Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

ASR9000 , IOS XR - OSPF route filtering - missing attach points

LELAND VANDERVORT
Level 1
Level 1

‎01-25-2013 11:53 AM - edited ‎03-07-2019 11:19 AM

Hi All,

While I find IOS XR to be very powerful and flexible, especially with the RPL, I have found a few things that appear to be missing, which are completely possible under the classic IOS...

For example, performing OSPF route filtering based on the tag present in the SPF update.  While XR permits SETTING a tag in the ospf_area_out and ospf_redistribution attachpoints, it doesn't support MATCHING the tag on ospf_area_in or distribute_list_in.

There is a similar problem when matching a tag and advertising the route in BGP, using the tag to set a specific community..

In general, it appears that most attach points allow for SETTING the tag attribute, but there appear to be none (except sfp-prefix-priority) that allow MATCHING a tag that has been set elsewhere on the network.  This sounds like an omission or an oversight to me.

Take this concrete example:

Imagine a prefix 10.1.1.1 injected into the network from several different locations ("anycast" of sorts).  Each point of presence tags the route with a specific tag.  The injection is done through redistribution, and is injected with a metric type-1 external and initial metric of 4 (allowing for increase in metric across each hop through the network) 

Now, In one PoP you want to FILTER out the routes origined at a specific PoP, but not the same prefix from a different PoP.

-- classic IOS --

!

router ospf 1

  distribute-list route-map DENY_ANYCAST in

!

route-map DENY_ANYCAST deny 10

  match tag 100

!

route-map DENY_ANYCAST permit 20

!

The above works perfectly under classic IOS.

Under IOS XR, one would have thought that this could be accomplished this way:

router ospf 1

distribute-list route-policy DENY_ANYCAST in

!

route-policy DENY_ANYCAST

if tag is 40 then

   drop

else

   pass

endif

end-policy

However, this cannot be applied because the tag attribute is not valid to match in the distribute-list attach point.

Another possibility would have been

router ospf 1

  area 0

    route-policy DENY_ANYCAST in

!

(with the same policy as above)

but again, "tag" attribut is not valid to match in the ospf_area_in attach point.

I can find no work-around to this problem.  Filtering on prefix itself is not an option since it needs to be ACCEPTED from certain origins but not others.

Any logical reason why the ability to match on tag when doing route manipulation and filtering was omitted in IOS XR when it's been available for a very long time under classic IOS ???

Thanks

Leland

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic