So I will apply the filter-list soon.

I will use a route-map and prefix-list and "in" direction.

I guess that I need to clear ospf routing table to make filter-list work.

I found two ways to do IT.

restart ospf XXX

or

clear ip ospf neighbor neighborID vrf VRFNAME

Can I use both? I think clear each neighboor will be safer. I have 3 neighboors.

"Restarting a process may be disruptive, so this feature should be used with caution."

http://www.cisco.com/en/US/docs/switches/datacenter/sw/best_practices/cli_mgmt_guide/hw_resources.html#wp1053151

Thanks

I would clear the OSPF adj per neighbour.

If you want to clear it for all neighbours, you can use " clear IP OSPF nei *".

This is better than restarting the whole OSPF process.

########UPDATE########

Since version 6.x Cisco added a feature called table-map.

It works like distributed lists and did what I needed. We are using it already. Info at link above:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/6_x/nx-os/unicast/configuration/guide/l3_cli_nxos/l3_ospf.html#pgfId-1361896

Maybe it helps.

##########################
So to make configuration...

1) I need to make a prefix-list

ip prefix-list Filter_List_in  seq 10 permit 10.20.30.40/32
ip prefix-list Filter_List_in  seq 20 permit 10.30.20.26/32
ip prefix-list Filter_List_in  seq 30 permit 10.40.30.20/32

2) Make a route map and use prefix-list.

route-map Permit_in permit 10
match ip address prefix-list Filter_List_in

3) And apply on ospf (show run).

router ospf 10
  vrf VRFOSPF
    router-id 10.0.0.21
    network 10.20.208.21/32 area 0.0.0.0
    redistribute static route-map RM_static
    area 0.0.0.0 authentication message-digest
    area 0.0.0.0 filter-list route-map Permit_in in
    log-adjacency-changesrouter ospf 10

And clear neighbors. (IPs were changed)

When I use the show ip ospf policy...  filter in... => no match

route-map Permit_in permit 10
  match ip address prefix-list Filter_List_in        C: 0      M: 0
 
Total accept count for policy: 0
Total reject count for policy: 0

I couldn´t figure why it isnt working.

I also tried to apply the filter list going to (config t --> vrf context VRFOSPF --> router ospf 10 --> and apply the filter list).

Any Ideas?

Edited:

"To filter prefixes advertised in type 3 link-state advertisements (LSAs) between Open Shortest Path First (OSPF) areas of an Area Border Router (ABR),"

"The NX-OS does support inter-area Type-3 LSA/route filtering using the filter-list command configured under the OSPF routing instance."

We will create a ABR on nexus to apply filter-list

Thanks for help.

Hello,

you should work about RIB, filter routes before install in RIB table, for that, use table-map:

Table Map

A table map is a unique feature of NX-OS that allows the network administrator to filter routes or selectively modify the distance of the routes before the routes are sent to routing information base (RIB). The table map uses the route map to select routes based on a wide variety of parameters: metrics, level, type, next hop, outgoing interface, etc. (Figure 2).

Figure 2.      Table Map

The table-map feature is available for:

• OSPFv2 and v3
• Enhanced Interior Gateway Routing Protocol (EIGRP) v4 and v6
• Intermediate System-to-Intermediate System (IS-IS) Protocol v4 and v6
• BGP

The table map allows more scalable solutions by preserving valuable RIB memory. The table map can be used for both filtering routes and changing the route distance.

• When the table-map command is used without the filter keyword, the route map referenced in the table‑map command is used to set certain properties (such as the traffic index) of the routes for installation in the RIB. The route is always downloaded, regardless of whether it is permitted or denied by the route map.
• When the table-map command is used with the filter keyword, the route map referenced is also used to control whether or not a BGP route is to be downloaded to the RIB.

OSPF Table Map

OSPF supports a table map to filter and change the distances of IPv4 and IPv6 prefixes. This section provides a table-map configuration example for both OSPFv2 and OSPFv3.

The flowing example shows the configuration to change the OSPFv2 administrative distance for inter area routes to 150 and for external routes to 200.

The following example shows the configuration of the table-map command with the filter keyword to use a route map (Filter-OSPF) that removes the next-hop path that is learned through VLAN 10, but not the next-hop path that is learned through VLAN 20.

The table-map configuration for OSPFv3 changes the distance and filter routes and is similar to the configuration for OSPFv2. The following example uses route-map foo to change the distance of inter area routes to 150 and distance of external routes to 200.

Thanks all for your replies.

Table-map looks like the answer, i will give it a try.

Hi Jaime,

I have been able to check and this works fine.

Good luck

Filter lists can only filter type 3 LSAs.

What if I want to filter domain-wide type 5 LSAs (E routes) from the route table?

How do Cisco propose that we do that without a distribute-list?

I have a serious problem now where I need to do just this. I am forced to place the N7000 in a stub area where Type-5s cannot be propagated; this is a major design change as I'll be taking the N7k out of area 0.

Unless there's a some other way to do it?

Why this feature is not present in NX-OS is beyond me.