Solved: Hi Rolf, actually the

david · ‎09-12-2015

If I wanted to advertise a summarized route such as 10.15.0.0/19, but wanted to exclude a couple subnets from that summarization such as 10.15.10.0/24 and 10.15.11.0/24, what would be the best way to accomplish?

Thanks!

Peter Paluch · ‎09-12-2015

Dear friends,

Please allow me to join.

David, when you advertise a network of 10.15.0.0/19, you explicitly claim to have the reachability toward the entire address range covered by this network, starting at 10.15.0.0 and going all the way through 10.15.31.255, inclusive. That is the meaning of advertising any network, including a summary network - to claim that all addresses within this network can be equally and uniformly reached through you.

There is in fact no way to advertise a network with a couple of "holes punched in". In IP networking, a network address is always considered as a contiguous and complete set of addresses within it.

Perhaps you could explain why you want to do this in the first place.

Best regards,
Peter

View solution in original post

Reza Sharifi · ‎09-12-2015

Summerization takes place before you can apply a filter to block these subnets

Have a look at this document:

1.2) The intra-area routes are summarized PRIOR to applying the distribute-list filter and blocking the routes from entering the RIB. This is needed to allow for generation of a summary route, even if you don’t want the specific prefixes in the local RIB and calculate the correct metric if needed. Thus, even though OSPF walks over the RIB to gather the intra-area prefixes for summarization, it does so BEFORE applying the filter. The ultimate goal is making summarization the highest priority task, in order to increase network stability.

http://blog.ine.com/2009/08/17/ospf-route-filtering-demystified/

HTH

Rolf Fischer · ‎09-12-2015

Hi David,

when you say "exclude some subnets from summarization" you mean advertising a summary route into area X plus some more specific subnets?

If so, you could do something like that:

router ospf 1
 area 0 range 10.15.10.0 255.255.255.0
 area 0 range 10.15.11.0 255.255.255.0
 area 0 range 10.15.0.0 255.255.224.0

! routing table in the other area:
O IA    10.15.0.0/19 [110/65] via 172.16.45.5, 00:05:50, Serial0/1
O IA    10.15.11.0/24 [110/65] via 172.16.45.5, 00:05:06, Serial0/1
O IA    10.15.10.0/24 [110/65] via 172.16.45.5, 00:05:31, Serial0/1

HTH

Rolf

david · ‎09-12-2015

Hi Rolf, actually the opposite. Advertise a summary route, but exclude a couple subnets within that summary.

10.15.0.0/19 would cover 10.15.1.0 through 10.15.31.254, but I do not want to advertise 10.15.10.0/24 or 10.15.11.0/24. I guess I could skip the summary, but that would lead to a messy route table.

Peter Paluch · ‎09-12-2015

Dear friends,

Please allow me to join.

David, when you advertise a network of 10.15.0.0/19, you explicitly claim to have the reachability toward the entire address range covered by this network, starting at 10.15.0.0 and going all the way through 10.15.31.255, inclusive. That is the meaning of advertising any network, including a summary network - to claim that all addresses within this network can be equally and uniformly reached through you.

There is in fact no way to advertise a network with a couple of "holes punched in". In IP networking, a network address is always considered as a contiguous and complete set of addresses within it.

Perhaps you could explain why you want to do this in the first place.

Best regards,
Peter

david · ‎09-12-2015

Good stuff Peter, thanks for the clarification!

They apparently do not want those subnets advertised due to security concerns. I can break it into smaller summarizations and/or just advertise the individual networks.

Thanks Guys!

Rolf Fischer · ‎09-12-2015

I see. Well, by default, only the summary is advertised, not its components.

But you can advertise additional summaries with greater masks within that range as well, like shown in the example.

OSPF - how to block some subnets from summarized advertisement?