This document provides a sample configuration on how to use area <> filter-list command. This feature was introduced in IOS release 12.0(15)S and is used for filtering LSA type 3 only. This filter can be used to filter type 3 LSA coming into an area, going out of an area or both.
It is assumed that a person reading this document is familiar with Ospf.
For this document 3700 Series router with IOS 12.4(18) loaded in it.
The configuration files are attached with this document.
For this example we will take network attached to loopback 1 (188.8.131.52/24) and filter that out in a way that routers in Area 1 don't see it.
Before we start applying filters lets take a look at routing table of R2 and R3:
From Router R2:
And, we can surely see network 184.108.40.206. Now, to make sure that we have it on Router R3 as well, lets have a look at its routng table:
and, its there as well.
Now for filtering network 220.127.116.11 from area 1 we need to perform two tasks
We first need to configure a prefix-list which will filter this particular network out.
Second, we need to apply that filter
This will be done at router R2, which is the ABR for Area 1.
For step 1, we will create a prefix-list which will filter net 18.104.22.168/24 and permit all others:
For step 2, we will apply this filter:
We can also apply the same filter in out direction but then we would have to do it on Area 0 as this is the area from which this network is advertised out.
Lets see the routing table of Router R3:
We surely don't see 22.214.171.124 network on R3. And, to prove that R2 is not sending type 3 LSA for this network in area 1, lets see the database for 126.96.36.199 network on R2:
Hello,I am working with ASR-920-12CZ's and am in the process of updating the IOS in dozens of 920's. Recently I have ran into a batch where the USB MEM port is not recognizing my memory stick and have to resort to updating the IOS over tftp. That wo...
I currently have a route-map in that goes through an access list and if you match the ACL the next-hop is something different then the gateway of last resort. If I want something to go the default route, I just deny the ip on the ACL. No...
I'm currently using PI 3.9 Patch 1, to send an interactive command to all my switches (9300 & 3850) but it fails every time. I usually have less issues when I perform "install remove inactive" on all my switches before upgrading them with prime. I was...
Hey forums, so I have a situationI used to be able to SSH connect from my Catalyst to my Nexus, doing like a nested SSH situationAfter I updated the Nexus to the version 8.4.2, when I attempt to access the Nexus, it closes my Catalyst SSH sessionI am sure...