# max-len filter

## What is a max-len filter?
By default, a prefix can be divided into any number of /64 blocks. By a `max-len` one can define the maximum size of a prefix of a subnet. For example, if you want to divide your subnet into /56 blocks, you can set the `max-len` to 56. This will filter all larger prefixes (e.g. `/60` or `/64`) from that subnet.

## Why is this important?
The principle of [longest prefix match](https://en.wikipedia.org/wiki/Longest_prefix_match) applies. This means that the largest and thus most accurate prefix is always selected. If an attacker now wants to hijack an IP address, one can propagate a larger prefix that contains the IP address. This means that the packets are now forwarded to them instead of the actual operator of the prefix. To fend off such attacks, it is necessary to filter more accurate prefixes. However, since each operator wants to propagate a different prefix size, the `max-len` can be set in the entitydb. If no `max-len` is specified, 64 is assumed.

## Where do I have to enter this in the edb?

```
"route": {
  "<subnet>/48": {
    "description": "<descr>",
    "max-len": "<max-len>",
    "device": {
      "<device>": { }
    }
  }
}
```
Under `route`/`IP-Address` you create an attribute `max-len` of type string with the maximum length like `56` or `48`.