Can you please elaborate? I'd like to at least test it in GNS3. 

How do I use the distribute-list to only allow the route coming from R1?

Hi @tlxbx ,

It would look something like the following:

route-map test permit 10
match ip address prefix-list prefix1
match ip next-hop prefix-list nh1
!
ip prefix-list nh1 seq 5 permit <nexthop to R1>
ip prefix-list prefix1 seq 5 permit 1.1.1.1/32
!
router ospf xxx
distribute-list route-map test in

Regards,

I guess I am doing smth wrong because after I add distribute-list I don't see any routes under ospf

Before adding distribute-list

R5#sh ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/10001] via 192.168.0.4, 00:01:13, FastEthernet0/0
[110/10001] via 192.168.0.1, 00:01:13, FastEthernet0/0

***************************************

After

R5#sh run | s router os
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
distribute-list route-map test in

ip prefix-list nh1 seq 5 permit 192.168.0.1/32
!
ip prefix-list prefix1 seq 5 permit 1.1.1.1/32
!
route-map test permit 10
match ip address prefix-list prefix1
match ip next-hop prefix-list nh1

Hi @tlxbx ,

We should see both routes before applying the distribute-list. We only see the route coming from R4. The distribute-list will only allow the route coming from R1 to be installed in the RIB. What happened to the route coming from R1? Did you change the ospf cost for it? This would explain why we don't see it in the RIB.

Regards,

Both routes are coming in prior to the change 

O 1.1.1.1 [110/10001] via 192.168.0.4, 00:01:13, FastEthernet0/0 -->R4
               [110/10001] via 192.168.0.1, 00:01:13, FastEthernet0/0 -->R1

Hi @tlxbx ,

Sorry I had missed it. I see the routes now. You didn't provide the "show ip route ospf" after the change though. Can you please post it.

Regards,

There is nothing. It's empty. 

R5#sh ip route ospf

R5#sh ip ospf database

OSPF Router with ID (5.5.5.5) (Process ID 1)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1 0x8000000B 0x000233 2
4.4.4.4 4.4.4.4 64 0x80000005 0x0071B0 2
5.5.5.5 5.5.5.5 1086 0x80000004 0x0079B3 1

Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum
192.168.0.1 1.1.1.1 1249 0x80000003 0x00FF9D

Thanks @tlxbx . It might be related to the IOS version you are running. What is the IOS version? It works for me with 15.9(3)M4.

R1#sh ver
Cisco IOS Software, 7200 Software (C7200-JK9S-M), Version 12.4(13b), RELEASE SOFTWARE (fc3)

GNS3

Hi @tlxbx ,

The config you provided is correct and should work. This version is very old. This is probably why it is not working for you. 

Regards,

Hi @Harold Ritter 

ok I can test it on a newer version. Thank you very much for your help & guidance. Much appreciated. 

Hi @tlxbx ,

You are very welcome. Before you upgrade, please try the following, which might work with the version you are using:

access-list 199 permit ip host 192.168.0.1 host 1.1.1.1
router ospf 1
distribute-list 199 in

Regards,

Yes that works but it blocked everything else as well. So I guess we will have to deny from 192.168.0.5 and allow everything else?

R5#sh ip route os
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 192.168.0.1, 00:00:05, FastEthernet0/0

******************************

Extended IP access list 199
10 deny ip host 192.168.0.1 host 1.1.1.1 (2 matches)
20 permit ip any any (3 matches)

R5#sh ip route os
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 192.168.0.4, 00:00:04, FastEthernet0/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/65537] via 192.168.0.1, 00:00:04, FastEthernet0/0
172.16.0.0/24 is subnetted, 1 subnets
O IA 172.16.0.0 [110/65536] via 192.168.0.1, 00:00:04, FastEthernet0/0