Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2830
Views
0
Helpful
1
Replies

N7K ospf rib filtering with table-map problem

sam mackenzie
Level 1
Level 1

‎08-28-2013 04:20 AM - edited ‎03-01-2019 07:24 AM

Hi,

I'm trying to apply a table-map for an OSPFv2 issue which would cause loops

I've got a couple of 7Ks connected to two OSPF domains, interconnected on both domains, and the redistribution from domain 1 to domain 2 issues a tag.

When I try to run a table-map with a route-map deny statement to match the tag issued it still lets the routes into the routing table.

(To clarify: N7kA might originate a in domain 1 route and N7kB redistributes it into domain 2 which passes it back to N7kA via domain 2, and having a smaller AD creates a loop)

I'm trying to get no routes from OSPF1 to show in the RIB via the OSPF2 process but still want to pass them to the rest of the domain so RIB filtering seems the way.

Am I being stupid in that the table-map won't work because the routes exist from another process so they will still be added with their best AD or something? I can't find a lot of information on table-maps only that they seem to replace distribution-lists for ospf?

the base config goes something like this:

router ospf 1

redistribute ospf 2 route-map REDIST_OSPF2

router ospf 2

redistrbibute ospf 1 route-map REDIST_OSPF1

distance 109 (required for another reason)

table-map TABLE_MAP

!

route-map TABLE_MAP deny 10

match tag 444

route-map TABLE_MAP permit 20

!

route-map REDIST_OSPF1 permit 10

match ip address REDIST_OSPF1ACL

set tag 444

set metric-type type-1

!

route-map REDIST_OSPF2 deny 10

match tag 444

route-map REDIST_OSPF2 permit 20

match ip address REDIST_OSPF2ACL

set metric-type type-1

!

ip access-list REDIST_OSPF1ACL

10 permit ip 192.168.0.0/16 any

ip access-list REDIST_OSPF2ACL

10 permit ip 172.16.0.0/16 any

Thanks loads in advance

Sam

Labels:
0 Helpful
1 Reply 1

sam mackenzie
Level 1
Level 1

‎08-30-2013 03:26 AM

I used prefix-lists to get around this and administrative distance changes but it lookts like the reason the table-map didn't work is that I'd hit a bug. Updating should cover this in case it affects someone else.

CSCud96238


Table-map with keyword 'filter' along with route-map deny incorrectly updates the RIB table
Whenver a table-map with filter along with route-map deny is configured, the routes matching the route-map should be discarded from downloading into RIB table. But doing clear isis adjacency *, clear ip/ipv6 route * downloads the routes into RIB table with default admin distance.
Routes matching route-map with deny should not downloaded into RIB table when negative cases are executed.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents