A prefix list is a set of one or more network prefixes (CIDR blocks). You can reference prefix lists to configure network rules for other resources. You can add CIDR blocks that are frequently used to prefix lists to avoid repeatedly adding multiple rules for CIDR blocks when you configure network rules and improve O&M efficiency. Prefix lists can be referenced when you configure security group rules.

Concepts

Note The prefix list feature is available only in some regions.
Concept Description
Maximum number of entries The maximum number of CIDR blocks in a prefix list. Each entry consists of a CIDR block and a description for the CIDR block.
Address family The address family of entries in prefix lists. Prefix lists support the IPv4 or IPv6 address type. Entries in a single prefix list must belong to the same address family.
CIDR block

CIDR is an addressing scheme for the Internet that allows for IP addresses to be assigned in a more efficient manner than the traditional scheme based on classes A, B, and C. CIDR notation is used to denote IP addresses and IP ranges. It consists of an IP address and a forward slash followed by a decimal number that denotes how many bits are in the network prefix.

  • Example 1: Convert a CIDR block into an IP address range

    For example, you can convert the 10.0.0.0/8 CIDR block into a 32-bit binary IP address of 00001010.00000000.00000000.00000000. In this CIDR block, /8 represents an 8-bit network ID. The first 8 bits of the 32-bit binary IP address are fixed, and the corresponding IP addresses are from 00001010.00000000.00000000.00000000 to 00001010.11111111.11111111.11111111. After you convert the preceding IP addresses into IP addresses in the decimal format, the 10.0.0.0/8 CIDR block indicates the IP addresses from 10.0.0.0 to 10.255.255.255 with a subnet mask of 255.0.0.0.

  • Example 2: Convert an IP address range into a CIDR block

    For example, you have a range of IP addresses from 192.168.0.0 to 192.168.31.255. You can convert the last two parts of the first and last IP addresses to binary numbers from 00000000.00000000 to 00011111.11111111. The first 19 (8 × 2 + 3) bits are fixed. After you convert the IP addresses to IP addresses in the CIDR format, the corresponding CIDR block is 192.168.0.0/19.

Associated resource Other resources that reference prefix lists.

Limits

Item Limit Adjustable
Prefix lists per region within an account 100 N/A
Entries in a single prefix list 200 N/A
Associated resources of a prefix list 1000 N/A

Use scenarios

You can maintain CIDR blocks in prefix lists and reference prefix lists in the rules of other resources. When you modify the entry information in a prefix list, the modifications take effect on all rules that reference the prefix list. This eliminates the need to modify multiple entries and improves O&M efficiency.

For example, when you add a rule to a security group, you can reference a prefix list to apply the rule to all CIDR blocks in the prefix list.