Hi There,

OK so on my router (Router ID 192.168.240.1 ) I have bunch of statics. I'm RD'ing into OSPF using a route-map and prefix list.
 See below.

router ospf 1
 log-adjacency-changes
 area 12 range 172.27.180.0 255.255.254.0
 area 14 range 172.27.188.0 255.255.254.0
 area 15 range 172.27.178.0 255.255.254.0
 area 20 nssa no-redistribution no-summary
 area 21 nssa no-redistribution no-summary
 redistribute static subnets route-map red-test
 network 172.27.4.16 0.0.0.0 area 0
 network 172.27.240.9 0.0.0.0 area 21
 network 172.27.240.41 0.0.0.0 area 11
 network 172.27.240.93 0.0.0.0 area 22
 network 172.27.240.145 0.0.0.0 area 20

Prefix List

sh run | sec prefix
ip prefix-list 50 seq 20 permit 172.25.67.0/24
ip prefix-list 50 seq 25 permit 172.27.178.0/24
ip prefix-list 50 seq 30 permit 172.27.179.0/24
ip prefix-list 50 seq 85 permit 172.27.130.0/24
ip prefix-list 50 seq 90 permit 172.27.131.0/24
ip prefix-list 50 seq 95 permit 172.25.32.0/23
ip prefix-list 50 seq 105 permit 172.25.37.0/24
ip prefix-list 50 seq 115 permit 172.25.225.0/24
ip prefix-list 50 seq 120 permit 172.25.227.0/24
ip prefix-list 50 seq 140 permit 172.25.52.0/24
ip prefix-list 50 seq 150 permit 172.25.53.0/24
ip prefix-list 50 seq 190 permit 172.25.58.0/24
ip prefix-list 50 seq 200 permit 172.25.35.0/24
ip prefix-list 50 seq 230 permit 172.25.36.0/24
ip prefix-list 50 seq 260 permit 172.25.39.0/24
ip prefix-list 50 seq 300 permit 10.7.0.0/21
ip prefix-list 50 seq 320 permit 172.25.57.0/24
ip prefix-list 50 seq 360 permit 172.25.56.0/24
ip prefix-list 50 seq 410 permit 172.25.38.0/24
ip prefix-list 50 seq 420 permit 172.25.80.0/24
ip prefix-list 50 seq 430 permit 172.25.59.0/24
ip prefix-list 50 seq 450 permit 172.25.34.0/23
ip prefix-list 50 seq 460 permit 172.25.40.0/21
ip prefix-list 50 seq 470 permit 172.25.48.0/23
ip prefix-list 50 seq 480 permit 172.27.134.0/23
ip prefix-list 50 seq 490 permit 172.25.50.0/23
ip prefix-list 50 seq 500 permit 172.25.248.0/23
ip prefix-list 50 seq 510 permit 172.27.188.0/23
ip prefix-list 50 seq 520 permit 172.27.184.0/23
ip prefix-list 50 seq 530 permit 172.25.54.0/23

Route-Map matching the List
route-map red-test permit 10
 match ip address prefix-list 50
 set tag 509

On another router in Area 0 when I run show OSPF database - I see the external routes advertised as LSA5. See below. However, I do not see 172.25.41.0 or 172.25.42.0, 172.25.43.0 for example which should be covered by the prefix entry - ip prefix-list 50 seq 460 permit 172.25.40.0/21. All I see is the 172.25.40 network.

          Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum Tag
10.7.0.0        192.168.240.1   1252        0x80002DE0 0x00EA44 509

172.25.32.0     192.168.240.1   1252        0x80001F8F 0x00595A 509
172.25.34.0     192.168.240.1   1252        0x8000002A 0x006BCA 509
172.25.36.0     192.168.240.1   1252        0x80003660 0x004B7B 509
172.25.37.0     192.168.240.1   1252        0x80001F8F 0x002786 509
172.25.38.0     192.168.240.1   1252        0x80000835 0x001608 509
172.25.39.0     192.168.240.1   1252        0x800031B4 0x0090E3 509
172.25.40.0     192.168.240.1   995         0x8000002A 0x000B2B 509
172.25.48.0     192.168.240.1   742         0x8000002A 0x00D057 509
172.25.50.0     192.168.240.1   1504        0x80000028 0x00BE69 509
172.25.52.0     192.168.240.1   1252        0x800008C1 0x006221 509
172.25.53.0     192.168.240.1   1252        0x800054D1 0x0052D3 509
172.25.54.0     192.168.240.1   1253        0x80000026 0x00968F 509
172.25.56.0     192.168.240.1   1253        0x8000236D 0x008D2B 509
172.25.57.0     192.168.240.1   1253        0x800008C1 0x002B53 509
172.25.58.0     192.168.240.1   1253        0x80001F8F 0x003F59 509
172.25.59.0     192.168.240.1   1253        0x8000025F 0x00EBF8 509
172.25.67.0     192.168.240.1   1253        0x80001D5B 0x0029AC 509
172.25.80.0     192.168.240.1   1253        0x800002AA 0x006D17 509
172.25.225.0    192.168.240.1   1253        0x8000551B 0x0051DD 509
172.25.227.0    192.168.240.1   1253        0x8000551B 0x003BF1 509
172.25.248.0    192.168.240.1   1253        0x80000028 0x00342D 509

172.27.130.0    192.168.240.1   1253        0x80000510 0x00598E 509
172.27.131.0    192.168.240.1   1253        0x80000606 0x005F90 509
172.27.134.0    192.168.240.1   1995        0x80005078 0x0075BB 509

172.27.178.0    192.168.240.1   1253        0x8000A815 0x0052BC 509
172.27.179.0    192.168.240.1   1253        0x8000A815 0x0047C6 509

172.27.184.0    192.168.240.1   996         0x80000028 0x00DEC0 509
172.27.188.0    192.168.240.1   1253        0x80000028 0x00B2E8 509

This thread shows a frequent misunderstanding about how prefix lists work. The entry

ip prefix-list 50 seq 460 permit 172.25.40.0/21

is not an inclusive summary. When a prefix list entry specifies only a prefix and a length then it will match a single entry. To match multiple entries within a range you need to include at least one additional parameter (le or ge or both le and ge). So if you wanted all prefixes in the range you might do something like this

ip prefix-list 50 seq 460 permit 172.25.40.0/21 le 32

Or if what you want are prefixes in the range that are at least /24 you might do something like this

ip prefix-list 50 seq 460 permit 172.25.40.0/21 ge 22 le 24

For a nice discussion of how prefix lists work you might use this link

http://packetlife.net/blog/2010/feb/1/understanding-ip-prefix-lists/

HTH

Rick

Rick,

Thanks for pointing that out.

Just to clarify - In the other entries I have which may not inclusive, e.g

ip prefix-list 50 seq 300 permit 10.7.0.0/21 ge 22 le 24

ip prefix-list 50 seq 500 permit 172.25.248.0/23 le 24
ip prefix-list 50 seq 510 permit 172.27.188.0/23 le 24
ip prefix-list 50 seq 520 permit 172.27.184.0/23 le 24 

Would I need to amend to the following above for the inclusive routes to be redistributed? 

The strange thing is - I am seeing that without the le / ge commands although the routes don't show as LSA5, they do show in the routing table, e.g 

#show ip ospf database | inc 509  (these are my Typ5 LSAs)
***Omitted routes for easier read***

172.25.39.0     192.168.240.1   661         0x800031B8 0x0088E7 509
172.25.40.0     192.168.240.1   725         0x80000001 0x005D02 509
172.25.48.0     192.168.240.1   155         0x8000002E 0x00C85B 509
172.25.50.0     192.168.240.1   910         0x8000002C 0x00B66D 509
172.25.52.0     192.168.240.1   661         0x800008C5 0x005A25 509
 

Note it doesn't show 172.25.41.0 but I do the following it is indeed being RD'd via the prefix list.

#show ip route 172.25.40.0
Routing entry for 172.25.40.0/21
  Known via "ospf 1", distance 110, metric 20
  Tag 509, type extern 2, forward metric 1
  Last update from 172.27.4.16 on Vlan1, 00:14:31 ago
  Routing Descriptor Blocks:
  * 172.27.4.16, from 192.168.240.1, 00:14:31 ago, via Vlan1
      Route metric is 20, traffic share count is 1
      Route tag 509

I am puzzled at a couple of things in your response. When you say

entries I have which may not inclusive, e.g

ip prefix-list 50 seq 300 permit 10.7.0.0/21 ge 22 le 24

that would be an inclusive entry. The important concept is that an entry without either le or ge will match only the specified prefix and an entry with either le or ge or with both will be inclusive.

One thing that has been missing in this discussion is information about the static route entries. It would help if you would supply some details, for example what is the exact static route for 172.25.40.0 (especially what mask is used with it) and are there specific static routes for 172.25.41.0?

HTH

Rick

Hi Rick,

Static entries on my router representing those specific routes in the prefix list -

ip route 10.7.0.0 255.255.248.0 Tunnel25

ip route 172.25.40.0 255.255.248.0 Tunnel25

I have no other routes that would include any of the addresses above. Only these 2 statics.

I have represented these with the prefix entries which I hoped would RD the lot of addresses (but now I've learnt this is not the case)

ip prefix-list 50 seq 300 permit 10.7.0.0/21
ip prefix-list 50 seq 460 permit 172.25.40.0/21

I want to RD all addresses that fall within my /21 mask for each of my statics so -

10.7.0.0 - 10.7.7.255

172.25.40.0 - 172.25.47.255

Is it possible to achieve what I'm aiming to do? Using prefix list - RD all the addresses that fall within my /21 entries.
 

Thanks for the additional information. But it still leaves me being confused about your question. If there is a static route for 172.25.40.0 and no static route for 172.25.41.0, or 172.25.42.0, or 172.25.43.0 then why would you expect to see entries in the OSPF data base (or in the routing table for that matter) for those networks?

You have a single static route that covers that range of addresses. That one static route matches a statement in your prefix list and so that route is redistributed into OSPF. Now the OSPF neighbors should have a single entry in their route tables (and in their OSPF database) that covers that range of addresses.

It looks to me like your prefix list and your redistribution are doing what they should and that they are working. If you still think that there is a problem then please help me understand what you believe is not working.

HTH

Rick

If you use the command

sh ip ospf data external

then the output should include the netmask of the prefix.

HTH

Rick