cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
25288
Views
10
Helpful
18
Replies

OSPF Static Route redistribution to one neighbor?

james.bastnagel
Level 1
Level 1

I want to distribute some static routes to an OSPF neighbor on the same subnet, but only that one neighbor--I have two other neighbor relationships. Is there a way to redistribute static routes to only one neighbor--with a route-map maybe, or another way?

Thanks,

James

18 Replies 18

Jon Marshall
Hall of Fame
Hall of Fame

james.bastnagel wrote:

I want to distribute some static routes to an OSPF neighbor on the same subnet, but only that one neighbor--I have two other neighbor relationships. Is there a way to redistribute static routes to only one neighbor--with a route-map maybe, or another way?

Thanks,

James

James

Yes, you use a route-map to do this ie.

ip route 192.168.5.0 255.255.255.0 172.16.10.1

ip route 192.168.6.0 255.255.255.0 172.16.10.1

ip route 10.5.1.0 255.255.255.0 172.16.10.1

you only want to redistribute the 10.5.1.0/24 route

router ospf 10

redistribute static subnets route-map OSPF

access-list 10 permit 10.5.1.0 0.0.0.255

route-map OSPF permit 10

match ip address 10

Jon

Hello Jon,

James would like to advertise the external route to a specific neighbor only.

It is a different matter with a negative answer for link state nature of OSPF

Hope to help

Giuseppe

giuslar wrote:

Hello Jon,

James would like to advertise the external route to a specific neighbor only.

It is a different matter with a negative answer for link state nature of OSPF

Hope to help

Giuseppe

Giuseppe

I am a little confused. James's request was can you redistribute static routes to some neigbors and not others. I have just labbed it up and you can indeed do this with a route-map.

Are we talking about the same thing ?

Jon

Hello Jon,

let's read again original post:

>> I want to distribute some static routes to an OSPF neighbor on the same subnet, but only that one neighbor--I have two other neighbor relationships. Is there a way to redistribute static routes to only one neighbor--with a route-map maybe, or another way?

my understanding is that James would like to distribute some static routes but only to one neighbor on a LAN segment and not to other OSPF neighbors.

Your test is good in filtering what static routes should be injected in the OSPF domain, but it cannot achieve the desired result to send these external routes only to specific OSPF neighbor and not to others the OSPF LSAs is flooded out in the whole domain.

Only way would be to use a distribute-list to avoid installation of undesired route but it has to be done on the two neighbors that should not install the routes.

But this is not usually considered best practice.

Hope to help

Giuseppe

So I could distribute the static routes, but apply a filter of some sort to

my ASA so it doesnt use the routes that are distributed? is that accurate?

On Wed, Feb 3, 2010 at 12:35 PM, giuslar

Hello James,

distribute-list can be used in a regular router.

On ASA it should be checked against ASA config reference.

The command is present since ver. 7.2

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/d2.html#wp1951054

Note: Be aware that the distribution list will not block LSA propagation so the same distribution list should be implemented on ALL devices downstream the ASA or a routing black hole would be formed (this is why it is not best practice : it is not scalable in a big scenario)

this is because the filter acts on the IP routing table and not on the OSPF database

Again, I would try to implement PBR instead if possible.

Hope to help

Giuseppe

giuslar wrote:

Hello Jon,

let's read again original post:

>> I want to distribute some static routes to an OSPF neighbor on the same subnet, but only that one neighbor--I have two other neighbor relationships. Is there a way to redistribute static routes to only one neighbor--with a route-map maybe, or another way?

my understanding is that James would like to distribute some static routes but only to one neighbor on a LAN segment and not to other OSPF neighbors.

Your test is good in filtering what static routes should be injected in the OSPF domain, but it cannot achieve the desired result to send these external routes only to specific OSPF neighbor and not to others the OSPF LSAs is flooded out in the whole domain.

Only way would be to use a distribute-list to avoid installation of undesired route but it has to be done on the two neighbors that should not install the routes.

But this is not usually considered best practice.

Hope to help

Giuseppe

Giuseppe

Yep, your'e right of course. Got myself a little confused there i should have read the question more closely.

Jon

I know i can distribute specific routes with a route-map, but would like to

send specific routes to only 1 of my OSPF neighbors. The network segment

crudely looks like my ASCII art below

-


[Core Switch Vlan 1

172.21.2.3 | vlan5 172.21.5.2]

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello  James,

this is not possible:

OSPF external routes cannot be filtered outbound.

It couldn't  work even if the other neighors were in a different interface and different IP subnet.

You probably need to consider PBR again but it has to be applied on the neighbor that should have received that redistributed static route.

Hope to help

Giuseppe

Yeah, Guisseppe is totally correct.  The nature of OSPF is that an LSA is propogated throughout the entire domain.  Unfortunaltely, you cannot filter a route to only 1 peer, and the only way to do what you want is a distribute list on every single router that you don't want to see the routes.

There are other methods such as PBR, configuring static routes on the one router, multiple routing protocols that you can use, but it gets rather ugly.

I think what I am going to try is adding static routes to the firewall, then

redistribute my selected static routes from the core to the providers

router, then I will use PBR on the core to route my test stations to the

firewall rather then the "old" connection.

When I redistribute my statics, will the core switch appear as the next hop

for those routes, or will it distribute the entire static route including

the next hop? Either way is fine I think, i will have to configure PBR on a

2nd device if it doesnt advertise itself as the next hop though.

Thanks again everyone!!!

Hello James,

>>

When I redistribute my statics, will the core switch appear as the next hop

for those routes, or will it distribute the entire static route including

the next hop?

the external LSA data structure will have an advertising router field = ASBR core switch OSPF router id

Hope to help

Giuseppe

Giuseppe,

Thank you for the information.

I just want to clarify my understanding though.

Because my core switch is distributing the routes, it will appear as the

next hop for those routes in the neighbors routing table--NOT the next hop

that is actually configured on my core switch. Is that correct?

Thanks again!

On Wed, Feb 3, 2010 at 1:38 PM, giuslar

Hello James,

your understanding is correct

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco