Re: OSPF route filtering teaser

From: David Luu (wicked01@xxxxxxxxxxxxx)
Date: Fri Jun 28 2002 - 21:41:56 GMT-3

• Next message: David Luu: "Fwd: Re: OSPF route filtering teaser"
• Previous message: Jason Cash: "dsl with Cisco 4500"
• Maybe in reply to: Peter Whittle: "OSPF route filtering teaser"
• Next in thread: David Ham: "RE: OSPF route filtering teaser"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
there is also another way,...and will literally "block" the ospf
10.1.0.0/16 route...

this only needs to be done on R3

distribute-list 1 in
access-list 1 deny 10.1.0.0 0.0.255.255
access-list 1 permit any

>Date: Fri, 28 Jun 2002 17:28:09 -0700
>To: Carlos G Mendioroz <tron@huapi.ba.ar>, ccielab@groupstudy.com
>From: David Luu <wicked01@ix.netcom.com>
>Subject: Re: OSPF route filtering teaser
>
>forgot to add...
>
>2 ospf processes on R3
>
>At 07:35 PM 6/28/2002 -0300, Carlos G Mendioroz wrote:
>>David,
>>how do you "block" routes in an OSPF link ?
>>
>>David Luu wrote:
>> >
>> > sounds simple enough...
>> >
>> > use route tags
>> >
>> > have R2 set a tag for the 10.1.0.0/16 and have R3 block the tag going into
>> > area 0
>> >
>> > At 09:10 PM 6/28/2002 +0100, Peter Whittle wrote:
>> > >Selectively blocking OSPF routes between areas
>> > >----------------------------------------------
>> > >
>> > >I would like to pose a simple scenario to the group.
>> > >
>> > >There are 4 routers R1 .. R4
>> > >
>> > >R1 is injecting routes into RIPv2 say 10.1.0.0/16
>> > >
>> > >R2 is running RIPv2 on e0, it is also connected by e1 to OSPF Area 1 and
>> > >must inject the routes learnt from RIP into AREA 1. There are other
>> > >routers also connected to the ethernet segment in Area 1 again running
>> > >OSPF. The routes injected by R2 into area 1 must be visible to these
>> > >routers via OSPF.
>> > >
>> > >R3 has 2 ethernet interfaces e0 in OSPF Area 0, and e1 in OSPF Area 1.
>> > >It must see the RIP routes injected into OSPF by R2 (ie 10.1.0.0/16).
>> > >
>> > >R4 in connected to the ethernet in Area 0 and is also running OSPF and
>> > >is outside of your control.
>> > >
>> > >STOP the RIP routes that were injected by R2 from being seen in Area 0.
>> > >(i.e. block the 10.1.0.0/16 route)
>> > >
>> > >You may only program routers R2, & R3 to achieve this.
>> > >
>> > >
>> > >Any thoughts, ideas, solutions?
>> > >
>> > >
>> > >I have one solution in mind but it is not very elegant. I will share
>> > >this next week when you have had time to think about the problem.
>> > >
>> > >
>> > >------------
>> > >
>> > >A distribute-list applied to R3, an ABR, will of course not work. (When
>> > >the 10.1 route reaches R3 it is in an LSA. If we apply the distribute-
>> > >list x in, it will only block the route going into R3's routing table,
>> > >it will not prevent the LSA from being sent on to R4. We are not
>> > >permitted to change the other routers in Area 0 so we can not use the
>> > >conventional approach of applying the distribute-list x in to each of
>> > >the routers in Area 0.
>> > >
>> > >If we apply a distribute-list x out to the ABR it will again have no
>> > >impact on the LSA advertising the 10.1 route into Area 0.)
>> > >
>> > >==========================
>> > >
>> > >May enlightenment be yours.
>> > >
>> > >Peter
>> > >
>> > >--
>> > >Peter Whittle

• Next message: David Luu: "Fwd: Re: OSPF route filtering teaser"
• Previous message: Jason Cash: "dsl with Cisco 4500"
• Maybe in reply to: Peter Whittle: "OSPF route filtering teaser"
• Next in thread: David Ham: "RE: OSPF route filtering teaser"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:43 GMT-3