From: Erick B. (erickbe@xxxxxxxxx)
Date: Mon Sep 11 2000 - 00:53:10 GMT-3
Hi,
I verified this in lab. Distribute-list in filters
routes from entering the routing table on 1 router
only. The OSPF lsdb isn't effected.
My scenario:
R5
|
R1---R2---R3---R4
R1 and R5 are area 0.
R1, R2, R3 in area 1.
V-link between R3 and R4.
I announced a loopback on R1 into OSPF and I filtered
it on R3 w/distribute-list in. It isn't in R3s main
routing table (show ip route).
R1, R2, R4 have it in their routing tables because the
OSPF lsdb is the same and this is where the routes are
built from. The route I filtered on R3 shows up on R4
with a next hop of R3. The route shows up in R4s main
routing table but I can not ping it (get U's) because
R3 has no valid route to it in it's main routing
table.
So, it is possible but be careful because the routes
need to filtered at ALL routers that you don't want.
If they are filtered-out in a router in the middle
then the far router will have route to x network but
won't be able to get there.
I hope this clears things up.
-Erick
--- Kenneth Kriel <ken@flane.com> wrote:
> Hi all,
>
> Thank you for your replies, I am sorry I could not
> attend to it earlier
> cause I was out of the country.
>
> As many have said, distribute lists do not work if
> it is in the same OSPF
> AS. This I found out the hard way, by trying
> distribute lists incoming and
> outgoing on both routers. The route still appears in
> my OSPF area 0.
>
> I would like to assume the following, however, I
> need confirmation:
>
> Distrubute lists do not work within OSPF, due to the
> link state issue !
>
> If you believe differently, and you can prove it
> please send me your config.
> Mine is as follows : (on R2 as per the diagram at
> the botom !
>
> Thank you for your assistance !!!
>
>
> Ken
>
>
>
>
> !
> interface Loopback0
> ip address 132.1.1.1 255.255.255.255
>
> interface Serial0
> ip address 135.1.2.1 255.255.255.224
> encapsulation frame-relay
> ip ospf network point-to-multipoint
> no ip mroute-cache
> bandwidth 64
> no fair-queue
> clockrate 64000
> frame-relay map ip 132.1.2.3 104 broadcast
> frame-relay map ip 132.1.2.4 104 broadcast
>
> router ospf 1
> network 135.1.1.1 0.0.0.0 area 1
> network 135.1.2.1 0.0.0.0 area 0
> distribute-list 17 in Serial0
>
>
> access-list 17 deny 192.2.2.0 0.0.0.255
> access-list 17 permit any
>
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com
> [mailto:nobody@groupstudy.com]On Behalf Of
> Alejandro Cadarso
> Sent: Friday, September 08, 2000 6:30 PM
> To: mark salmon; ccielab
> Subject: Re: OSPF Filtering
>
>
> For me the distibute-list in works Ok
>
> 2503-mad#sh ip ospf dat
>
> OSPF Router with ID (190.19.15.225) (Process
> ID 200)
>
>
> Router Link States (Area 0)
>
> Link ID ADV Router Age Seq#
> Checksum Link count
> 190.19.15.193 190.19.15.193 804
> 0x80000006 0x960E 3
> 190.19.15.225 190.19.15.225 838
> 0x800000F5 0x9BE6 2
> 210.10.10.9 210.10.10.9 7 (DNA)
> 0x800000EB 0x1FAA 1
>
> Summary Net Link States (Area 0)
>
> Link ID ADV Router Age Seq#
> Checksum
> 190.1.0.0 210.10.10.9 246 (DNA)
> 0x80000094 0x95D
> 190.19.15.224 190.19.15.225 766
> 0x80000095 0xB27
> 192.19.18.0 210.10.10.9 246 (DNA)
> 0x80000093 0x47FA
> 210.10.10.8 190.19.15.193 804
> 0x80000002 0xACF6
> 210.10.10.8 210.10.10.9 11 (DNA)
> 0x8000009D 0x803A
>
> 2503-mad#sh ip ro 190.1.0.0
> % Network not in table
>
>
> Perhaps some misconfigured command or IOS bug.
>
>
>
>
> mark salmon wrote:
> >
> > II have used the dstributed in with OSPF in the
> past. At first, the
> > route was gone from the routing table. After
> about 1 minute, the route
> > was back.
> >
> > Geatti wrote:
> > >
> > > Remember, OSPF sends LSAs not ROUTES so a
> distribute-list out on an
> > > interface is useless.
> > > You can use a distribute-list in and this should
> work for blocking the
> route
> > > from the local router.
> > > If this doesn't work for you post your config.
> > >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com
> [mailto:nobody@groupstudy.com]On Behalf Of
> > > Kenneth Kriel
> > > Sent: Friday, September 08, 2000 9:42 AM
> > > To: 'Ccielab
> > > Subject: OSPF Filtering
> > >
> > > Gentleman,
> > >
> > > How do I filter a route from coming into OSFP ?
> I know it might be a
> stupid
> > > question but I can not get it to work !
> > >
> > > Layout
> > >
> > > OSPF Area 1 Area 0
> > > 192.2.2.0/24----|
> > > |--R1-----R2
> > > 135.1.x.0/24----|
> > >
> > > I do not want to see 192.2.2.0/24 on router R2 !
> > >
> > > I tried distribute-list out on R1 and in on R2
> but no luck !
> > >
> > > Thank you in advance !
> > >
> > > Ken
=====
---------------------/-----------------------
Erick B. / http://berk.dhs.org
erickbe@yahoo.com / CCNP+Security+NetRanger
/ NNCSE, CCIE Written
-----------------/---------------------------
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:54 GMT-3