192.168.0.0/16 le 192.168.0.0/29 you wont get your routing table hammered with a whole bunch of probably unnecessary small subnets - or even better you only accept 192.168.0.0/16 exact to consolidate all those routes into one entry in your routing table?

thanks again.