02-09-2017 03:52 AM - edited 03-08-2019 09:15 AM
Topology
R1 – [R4] = Area 0 : process ID 1
[R4] – R6 – R7 = Area 1 : process ID 2
I have a loopback interface configured on R6 and R7 which is distributed by ABR and pingable from R1. After adding the filter list and prefix-list its still a routable path to 192.168.177.0/24 from R1. Each area has its own process ID.
Config
R6#
interface Loopback6
ip address 192.168.166.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key area1
ip ospf network point-to-point
ip ospf 2 area 1
end
R7#
interface Loopback7
ip address 192.168.177.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key area1
ip ospf network point-to-point
ip ospf 2 area 1
end
I want to filter loopback 7 from creating a LSA entering Area 0 but permit loopback 6
R4#
router ospf 1
router-id 4.4.4.10
redistribute ospf 2 subnets
router ospf 2
router-id 4.4.4.21
area 1 filter-list prefix FILTER_INTO_AREA_0 in
redistribute ospf 1 subnets
ip prefix-list FILTER_INTO_AREA_0 seq 5 deny 192.168.177.0/24
ip prefix-list FILTER_INTO_AREA_0 seq 10 permit 0.0.0.0/0 le 32
Can somebody help me understand how I can get this to work.
02-09-2017 05:38 AM
Hi,
OSPF filter lists can only be applied to an ABR and used to filter type-3 LSAs between areas.
In your configuration, as you are running two separate OSPF processes on R4 and redistributing between them, R4 will not consider itself as an ABR and the filter list will not work. As R4 is redistributing OSPF process 2 into OSPF process 1, R4 is acting as an ASBR and not an ABR and will therefore be generating a type-5 LSA for 192.168.177.0/24 in OSPF process 1.
To fix this issue you will either need to configure area 0 and area 1 under the same OSPF process on R4 and use the filter list to filter the type-3 LSA, or configure a distribute list in the outbound direction on R4 under OSPF process 1. For example
router ospf 1
router-id 4.4.4.10
redistribute ospf 2 subnets
distribute-list prefix FILTER_INTO_AREA_0 out
router ospf 2
router-id 4.4.4.21
redistribute ospf 1 subnets
ip prefix-list FILTER_INTO_AREA_0 seq 5 deny 192.168.177.0/24
ip prefix-list FILTER_INTO_AREA_0 seq 10 permit 0.0.0.0/0 le 32
12-10-2017 03:20 PM - edited 12-10-2017 03:24 PM
excellent explanations!
02-09-2017 06:58 AM
Hello
As you performing mutual redistribution on R4 then You need to filter on the redistribution point.
R4
ip prefix-list stan_pf seq 5 permit x.x.x.x/y
route-map STAN deny 10
match ip address prefix-list stan_pf
route-map STAN permit 99
router ospf 1
redistribute ospf 2 subnets route-map STAN
Or on the router originating the subnet to suppress it from being advertised
R7
int loopback 7
ip ospf prefix-suppression
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide