Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
964
Views
10
Helpful
4
Replies

Static Route to OSPF redistribution - filtering issue using route-map

Go to solution
gorai.chandan
Level 1
Level 1

‎02-09-2023 09:29 PM - last edited on ‎02-12-2023 10:11 PM by Community Manager

We are seeing an issue where route filtration is not working, when we are redistributing static routes to OSPF area0. We have some static NULL routes in our SW01-WAN, which we don't want to redistribute towards SW01-CORE, but it getting redistributed. The null routes should get filtered if there is implicit deny in the ACL and route-map. Can someone help me what is the issue with the configuration?

Config:


SW01-WAN (N7K vdc-1)
===========================
SW01-WAN# sh run | in route
ip route 10.194.0.0/17 Null0
ip route 10.194.128.0/17 Null0

router ospf 1
router-id 10.194.0.3
redistribute static route-map REDISTRIBUTE-STATIC-TO-OSPF
area 0.0.0.0 authentication message-digest
log-adjacency-changes
auto-cost reference-bandwidth 1000000
passive-interface default

SW01-WAN# show route-map REDISTRIBUTE-STATIC-TO-OSPF
route-map REDISTRIBUTE-STATIC-TO-OSPF, permit, sequence 10
Match clauses:
ip address (access-lists): REDISTRIBUTE-STATIC-TO-OSPF
Set clauses:
metric-type type-1


SW01-WAN# sh ip access-lists REDISTRIBUTE-STATIC-TO-OSPF
IP access list REDISTRIBUTE-STATIC-TO-OSPF
10 permit ip 10.194.224.0/24 any
20 permit ip 10.194.225.0/24 any





SW01-CORE (N7K vdc-2)
====================
SW01-CORE# show ip route 10.194.0.0
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.194.0.0/17, ubest/mbest: 2/0
*via 10.194.1.30, Eth5/1, [110/120], 3y19w, ospf-1, type-1
*via 10.194.1.34, Eth2/13/3, [110/120], 3y19w, ospf-1, type-1

SW01-CORE# show ip route 10.194.128.0
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

10.194.128.0/17, ubest/mbest: 2/0
*via 10.194.1.30, Eth5/1, [110/120], 3y19w, ospf-1, type-1
*via 10.194.1.34, Eth2/13/3, [110/120], 3y19w, ospf-1, type-1
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎02-10-2023 01:40 PM

Your config is correct from my view only use prefix list instead of acl.

View solution in original post

4 Replies 4

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎02-09-2023 11:46 PM

This would appear to be fairly straightforward. Your static routes are for /17 but your acl is checking for /24.

HTH

Rick
0 Helpful

Go to solution
paul driver
VIP
VIP

‎02-10-2023 09:39 AM - last edited on ‎02-12-2023 10:12 PM by Community Manager

Hello
You could try the following: 

 

ip route 10.194.0.0/17 Null0 tag 1
ip route 10.194.128.0/17 Null0 tag1

route-map REDISTRIBUTE-STATIC-TO-OSPF deny 10
match tag 1
route-map  REDISTRIBUTE-STATIC-TO-OSPF permit 99

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
MHM Cisco World
VIP
VIP

‎02-10-2023 01:40 PM

Your config is correct from my view only use prefix list instead of acl.

Go to solution
gorai.chandan
Level 1
Level 1

‎02-10-2023 09:56 PM

Thanks all for the help and suggestion.

It seems the issue is related to the below bug.

Cisco Bug: CSCtt04685

NXOS: routing redistribution route-map with ACL will allow any prefix

 

0 Helpful
Customers Also Viewed These Support Documents