On Sun, Sep 14, 2014 at 04:19:42PM -0500, Jimmy Hess wrote:
On Sat, Sep 13, 2014 at 5:33 AM, Tarko Tikan <tarko@lanparty.ee> wrote:
2000::/64 has nothing to do with it.
Any address between 2000:0000:0000:0000:0000:0000:0000:0000 and 23ff:ffff:ffff:ffff:ffff:ffff:ffff:ffff together with misconfigured prefix length (6 instead 64) becomes 2000::/6 prefix.
It should be rejected for the same reason that 192.168.10.0/16 is invalid in a prefix list or access list.
RTR(config)#ip prefix-list TEST permit 192.168.10.0/16 RTR(config)#do sho ip prefix-list TEST ip prefix-list TEST: 1 entries seq 5 permit 192.168.0.0/16 This isn't surprising to people who've been using IOS for a while ...
Any decent router won't allow you to enter just anything in that range into the export rules with a /6, except 2000:: itself, and will even show you a failure response instead of silently ignoring the invalid input, for the very purpose of helping you avoid such errors.
Well, unfortunately, a lot of us have (as you define the term) indecent routers. RTR(config)#ipv6 prefix-list TEST permit 2000:1111::/6 RTR(config)#do sho ipv6 prefix-list TEST ipv6 prefix-list TEST: 1 entries seq 5 permit 2000::/6
2001::1/6 would be an example of an invalid input -- there are one or more non-zero bits listed outside the prefix, or where bits in the mask are zero.
Only 2000:0000:0000:0000:0000:0000:0000:0000/6 properly conforms, not just "any IP" in that range can have a /6 appended to the end.
-- Brett