cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
551
Views
0
Helpful
4
Replies

Filtering Redistribution from one OSPF Process to another?

Kgrevemberg
Level 1
Level 1

Hey guys,

 

I have a huge network infrastructure that has been setup a certain way for about 10 years with hundreds of private networks all using ospf 1 area 0 to communicate to each other. Very few static routes to a few networks not advertised by ospf.

 

We now have a link out to a public network that operates on ospf 10 area 0. My private networks are being advertised into their network. To add to the first paragraph we do have public networks in our infrastructure that are intended to communicate with the other network.

 

Will the following commands stop my router from advertising private networks into their ospf process?

 

Thanks in advance for any help you can give me!

 

 

(config)# ip access-list standard PRIV
(config-access-list)#permit 10.0.0.0 /8
(config-access-list)#permit 172.16.0.0 /12
(config-access-list)#permit 192.168.0.0 /16
(config-access-list)#deny any ??? or leave out?

 

(config)#route-map NO_PRIV deny 10
(config-route-map)# match ip address PRIV
(config)#route-map NO_PRIV permit 20 ?? to allow everything after the first sequence number? may need to leave out "deny" in access-list for this. unsure.

 

router ospf 10 
distribute-list route-map NO_PRIV out

 

*edit: there is a sub-interface connecting us. g4/0.x on my side with a /30 ip address.

4 Replies 4

Jon Marshall
Hall of Fame
Hall of Fame

 

You have already asked this question and received answers in another thread so not sure why you have opened another thread. 

 

It looks from your description like everything is in the same area and you cannot filter OSPF routes within the same area because every router must have the same set of LSAs. 

 

You can use inbound distribute lists to stop the routes being placed into the IP routing table but you would need to do this on every router you did not want to have those routes so this is probably not practical. 

Jon

The title of this post does suggest a legitimate question different from the other discussion - filtering redistribution not just filtering updates. When there are 2 OSPF processes and you redistribute from one to the other then it is possible to filter some of the routes for the receiving process. Unfortunately the content of this post does seem to be on the same track as the original post of using a distribute list in the OSPF process and not showing any redistribution.

 

HTH

 

Rick

HTH

Rick

I picked a solution from the other post. My problem is that Im learning this as I go and wasn't quite sure that I was talking about the same thing at the time. But thatnks for the help. My above solution was close to what did it for me. I just put the other interface in another process and used a route-map to block private ips distributed to it.

Thanks for the update telling us that a suggestion in the other post did point you toward a solution that works. It is subtle point, but an important one, that it is not possible to block advertisement of routes within an OSPF process. But it is possible to block routes when redistributing between OSPF processes. Glad you have found a solution.

 

HTH

 

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco