IPv4 Prefix List
Configure IPv4 prefix lists.
Diagram
Classes
policy_objects (sdwan)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ipv4_prefix_lists | List | [ipv4_prefix_lists] | No |
ipv4_prefix_lists (sdwan.policy_objects)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[A-Za-z0-9-_]{1,128}$ | Yes | |
| entries | List | [entries] | Yes |
entries (sdwan.policy_objects.ipv4_prefix_lists)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| prefix | IP | Yes | ||
| le | Integer | min: 0, max: 32 | No | |
| ge | Integer | min: 0, max: 32 | No |
Examples
Example-1: IPv4 Prefix Lists for Traffic Filtering in SD-WAN
In an SD-WAN deployment, IPv4 prefix lists are used to define allowed or denied network prefixes for traffic filtering, route control, and policy-based forwarding. This use case defines a policy object that includes two IPv4 prefix lists: AllowedPrefixes and RestrictedPrefixes. The AllowedPrefixes list includes specific subnets that are permitted for routing, ensuring business-critical applications and trusted networks have access. The RestrictedPrefixes list contains prefixes that should be filtered or have limited access, providing security by blocking unwanted traffic. The optional ge (greater than or equal to) and le (less than or equal to) parameters define subnet matching rules, allowing for fine-grained control over prefix filtering.
sdwan:
policy_objects:
ipv4_prefix_lists:
- name: AllowedPrefixes
entries:
- prefix: 192.168.10.0/24
- prefix: 10.0.0.0/8
le: 24
- prefix: 172.16.0.0/16
ge: 20
- name: RestrictedPrefixes
entries:
- prefix: 198.51.100.0/24
- prefix: 203.0.113.0/24
le: 30