I have some doubts about distribute-list command in OSPF process :
We have done following conf:
Static routes :
ip route 192.168.1.0 255.255.255.0 10.1.1.1
ip route 192.168.2.0 255.255.255.0 10.1.1.2
router ospf 100
network 172.16.1.0 0.0.0.255 area 0
distribute-list 50 out static
access-list defined for (192.168.2.0 /24 network )
access-list 50 permit 192.168.2.0 0.0.0.255
With this configuration will OSPF process redistribute only the subnet defined in the access-list-distribute-list combination. That is in this case 192.168.2.0 /24 will be allowed. Even though there is a static route for the network 192.168.1.0 / 24 it will not be redistribued by OSPF process to it's neighbors?
Any experience please share.
Thanks in advance.
By issuing redistribute static, all static routes will be redistributed into OSPF (btw, you should use the subnets keyword).
If you want to prevent 192.168.1.0/24 redistributed into OSPF, you must use a route-map in the redistribution process.
The distribute-list out does not work on OSPF as it works in EIGRP or RIP as the LSAs can't be filtered. You could use distribute-list in on the receiving router to prevent those routes from entering the RIB but they won't be filtered in the OSPF database. If the receiving router advertises to other downstream routers, they will have the route in RIB and the OSPF database. The transit router (the one with the distribute-list in) will blackhole this route(s). This can potentially create a problem in your design and that's the reason why distribute-list in|out is not recommended in OSPF designs.