cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
954
Views
0
Helpful
6
Replies
nvanhaute
Beginner

filtering outbound ospf

hi

I try to find a solution to my issue :

I have an ospf area (0) with several routers and what I need is to deny "relaying" routes.

Let's say I have :

R1 <==> R2 <==> R3 <==> R1

all are in area0

if the link R1<==>R3 is broken, I don't want that R1 goes to R2 to join R3

I know in ospf all routers have the same database but maybe I could hide route... and in this case, I could hide on R1 routes to go to R3 by R2 ?

If it's possible, I have to "filter" on R1 automaticaly and not with ACLs

if you have an idea, that would be great

regards

Niko

6 REPLIES 6
Varun Uniyal
Beginner

The database on all routers in a single area needs to be the same not the routing table,

On R1 apply :

distribute-list 199 in interface

This way R1 will never learn R3 from R2.

Let me know if it works.

sorry not possible for me to do that (I knew this technic) :

- in reality, I'm in a full meshed VPN that uses ospf inside tunnel to exchange all routes between all routers

- I have about 50 routers and for each around 20 networks

- my request is to disable on routers to relay routes learned from an other router

=> I think you see it's not possible for me to do that with ACL

Righ now I just use ACLs to deny source being other things that own routes from router, problem is that packet is received and dropped whereas I would like never been sent.

is there any solution ?

regards

Nicolas

Unfortunately outbound route-filtering only works for inter-area/external routes.The command distribute-list out works only on the routes being redistributed by the Autonomous System Boundary Routers (ASBRs) into OSPF. It can be applied to external type 2 and external type 1 routes, but not to intra-area and interarea routes.So unless you can divide your OSPF domian into multiple areas or find a way to make each advertising router an ASBR it's not possible.

there is no way to filter on metric ?

eg : do not show route if metric is higher than X ?

regards

Niko

Not by metric but by distance and that too only inbound.

Distance 255    0.0.0.0 199

What we are doing is setting distance of all routes matching on ACL 199 and received from source A.B.C.D to 255 which is unreachable.