OSPF Redisribute

Aladdin0z · ‎10-07-2023

Hello all ,

Lets suppose that we have directly connected routes ,

We want to redistribute them into the ospf process except for just one subnet.

How can we accomplish this ,

I think that we can not use route filtering cuz they handle type 3 LSAs ,

Here we are talking about type 5 LSAs ,

I can ask the question in an other way,

Can we filter subnets from being redistributed into the ospf process?

M02@rt37 · ‎10-07-2023

Hello @Aladdin0z,

You can filter subnets from being redistributed into OSPF by using route maps or access lists. When redistributing routes into OSPF (or any routing protocol), you can use filtering mechanisms to control which routes are actually advertised.

In the acl match subnets permit to be redistributed through OSPF.

Apply the acl to a route-map

Apply the route-map under OSPF process: #redistribute connected/static subnet route-map <name>

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Aladdin0z · ‎10-07-2023

Pleas whats the correct syntax for ospf

David Ruess · ‎10-08-2023

You need a prefix list to define the routes and a route-map to be applied to redistribution. For your situation a good syntax could be:

If your denied network is 192.168.1.0/24 then use the below template:

ip prefix-list CONNECTED deny 192.168.1.0/24

ip prefix-list CONNECTED permit 0.0.0.0/0 le 32

route-map CONNECTED permit 10

match ip address prefix-list CONNECTED

router ospf 1

redistribute connected route-map CONNECTED

You can also set the metric type and add a tag in the route map to be able to filter or control the routes further in your network.

Hope that helps

-David

MHM Cisco World · ‎10-07-2023

Redistrubte with route map can use for lsa5.

For lsa3 I think you can use area range command not route map.

MHM Cisco World · ‎10-08-2023

I send you private message check it

Joseph W. Doherty · ‎10-07-2023

Just curious, why redistribute directly connected networks rather than use an OSPF network statement or the later OSPF interface statements? Either would easily allow which networks are included.

Possibly some reason you want directly connected routes as external routes?

paul driver · ‎10-07-2023

Hello
Not sure why you would want to redistributed connect interfaces, however if you are then the most simplistic approach will be to suppress the interface.

example:
int x/x
ip ospf prefix-suppression

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joseph W. Doherty · ‎10-08-2023

@paul driver my understanding is prefix-suppression does not apply to type 5 LSAs.

For reference: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/213404-open-shortest-path-first-prefix-suppress.html

paul driver · ‎10-08-2023

Hello @Joseph W. Doherty
My understanding mate specifying OSPF area specific on the interface negates Type-5 generation via redistributed connected as such the prefix suppression should work - apologies should have made my self a bit clearer

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joseph W. Doherty · ‎10-08-2023

If you're saying it will also suppress type 5 LSAs, that seems contrary to reference's:

OSPF prefix-suppression helps in faster Shortest Path First (SPF) calculation due to less number of prefixes in the database (DB). OSPF Type 3, Type 4, Type5, or Type 7 LSAs are not suppressed.

If I find the time, I'll lab it up in CML.

paul driver · ‎10-08-2023

Hello @Joseph W. Doherty
what i mean is applying ospf at the interface level should be prioritised over redistributed connected when both are applied

example:
int x/x
ip ospf x area x
ip ospf prefix-suppression

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joseph W. Doherty · ‎10-08-2023

Ah, gotcha.

As OP explicitly asked about redistributing connected interfaces, generating type 5 LSAs, thought you were suggesting prefix suppression for those.

Addendum:

Here's what I thought you were suggesting . . .:

int x/x
ip address 192.168.1.1 255.255.255.0
ip ospf prefix-suppression ! . . . that this would exclude 192.168.1.1/24 from being redistributed

int x/x
ip address 192.168.2.1 255.255.255.0

router ospf #
redistribute connected

paul driver · ‎10-08-2023

Hello @Joseph W. Doherty
Yes apologies for the ambiguity it wasn't intended - However I do believe it would be a lot easier then appending a whole bunch of PF and RMs just to negate a single subnet.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

David Ruess · ‎10-08-2023

Good alternate solutions provided by others as well. Another possible solution could be to shutdown the OSPF process on that interface. I would have to check my lab when I get a chance but redistributing connected and then going to the interface and issuing the ip ospf shutdown command might work. I know this works when interfaces are added with the network statement so it stands to reason it could do the same for redistributed interface routes. Will update my response if I am able to lab this up.

-David