Re: OSPF : Distribute-list in for LSA filtering

From: Peter van Oene (pvo@usermail.com)
Date: Sun Sep 01 2002 - 11:37:30 GMT-3

• Next message: Jim Brown: "RE: How to? Redistribute BGP into EIGRP"
• Previous message: sovan parida: "3920 TRBRF bridge no Vs DLSW bridge no."
• Maybe in reply to: Donny MATEO: "OSPF : Distribute-list in for LSA filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

There is nothing unique about filtering the type 7 to type 5 conversion
which is essentially what you are doing. Beyond OSPF specs for identical
link state databases per area, their lies the actual coded implementations
which make doing some things easy and others harder. For example, Type 3/4
LSA's are created per ABR, vs flooded unchanged as type 1/2/5's
are. Hence, it is easier to work with 3/4's than it would be to deal with
5's. 7 to 5 conversions fall into this same catagory as the translating
ABR has to create the type 5 from the 7 info and thus has a good point at
which to do policy.

Pete

At 02:09 PM 9/1/2002 +0800, Donny MATEO wrote:
>Hi Group,
>
>just got a funny stuff. Remember how they said that OSPF works on LSA and
>that "distribute-list in"
>is just to filter route coming into the routing table. Well... I just got
>a wierd one, I dunno if
>it's IOS related or not, perhaps some of you can try. Here is the topology
>
>r1---OSPF(area 0)---r5---OSPF(area 4 nssa)---r6---EIGRP---r7
>
>obviously there is mutual redistribution on R6. Now the scenario (bootcamp
>3 ) asked you to
>summarize the route that you learn from EIGRP and only advertise the
>summary route to other router.
>Meaning only r6 would know the detail of network in EIGRP (r7) and you can
>only do this on R5.
>
>So now, what I did, I put a "distribute-list in" in R5 to filter all the
>unwanted network and it
>actually works.
>
>router ospf 1
> log-adjacency-changes
> area 4 nssa
> area 4 range 11.0.0.0 255.0.0.0
> network 10.10.0.0 0.0.255.255 area 0
> network 11.1.0.0 0.0.255.255 area 4
>
>ip access stand r6filter
> deny 11.4.0.0 0.0.255.255
> deny 11.3.0.0 0.0.255.255
> deny 11.2.0.0 0.0.255.255
> permit any
>
>
>here is the external LSA before the command. (wacht the one with 90 tag).
>
>L Type-7 AS External Link States (Area 4)
>
>Link ID ADV Router Age Seq# Checksum Tag
>11.2.0.0 11.2.1.1 298 0x80000003 0xE4A6 90
>11.3.0.0 11.2.1.1 298 0x80000003 0xD8B1 90
>11.4.0.0 11.2.1.1 298 0x80000003 0xCCBC 90
>
> Type-5 AS External Link States
>
>Link ID ADV Router Age Seq# Checksum Tag
>0.0.0.0 172.168.32.1 1188 0x80000002 0xFA40 1
>11.2.0.0 11.1.1.5 4 0x80000001 0x6D27 90
>11.3.0.0 11.1.1.5 4 0x80000001 0x6132 90
>11.4.0.0 11.1.1.5 4 0x80000001 0x553D 90
>20.1.1.0 172.168.32.1 680 0x80000002 0x8B87 0
>
>
>
>after the command + clear ip ospf proc
>
>
> Type-7 AS External Link States (Area 4)
>
>Link ID ADV Router Age Seq# Checksum Tag
>11.2.0.0 11.2.1.1 407 0x80000003 0xE4A6 90
>11.3.0.0 11.2.1.1 407 0x80000003 0xD8B1 90
>11.4.0.0 11.2.1.1 407 0x80000003 0xCCBC 90
>
> Type-5 AS External Link States
>
>Link ID ADV Router Age Seq# Checksum Tag
>0.0.0.0 172.168.32.1 1298 0x80000002 0xFA40 1
>20.1.1.0 172.168.32.1 790 0x80000002 0x8B87 0
>
>
>
>I checked on other router (r1)
> Type-5 AS External Link States
>
>Link ID ADV Router Age Seq# Checksum Tag
>0.0.0.0 172.168.32.1 1380 0x80000002 0xFA40 1
>20.1.1.0 172.168.32.1 876 0x80000002 0x8B87 0
>
>
>no type5 AS External LSA.
>So, for NSSA at least ( will test with other later on), can I conclude I
>can actually filter the LSA
>with distribute-list in command ? or is there something that i'm missing.
>
>Donny
>
>
>
>This message is for information purposes only and its content
>should not be construed as an offer, or solicitation of an offer,
>to buy or sell any banking or financial instruments or services
>and no representation or warranty is given in respect of its
>accuracy, completeness or fairness. The material is subject
>to change without notice. You should take your own independent
>tax, legal and other professional advice in respect of the content
>of this message. This message may contain confidential or
>legally privileged material and may not be copied, redistributed
>or published (in whole or in part) without our prior written consent.
>This email may have been intercepted, partially destroyed,
>arrive late, incomplete or contain viruses and no liability is
>accepted by any member of the Credit Agricole Indosuez group
>as a result. If you are not the intended recipient of this message,
>please immediately notify the sender and delete this message
>from your computer.
>_________________________________________________________________
>Commercial lab list: http://www.groupstudy.com/list/commercial.html
>Please discuss commercial lab solutions on this list.

• Next message: Jim Brown: "RE: How to? Redistribute BGP into EIGRP"
• Previous message: sovan parida: "3920 TRBRF bridge no Vs DLSW bridge no."
• Maybe in reply to: Donny MATEO: "OSPF : Distribute-list in for LSA filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:40 GMT-3