I have a Router A and B connected via Ethernet and talking OSPF, router A has about 200 subnet but I want only 2 subnet to go to router B, and router B has 5 subnet and I want only couple hosts from router B LAN and loopback to be seen (for mgmt purpose) on router A.I have tried distribute list but either it blocked all or permit all. Please advice.
distribute-lists in OSPF can only be used to filter external routes when redistributing into the ospf domain. In your example you could make the area "stub no-summary" which would limit the routes router B receives to a default route (plus any other routes in it's area). Another way of filtering in OSPF is to use a filter-list (see below format) but again this only filters between areas.
It is difficult to do route filtering in link state protocols like OSPF because the link state protocol needs to know the full information about the area so that it can draw the area topology map so that it can avoid looops. Needing the full topology information within the area basically means that you can not filter advertisements of the links.
The one place where route filtering does work as expected is the one that Mark points out. If you are redistributing routes into OSPF you can use distribute lists and filter out certain route advertisements.
But what I have said does not mean that you can not use distribute lists with OSPF, it just means that the distribute list will not work as most of us expect it to. If you configure a proper distribute list and apply the distribute list inbound, then the distribute list will prevent those routes from being put into the local IP routing table. Those routes will still be present in the OSPF link state data base and those routes will be advertised to neighbors. This is why I say it does not work as most of us expect.
But in your situation where you have two routers talking to each other and you want to selectively suppress some routes it should be possible. If you say that you tried and it either denied all or permitted all then I suspect that there was a flaw in the way that you configured the distribute list. If you will provide details of what you want to accomplish and details of what you configured, then perhaps we can show you how to accomplish it.
The access list and distribute list on router B look ok. As long as 10.1.21.0/24 and 10.1.22.0/24 are advertised by OSPF over interface FastEthernert1/0 then they should show up in the routing table and no other routes advertised by OSPF over interface FastEthernet1/0 should be in the local routing table.
On router A it is a bit more problematic. Your distribute list permits 3 specific host addresses and denies everything else. If those 3 host addresses were being advertised individually your distribute list should work. But I doubt that the 3 host addresses are advertised individually. It is much more likely that the subnet to which they belong is advertised. In that case the distribute list on router A will not put any routes from the other router into its local routing table.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.