Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
6
Replies

Ospf-distribute-list

ccobtn
Level 1
Level 1

‎06-23-2005 02:10 AM - edited ‎03-03-2019 09:52 AM

Hi,

We have two networks with overlapping ip address and we are using ospf for routing protocol. This is what the network looks like;

local-proxy

|

r3

|

C--r2--wan--r1--- corpnet-Proxy

The proxies have overlapping ip address. Due to restriction we cannot change ip addressing scheme. To overcome this problem I have set ospf cost of r1 to higher then r3 so that when customer access proxies the local router-r2 will select route learn via r3 and route request to local-proxy, the problem is that this is then advertise back into the ospf and r1 now has two routes for same network hence we have loop. I try filter 172.16.20.x learn from r3 from being updated into wan but doesn’t work.

Here is my filter

Both proxy-corpnet and local proxy have 172.16.20.0/24 network

Router-2-config

access-list 10 deny 172.16.20.0

!

router ospf 20

distribute-list 10 out

So now the router r2 should not advertise 172.16.20.0 net back into r1 through wan. But this is not happing, it’s still advertising 172.16.10.0 to r1

Any help ?

Regards

Labels:
0 Helpful
6 Replies 6

stephtchoko
Level 3
Level 3

‎06-23-2005 02:56 AM

Please apply access-list 10 deny 172.16.20.0

access-list 10 permit any

and verify your access-list matching , with "show access-list 20".

Best regards

0 Helpful

ccobtn
Level 1
Level 1
In response to stephtchoko

‎06-23-2005 03:38 AM

Hi,

Applied the changes but still same problem.

Regards

0 Helpful

m.lammerse
Level 1
Level 1

‎06-23-2005 03:37 AM

Filtering OSPF updates can be tricky. Since all OSPF routers are supposed to have an identical view of the network, OSPF LSAs are flooded throughout the network. What happens here, is that an LSA update from r3 is sent through r2 to r1. The distribute-list on r2 doesn't have any effect on how r1 perceives the network.

Check this:

http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml#q12

The only way to prevent the 172.16.20.0 network from ending up twice in the routing table , is to either block it at the orginating router or filter it from the routing table of the destination router.

HTH

Marcel

0 Helpful

ccobtn
Level 1
Level 1
In response to m.lammerse

‎06-23-2005 04:26 AM

Hi,

thanks for your advice, i read url link you posted and this is the problem;

"The command distribute-list out works only on the routes being redistributed by the Autonomous System Boundary Routers (ASBRs) into OSPF. It can be applied to external type 2 and external type 1 routes, but not to intra-area and interarea routes".

so what i have done is now i'm running rip between r3 and r2 instead of ospf. Now r2 will select routes via r1 since ospf has low metric then rip, however because routes learn from r2 is E1, i have increase E1 distance to 200 so r2 will now select routes via rip and if the link goes down between r3 and r2, than it will select routes from r1.

Regards

0 Helpful

stephtchoko
Level 3
Level 3
In response to ccobtn

‎06-23-2005 06:08 AM

Good,

There is a solution to filter a ospf routing table in intra area ??

Best regards.

0 Helpful

ccobtn
Level 1
Level 1
In response to stephtchoko

‎06-23-2005 06:49 AM

Interesting, what is the solution?.

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card