cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2853
Views
0
Helpful
2
Replies

ASR9000 , IOS XR - OSPF route filtering - missing attach points

Hi All,

While I find IOS XR to be very powerful and flexible, especially with the RPL, I have found a few things that appear to be missing, which are completely possible under the classic IOS...

For example, performing OSPF route filtering based on the tag present in the SPF update.  While XR permits SETTING a tag in the ospf_area_out and ospf_redistribution attachpoints, it doesn't support MATCHING the tag on ospf_area_in or distribute_list_in.

There is a similar problem when matching a tag and advertising the route in BGP, using the tag to set a specific community..

In general, it appears that most attach points allow for SETTING the tag attribute, but there appear to be none (except sfp-prefix-priority) that allow MATCHING a tag that has been set elsewhere on the network.  This sounds like an omission or an oversight to me.

Take this concrete example:

Imagine a prefix 10.1.1.1 injected into the network from several different locations ("anycast" of sorts).  Each point of presence tags the route with a specific tag.  The injection is done through redistribution, and is injected with a metric type-1 external and initial metric of 4 (allowing for increase in metric across each hop through the network) 

Now, In one PoP you want to FILTER out the routes origined at a specific PoP, but not the same prefix from a different PoP.

-- classic IOS --

!

router ospf 1

  distribute-list route-map DENY_ANYCAST in

!

route-map DENY_ANYCAST deny 10

  match tag 100

!

route-map DENY_ANYCAST permit 20

!

The above works perfectly under classic IOS.

Under IOS XR, one would have thought that this could be accomplished this way:

router ospf 1

distribute-list route-policy DENY_ANYCAST in

!

route-policy DENY_ANYCAST

if tag is 40 then

   drop

else

   pass

endif

end-policy

However, this cannot be applied because the tag attribute is not valid to match in the distribute-list attach point.

Another possibility would have been

router ospf 1

  area 0

    route-policy DENY_ANYCAST in

!

(with the same policy as above)

but again, "tag" attribut is not valid to match in the ospf_area_in attach point.

I can find no work-around to this problem.  Filtering on prefix itself is not an option since it needs to be ACCEPTED from certain origins but not others.

Any logical reason why the ability to match on tag when doing route manipulation and filtering was omitted in IOS XR when it's been available for a very long time under classic IOS ???

Thanks

Leland

2 REPLIES 2
Beginner

Leland, I had this problem as

Leland,

 

I had this problem as well.  What we discovered was that we needed to be on recent code and the command structure should be:

route-policy IGNORE-RANDOM-TAG
  if (tag eq RANDOM-TAG) then
    drop
  else
    pass
  endif
end-policy
 

router ospf XXX
 vrf intranet
 area 0
   distribute-list route-policy IGNORE-RANDOM-TAG in
 

 

I know this is serious thread necromancy, but hope this helps.

 

Highlighted
Beginner

How recent is recent?  I'm

How recent is recent?  I'm using an ASR 9001 with XR 5.1.2, and I'm getting the error:

 

vrf TEST
 address-family ipv4 unicast
  export to default-vrf route-policy TEST-to-global
!!% Could not find entry in list: Policy [TEST-to-global] uses the 'tag' attribute. There is no 'tag' attribute at the bgp interafi-export attach point

Bitwrangler for FirstLight Fiber Corp
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards