Problems with route filtering for OSPF with distribute-lists

From: Malcolm Salmons (malcolm.salmons@gmail.com)
Date: Mon Jun 18 2007 - 15:05:20 ART

• Next message: Tarun Pahuja: "Re: Using route maps in EIGRP"
• Previous message: Guyler, Rik: "RE: RE: RE : Attack by Proctor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi

I'm trying to filter certain OSPF routes from my routing table using
distribute lists. However, I'm getting problems with allowing external
routes through. I can filter internal routes with access list and a route
map but I cant get external routes permitted. I've hacked around with
different route-map matches, including route-type, tag etc but cant seem to
get it to do what I want.

With a distribute list applied I have the following routes:

R5#sir ospf
     136.10.0.0/16 is variably subnetted, 9 subnets, 5 masks
O IA 136.10.9.9/32 [110/3] via 136.10.56.6, 00:00:07, FastEthernet0/0
O IA 136.10.7.7/32 [110/2] via 136.10.56.7, 00:00:07, FastEthernet0/0
O IA 136.10.6.6/32 [110/2] via 136.10.56.6, 00:00:07, FastEthernet0/0
O IA 136.10.69.0/24 [110/2] via 136.10.56.6, 00:00:07, FastEthernet0/0
O E2 192.168.90.0/24 [110/20] via 136.10.56.6, 00:00:07, FastEthernet0/0
R5#

I'm trying to only allow 136.10.69.0/24 and 192.168.90.0/24. I've allowed
both in an acl and applied it with a route-map. This didnt seem to pick up
the E2 route, so I tagged this and matched on that, again without success.
My config is as follows:

router ospf 1
 router-id 136.10.5.5
 log-adjacency-changes
 network 136.10.5.5 0.0.0.0 area 5
 network 136.10.55.55 0.0.0.0 area 55
 network 136.10.56.5 0.0.0.0 area 0
 distribute-list route-map FILTER2 in

access-list 99 permit 136.10.69.0 0.0.0.255
access-list 99 permit 192.168.90.0 0.0.0.255

route-map FILTER2 permit 10
 match ip address 99
!
route-map FILTER2 permit 20
 match tag 69
!

I can see that the E2 route is tagged with 69:

R5#sh ip ospf data

            OSPF Router with ID (136.10.5.5) (Process ID 1)

- Lines removed
                Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag
192.168.90.0 136.10.6.6 497 0x80000004 0x000C45 69
R5#

But all I get in the routing table is the internal /24:

R5#sir ospf
     136.10.0.0/16 is variably subnetted, 6 subnets, 4 masks
O IA 136.10.69.0/24 [110/2] via 136.10.56.6, 00:04:25, FastEthernet0/0
R5#

Any help on this is appreciated.

Thanks

Malcolm

• Next message: Tarun Pahuja: "Re: Using route maps in EIGRP"
• Previous message: Guyler, Rik: "RE: RE: RE : Attack by Proctor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART