Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
35228
Views
5
Helpful
2
Comments

Distribute list out command in OSPF

Pulkit Nagpal
Cisco Employee
Cisco Employee

‎02-18-2012 08:23 PM - edited ‎03-01-2019 04:46 PM

 

 

 

Introduction

 

This document provides a sample configuration on how and when to use distribute-list out command. This command only works on the routes being redistributed by Autonomous system boundary Router into OSPF. It can be applied to external type 2 and type 1 routes, but not to intra-area and interarea routes..

 

Requirements

 

It is assumed that a person reading this document is familiar with Ospf.

 

Components used

 

For this document 3700 Series router with IOS 12.4(18) loaded in it.

 

Network Diagram

 

Area filter- ospf.jpg

Configuration

 

The configuration files are attached with this document.

 

For this example, loopback interfaces connected to Router R1 will be redistributed in the ospf domain and R1 will serve as ASBR (see configuration attached for reference) .

 

We will filter network 11.1.1.0 from Area 1 for this example.

 

Before we move forward, lets take a look at the routing table of R3:

 

sr.jpg

 

And, we can surely see network 11.1.1.0.

 

Now for filtering network 11.1.1.0 from area 1 we need to perform two tasks

 

  • We first need to configure an access-list to filter this particular network out.
  • Second, we need to apply that filter

 

This will be done at router R1, which is the ASBR for this OSPF network.

 

For step 1, we will create an access-list which will deny net 11.1.1.0/24 and permit all others:

 

sr.jpg

 

For step 2, we will apply this filter:

 

sr.jpg

 

Verify

 

Lets see the routing table of Router R3:

 

sr.jpg

 

We surely don't see 11.1.1.0 network on R3. And, to prove that R2 is not sending type 5 LSA for this network in area 1, lets see the database for 11.1.1.0 network on R2:

 

sr.jpg

 

Related Information

Labels:
122771-R1.cfg.zip
122769-R3.cfg.zip
122770-R2.cfg.zip
Comments
keiththomas
Level 1
Level 1
‎11-08-2012 07:32 PM

Instead of using the distribute-list to filter 11.1.1.0, why not just do the work in the ACL of route-map OUTSIDE? What benefit does the distribute-list out bring to redistribution into OSPF that you cannot already do with the redistribution route map?

John_S209
Level 1
Level 1
‎08-30-2019 10:59 AM

so as a 'youthful' netadmin looking to expand what I know, I'm reading CCNP routing content & going through some review questions.  in using an access list like this, does the implied "deny any any" still exist in applying an ACL for use in a distribute-list in a manner as described here with OSPF?

 

tia.  regards,

 

JS

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents