Cisco Support Community
Community Member

N7K ospf rib filtering with table-map problem


I'm trying to apply a table-map for an OSPFv2 issue which would cause loops

I've got a couple of 7Ks connected to two OSPF domains, interconnected on both domains, and the redistribution from domain 1 to domain 2 issues a tag.

When I try to run a table-map with a route-map deny statement to match the tag issued it still lets the routes into the routing table.

(To clarify: N7kA might originate a in domain 1 route and N7kB redistributes it into domain 2 which passes it back to N7kA via domain 2, and having a smaller AD creates a loop)

I'm trying to get no routes from OSPF1 to show in the RIB via the OSPF2 process but still want to pass them to the rest of the domain so RIB filtering seems the way.

Am I being stupid in that the table-map won't work because the routes exist from another process so they will still be added with their best AD or something? I can't find a lot of information on table-maps only that they seem to replace distribution-lists for ospf?

the base config goes something like this:

router ospf 1

redistribute ospf 2 route-map REDIST_OSPF2

router ospf 2

redistrbibute ospf 1 route-map REDIST_OSPF1

distance 109 (required for another reason)

table-map TABLE_MAP


route-map TABLE_MAP deny 10

match tag 444

route-map TABLE_MAP permit 20


route-map REDIST_OSPF1 permit 10

match ip address REDIST_OSPF1ACL

set tag 444

set metric-type type-1


route-map REDIST_OSPF2 deny 10

match tag 444

route-map REDIST_OSPF2 permit 20

match ip address REDIST_OSPF2ACL

set metric-type type-1


ip access-list REDIST_OSPF1ACL

10 permit ip any

ip access-list REDIST_OSPF2ACL

10 permit ip any

Thanks loads in advance


Community Member

N7K ospf rib filtering with table-map problem

I used prefix-lists to get around this and administrative distance changes but it lookts like the reason the table-map didn't work is that I'd hit a bug. Updating should cover this in case it affects someone else.


Table-map with keyword 'filter' along with route-map deny incorrectly updates the RIB table
Whenver a table-map with filter along with route-map deny is configured, the routes matching the route-map should be discarded from downloading into RIB table. But doing clear isis adjacency *, clear ip/ipv6 route * downloads the routes into RIB table with default admin distance.
Routes matching route-map with deny should not downloaded into RIB table when negative cases are executed.

CreatePlease to create content