From: Daniel Kutchin (daniel@kutchin.com)
Date: Mon Jun 11 2007 - 21:16:05 ART
Narbik ---
R2's database as seen by R1 remains intact (just as you said). However, R1's
own OSPF summary database is modified when you apply the filter on R1.
Therefore, one can filter what an OSPF-router stores in its database by
using "distribute-list in" filters.
Again, what baffles is, you can't filter Intra-Area prefixes this way, just
Inter-Area prefixes.
For example, If you add a router in Area 1 and attach it to an interface of
R1 in Area 1, it can't reach R2-2.2.2.2 (Area 2) after the filter is in
place but it can reach R2-3.3.3.3 (Area 0).
BTW, no my prefix-list is identical to yours. It has sequence-numbers too.
R1's database before the filter:
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
2.2.2.2 1.1.1.1 10 0x80000001 0x007DA8 <--- will
filter this
3.3.3.3 1.1.1.1 1410 0x80000003 0x004BD4 <--- will
filter this
4.4.4.4 1.1.1.1 156 0x80000007 0x001503
172.16.1.0 1.1.1.1 156 0x80000009 0x00AC63
R1's database after the filter:
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
3.3.3.3 1.1.1.1 1962 0x80000002 0x004DD3 <--- this is
not filtered!
4.4.4.4 1.1.1.1 687 0x80000006 0x001702
172.16.1.0 1.1.1.1 687 0x80000008 0x00AE62
From: Narbik Kocharians [mailto:narbikk@gmail.com]
Sent: Dienstag, 12. Juni 2007 00:33
To: Daniel Kutchin
Cc: ccielab@groupstudy.com
Subject: Re: Distribute-list & OSPF LSA 3
Sorry for a delayed response, i was in the middle of some work, but I think
the problem is with the ip prefix-list that you have configured, you forgot
to assign sequence numbers, but here is what i got:
This is before the prefix-list / distribute-list
R1#Sh ip route ospf
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/2] via 172.16.1.2, 00:03:21, FastEthernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 172.16.1.2, 00:03:21, FastEthernet0/0
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/2] via 172.16.1.2, 00:03:21, FastEthernet0/0
R1#sh ip ospf da rou adv-router 4.4.4.4
OSPF Router with ID (172.16.2.1) (Process ID 1
Router Link States (Area 0)
Routing Bit Set on this LSA
LS age: 239
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 80000004
Checksum: 0x2F44
Length: 48
Area Border Router
Number of Links: 2
Link connected to: a Stub Network
(Link ID) Network/subnet number: 3.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 172.16.1.1
(Link Data) Router Interface address: 172.16.1.2
Number of TOS metrics: 0
TOS 0 Metrics: 1
R1#sh ip ospf da summ adv-router 4.4.4.4
OSPF Router with ID (172.16.2.1) (Process ID 1)
Summary Net Link States (Area 0)
Routing Bit Set on this LSA
LS age: 293
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 2.2.2.2 (summary Network Number)
Advertising Router: 4.4.4.4
LS Seq Number: 80000001
Checksum: 0xBE65
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
Routing Bit Set on this LSA
LS age: 283
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 4.4.4.4 (summary Network Number)
Advertising Router: 4.4.4.4
LS Seq Number: 80000001
Checksum: 0x62B9
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
R1(config)#ip prefix-list BLOCK seq 5 deny 2.2.2.2/32
R1(config)#ip prefix-list BLOCK seq 10 deny 3.3.3.3/32
R1(config)#ip prefix-list BLOCK seq 15 permit 0.0.0.0/0 le 32
R1(config)#router ospf 1
R1(config-router)#distribute-list prefix BLOCK in
R1#sh ip rou ospf
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/2] via 172.16.1.2, 00:00:07, FastEthernet0/0
Note it did NOT effect the database
R1#sh ip ospf da rou adv-router 4.4.4.4
OSPF Router with ID (172.16.2.1) (Process ID 1)
Router Link States (Area 0)
Routing Bit Set on this LSA
LS age: 54
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 80000006
Checksum: 0x412F
Length: 48
Area Border Router
Number of Links: 2
Link connected to: a Stub Network
(Link ID) Network/subnet number: 3.3.3.3
(Link Data) Network Mask: 255.255.255.255
Number of TOS metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 172.16.1.2
(Link Data) Router Interface address: 172.16.1.2
Number of TOS metrics: 0
TOS 0 Metrics: 1
R1#sh ip ospf da summ adv-router 4.4.4.4
OSPF Router with ID (172.16.2.1) (Process ID 1)
Summary Net Link States (Area 0)
Routing Bit Set on this LSA
LS age: 547
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 2.2.2.2 (summary Network Number)
Advertising Router: 4.4.4.4
LS Seq Number: 80000001
Checksum: 0xBE65
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
Routing Bit Set on this LSA
LS age: 537
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 4.4.4.4 (summary Network Number)
Advertising Router: 4.4.4.4
LS Seq Number: 80000001
Checksum: 0x62B9
Length: 28
Network Mask: /32
TOS: 0 Metric: 1
On 6/11/07, Daniel Kutchin <daniel@kutchin.com> wrote:
Narbik ---
This is exactly the problem here. Why is the database different when he
applies the filter?
And why only the Inter-Area prefix is filtered?
#--- before:
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
2.2.2.2 1.1.1.1 2 0x80000001 0x007DA8 <--- will
be filtered
3.3.3.3 1.1.1.1 2 0x80000001 0x004FD2 <--- will
be filtered
4.4.4.4 1.1.1.1 2 0x80000001 0x0021FC
172.16.1.0 1.1.1.1 <http://1.1.1.1> 3602 0x80000002
0x0056CA
#--- after:
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
3.3.3.3 1.1.1.1 574 0x80000001 0x004FD2 <--- only
this remains
4.4.4.4 1.1.1.1 574 0x80000001 0x0021FC
172.16.1.0 1.1.1.1 568 0x80000003 0x00B85D
-----Original Message-----
From: nobody@groupstudy.com <mailto:nobody@groupstudy.com>
[mailto:nobody@groupstudy.com] On Behalf Of
Narbik Kocharians
Sent: Montag, 11. Juni 2007 22:38
To: want2bccie@gmail.com
Cc: ccielab@groupstudy.com
Subject: Re: Distribute-list & OSPF LSA 3
When you block prefixes using the "distribute-list in" command, the prefixes
are filtered from the routing table BUT NOT the database.
On 6/8/07, want2bccie@gmail.com <want2bccie@gmail.com> wrote:
>
> Hi GS,
>
> Below is my ospf topology
>
> Lo 3(3.3.3.3/32)__
> \ ___Lo 2(2.2.2.2/32)
> +----+ +----+ /
> Lo 1(1.1.1.1/32)--| R1 | | R2 |--X
> +----+ +----+ \___Lo 4(4.4.4.4/32)
> |fa0/0 fa0/0|
> | |
> |--172.16.1.0/30---|
>
> My config:
>
> -----------R1------------------------
> interface FastEthernet1/0
> ip address 172.16.1.1 255.255.255.0
> !
> interface Loopback1
> ip address 1.1.1.1 255.255.255.255
> !
> router ospf 1
> router-id 1.1.1.1
> log-adjacency-changes
> network 1.1.1.1 0.0.0.0 area 1
> network 172.16.1.1 0.0.0.0 area 0
> distribute-list prefix BLOCK in
> !
> ip prefix-list BLOCK seq deny 2.2.2.2/32
> ip prefix-list BLOCK seq deny 3.3.3.3/32
> ip prefix-list BLOCK seq permit 0.0.0.0/0 le 32
>
> --------------R2-----------------------
> interface FastEthernet1/0
> ip address 172.16.1.2 255.255.255.0
> !
> interface Loopback2
> ip address 2.2.2.2 255.255.255.255
> !
> interface Loopback3
> ip address 3.3.3.3 255.255.255.255
> !
> interface Loopback4
> ip address 4.4.4.4 255.255.255.255
> !
> router ospf 1
> router-id 2.2.2.2
> log-adjacency-changes
> network 2.2.2.2 0.0.0.0 area 2
> network 3.3.3.3 0.0.0.0 area 0
> network 4.4.4.4 0.0.0.0 area 4
> network 172.16.1.2 0.0.0.0 area 0
> ---------------------------------------
> R1#show ip ospf database
>
> OSPF Router with ID (1.1.1.1) (Process ID 1)
>
> Router Link States (Area 0)
>
>
> Link ID ADV Router Age Seq# Checksum Link count
> 1.1.1.1 1.1.1.1 951 0x800000A5 0x8F6F 1
> 2.2.2.2 2.2.2.2 947 0x80000030 0x7ECF 2
>
>
> Net Link States (Area 0)
>
>
> Link ID ADV Router Age Seq# Checksum
> 172.16.1.1 1.1.1.1 954 0x80000001 0x6DFD
>
>
> Summary Net Link States (Area 0)
>
>
> Link ID ADV Router Age Seq# Checksum
> 1.1.1.1 1.1.1.1 1172 0x80000033 0xE21F
> 2.2.2.2 2.2.2.2 945 0x80000049 0x6A79
> 4.4.4.4 2.2.2.2 948 0x80000001 0x9E85
>
>
> Router Link States (Area 1)
>
>
> Link ID ADV Router Age Seq# Checksum Link count
> 1.1.1.1 1.1.1.1 1184 0x80000001 0xD351 1
>
>
> Summary Net Link States (Area 1)
>
>
> Link ID ADV Router Age Seq# Checksum
> 3.3.3.3 1.1.1.1 946 0x80000001 0x4FD2
> 4.4.4.4 1.1.1.1 946 0x80000001 0x21FC
> 172.16.1.0 1.1.1.1 950 0x80000003 0x3B34
> ------------------------------------------------------------
>
> As per above config, on R1 OSPF learned routes should not installed in its
> routing table but those routes still be in database and advertise to its
> neighbors. But in this case R1 is not getting type-3 LSA's for
2.2.2.2network into ospf AREA 1.
> If above database output is correct, then can someone clear why R1 won't
> get LSA3 for 2.2.2.2.
>
> Regards,
> Naresh
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Narbik Kocharians CCIE# 12410 (R&S, SP, Security) CCSI# 30832 Network Learning, Inc. (CCIE class Instructor) www.ccbootcamp.com (CCIE Training)
This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:48 ART