Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5457
Views
0
Helpful
7
Replies

IOS-XR OSPFv2 Distribute-list with ACL

CC11
Level 1
Level 1

‎02-09-2011 07:53 PM

Hi

Recently, i encounter an problem on using Distribute-list with ACL in IOS-XR OSPFv2.

I am trying to filter a single route 10.10.0.0/16 with the following ACL,

10 deny ipv4 10.10.0.0/16 any

20 permit ipv4 any any


which deny 10.10.0.0/16 and longer prefix but not the exact route,

and then I tried the IOS style of using extended ACL in distribute-list

10 deny ipv4 host 10.10.0.0 host 255.255.0.0
20 permit ipv4 any any

which didn't deny at all, any suggestions?

Thanks in advance.

Chris

Labels:
0 Helpful
7 Replies 7

Varun Uniyal
Level 1
Level 1

‎02-09-2011 08:13 PM

is distribute-list applied inbound or outbound?

outbound distribute-list does not work with ospf.

0 Helpful

CC11
Level 1
Level 1
In response to Varun Uniyal

‎02-09-2011 08:16 PM

It is inbound.

0 Helpful

Laurent Aubert
Cisco Employee
Cisco Employee
In response to CC11

‎02-10-2011 12:13 AM

Hi Chris,

Prefix-list is not supported in this case so I would say what you see is expected. If this subnet is learned as a LSA Type 3, you could use the route-policy command instead to filter it.

HTH

Laurent.

0 Helpful

CC11
Level 1
Level 1
In response to Laurent Aubert

‎02-13-2011 07:50 PM

Hi Laurent

it is not a LSA Type 3 route, any other way to filter it from update to the routing table?

Thanks

Chris

0 Helpful

Laurent Aubert
Cisco Employee
Cisco Employee
In response to CC11

‎02-14-2011 10:20 AM

I checked the distance command but it's also based on ACL so it will not helped either. For now I would say you can't do it.

I know a feature request has been made to have prefix-list support with distribution-list but there is no plan to add it so you could work with your cisco account team if you really need this feature.

Sorry for not being more helpful.

Laurent.

0 Helpful

CC11
Level 1
Level 1
In response to Laurent Aubert

‎02-16-2011 02:58 AM

Hi Laurent,

Thanks.

Chris

0 Helpful

Carlos T
Level 1
Level 1
In response to CC11

‎01-11-2012 08:22 AM

Hi,

Dont have a lab yet, but according to the following link, it is possible to use prefix-set, route-policy and filter inbound within the ospf process directly, instead of using the command "distribute-list" as usually done with IOS.

Examples

The following example shows how to specify an OSPF route policy for inbound routes in area 0:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# router ospf 109

RP/0/RP0/CPU0:router(config-ospf)# area 0

RP/0/RP0/CPU0:router(config-ospf-area)# route-policy area0_in in

http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.7/routing/command/reference/rr37ospf.html#wp1544366

In the example, they dont show the config of the route-policy "area0_in", but seems, it could be matching routes using prefix-set and have the desired effect, of filtering inbound only a subset of routes matching the prefix set length.

0 Helpful
Customers Also Viewed These Support Documents