The key to remembering how this works is this: le = less than or equal to
ge = greater than or equal to A couple of examples will help clarify the issue. Let's say you want to allow anything from 172.16.0.0/16 with a mask of 23 bits or greater: ip prefix-list FOO seq 5 permit 172.16.0.0/16 ge 23 That seems fairly clear. Now, to answer your question, would it make sense to have a ge value less than len. Let's create an incorrect list as an example: ip prefix-list BAR seq 5 permit 192.168.50.0/24 ge 16 Since your IP/Mask combination is already longer than 16, does it make any sense at all to then add 'ge 16' ? If your original IP/Mask is 24, what happens to prefixes with masks in the 16-23 bit range? You've already exluded them so a more sensible ge value would always be greater than the len value. I hope that makes sense. As usual, I need more coffee this morning. Regards, John >>> "Matthew Webster" 7/29/02 10:30:27 PM >>> Hi all, I am in chapter 9 of the "Cisco CCNP Routing Exam Certification Guide". On page 473, my understanding of the le and ge parameters is that you specify a lower-bound prefix with the keyword "ge" and an upper bound prefix with the keyword "le". This is fine, except for the life of me I can't understand the condition they state: len < ge-value < or = le-value < or = 32 All of it is fine, except the first bit: "len < ge-value". I thought the len was the prefix length of the network being permitted or denied and therefore it (to be either permitted or denied) should be above the lower bound, not below the lower bound...i.e. ge-value < len < = le-value < = 32 Any help greatly appreciated. cheers, Matthew. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=50129&t=50091 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]