filter ospf routes

Unanswered Question
Jun 21st, 2008
User Badges:

dear all,


i am facing the problem with ospf routeing in my network, my senario is like this


site A wanrouter -> nortel passport --wan-----> nortel passport---> lan router

site b wanrouter -> nortel passport --wan-----> nortel passport-->lan router


wanrouters and nortel passports running ospf currently.. i want block all the ospf routes reciveing from nortel passports to my wan router...


what is best way to achive this


any help highly appreciated


thanks


sunil

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (3 ratings)
Loading.
guruprasadr Sat, 06/21/2008 - 08:12
User Badges:
  • Gold, 750 points or more

HI Sunil, [Pls Rate if HELPS]


Best way to acheive this is, add the Interface that is connected to the Nortel Passport Equipment as Passive Interface.


Under OSPF Process, make the Interface as Passive Interface that is connected to the Nortel Passport.


Hope I am Informative.


Best Regards,


Guru Prasad R

Edison Ortiz Sat, 06/21/2008 - 08:35
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

You can't filter intra-area routes in OSPF, you are only allowed to filter inter-area routes (LSA Type-3 filtering) and external routes.


If your requirement calls for OSPF route filtering, you must redesign your OSPF areas.


HTH,


__


Edison.

waleed_amer Sun, 06/22/2008 - 13:45
User Badges:

Hi Edison,


we can't filter outbound intra-area routes because we can't filter LSA type 1&2 (topology info not routes) but we can filter inbound by filtering routes after receive it on the topology table and before install it into the routing table and we can do this by: distribute-list 1 in Ethernet0/0 under OSPF process and access-list 1 permit x.x.x.x x.x.x.x


Regards,W.Amer

Edison Ortiz Sun, 06/22/2008 - 14:03
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

If you go that route, any downstream OSPF neighbor will also need a distribute-list for the same routes. They will receive the LSAs and they will install those LSAs in their routing table.


That's the reason it's not recommended to use distribute-list in an OSPF network. It creates some odd behavior which can be really difficult to troubleshoot.


__


Edison.

sunilferrao Mon, 06/23/2008 - 00:35
User Badges:

Thanks Edision for your veiw.

my idea is move this site to 2nd site in BGP and run redistribution Bgp to ospf

but i have some back door link in ospf , which causing traffic not going through Bgp , its taking Prepared path from ospf because of specific routes comming from ospf.

any best way to route the traffic comming from ospf to bgp and go out


thanks

sunil

Edison Ortiz Mon, 06/23/2008 - 04:49
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Sunil,


If OSPF is preferred due to those routes having a longer mask than the ones from BGP, then the only solution is to summarize the OSPF routes so they can be identical to the BGP routes. With identical routes, then the Administrative Distance between the routing protocols will take precedence.


However, summarization in OSPF only takes place when going from one area to another area (area range command) or when going from an external routing protocol into OSPF (summary-address command).


HTH,


__


Edison


Please rate helpful posts


sunilferrao Mon, 06/23/2008 - 19:05
User Badges:

Hi edision,


the problem is i having same are 3 for same subnet.behind passport lan i am using 10.132.130.0/22 subnet and from bgp i am advertising 10.0.0.0/8 , redundant passports having intera are routes and its taking all best path via ospf to site A

my gold partner advised to move both sites together to BGP, so avoide back door link problems , everything will redistribute via bgp to ospf.

in this senario my worry is how we load balance the traffic comming from 10.132.130.0/22 to site A (prod) and Site B (dr).


Edison Ortiz Mon, 06/23/2008 - 19:59
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Since you are advertising 10.0.0.0/8 via BGP and 10.132.130.0/22 via OSPF, OSPF will be the dynamic routing protocol of choice for the 10.132.130.0/22 network (longer mask).


OSPF supports load balancing over equal cost so I don't understand what's the problem here.


__


Edison.

sunilferrao Tue, 06/24/2008 - 19:13
User Badges:

hi Edison,


Thanks for your all help. i am going to implement this after two weeks ... lets see how it goes .


thanks

sunil

Actions

This Discussion