From: Alex (alex.arseniev@gmail.com)
Date: Sun Sep 09 2007 - 13:39:30 ART
Hi there,
For the purposes of CCIE lab exam you can do the following:
--configure two OSPF processes on the router(s) depening on topology. Since
full mesh is rare type of topology, you may need to invoke 2 OSPF processes
on a limited number of routers
--Let's call the OSPF process which receives the specific route in question
"the originator" process and the other one "the receiver" process
--redistribute from originator process to the receiver process using
route-map to block the specific route
--redistribute routes from receiver process to the originator process. Since
no stub/NSSA/totally stub/TNSSA area are allowed, these redistributed Type-5
LSA will be universally accepted throughout your whole topology.
Does it meet your requirements or are there any other restrictions we do not
know of yet?
HTH
Cheers
Alex
----- Original Message -----
From: "Gregory Gombas" <ggombas@gmail.com>
To: "Herbert Maosa" <asawilunda@googlemail.com>
Cc: "Shine Joseph" <shinepjoseph@iprimus.com.au>; "Toh Soon, Lim"
<tohsoon28@gmail.com>; "groupstudy" <ccielab@groupstudy.com>
Sent: Saturday, September 08, 2007 11:09 PM
Subject: Re: Filtering OSPF external routes - tough one
> On which router?
>
> Let me re-state the restrictions:
>
> 1. Can't do any filtering on the ASBR that's doing the redistribution
> - that includes distribute lists, route maps, the "summary address
> no-advertise" command, distance, or anything on the ASBR itself.
>
> 2. No stub/NSSA/totally/NSSA totally areas allowed
>
> 3. Since you have 100 routers in the area, its not feasible to do
> distribute-list inbound on every router in the area.
>
> By the way, I made this scenario up myself , but its quite possible to
> come across this in the real world. Say you have a large network with
> multiple connections to external vendors (or even just multiple
> routing protocols) that you are redistributing into OSPF. And you
> wanted to prevent certain external routes from being
> sent to a specific a area - let say its your customer network.
>
> Stub/NSSA areas may not be a good solution for you because you do want
> allow certain external routes in and you didn't want sub-optimal
> routing inherent in default or summary routes.
>
> The problem is that if you filter the prefix on the ASBR doing the
> redistribution,
> your entire organization will be cut off from those external routes.
> And it may not be feasible to do distribute-list inbound on every
> router in the area (especially if its a large area).
>
> How could you accomplish this?
>
>
> On 9/8/07, Herbert Maosa <asawilunda@googlemail.com> wrote:
>> I believe distribute-list route-map out should do.
>>
>> Herbert.
>>
>>
>>
>> On 9/8/07, Gregory Gombas <ggombas@gmail.com > wrote:
>> >
>> > Yup - only works on Type 3 LSA's...
>> >
>> > On 9/8/07, Shine Joseph < shinepjoseph@iprimus.com.au> wrote:
>> > > Did you consider area filter-list?
>> > >
>> > > Regards,
>> > > Shine
>> > >
>> > >
>> > > -----Original Message-----
>> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>> > > Of
>> > > Gregory Gombas
>> > > Sent: Sunday, 9 September 2007 6:22 AM
>> > > To: Toh Soon, Lim
>> > > Cc: groupstudy
>> > > Subject: Re: Filtering OSPF external routes - tough one
>> > >
>> > > Hi Lim,
>> > >
>> > > The goal is to filter the route so no router in the specific area you
>> > > want to filter it from will have it in its OSPF database. Distribute
>> > > list is only locally significant :-(
>> > >
>> > > Oh and I forgot to mention stub/totally/NSSA are not allowed for this
>> > > solution :-)
>> > >
>> > > I can't believe OSPF is so inflexible! This is quite easily
>> > > accomplished with any distance vector protocol!
>> > >
>> > >
>> > >
>> > > On 9/8/07, Toh Soon, Lim < tohsoon28@gmail.com> wrote:
>> > > >
>> > > >
>> > > > Hi Gregory,
>> > > >
>> > > > At which point in the network do you want to filter the external
>> routes?
>> > > In
>> > > > multi-area OSPF, you can consider deploying stub, totally stubby or
>> NSSA
>> > > > areas.
>> > > >
>> > > > AFAIK, Type 5 LSAs are flooded to the entire OSPF domain (whichever
>> areas
>> > > > that can accept Type 5 LSAs). IMO I don't think we can filter some
>> Type 5
>> > > > LSAs on only certain routers due to the fact that they must be
>> identical
>> > > > across the domain. You can try "distribute-list" to prevent them
>> > > > from
>> > > > entering the RIB.
>> > > >
>> > > > Just my 2cents. I may understand it wrongly. Let's hear other
>> > > > opinion.
>> > > >
>> > > >
>> > > > Thank you.
>> > > >
>> > > > B.Rgds,
>> > > > Lim TS
>> > > >
>> > > >
>> > > >
>> > > > On 9/9/07, Gregory Gombas < ggombas@gmail.com> wrote:
>> > > > >
>> > > > > Does anyone know how to filter an ospf external route on a router
>> > > > > other than the ASBR doing the redistribution?
>> > > > >
>> > > > > Oh and by the way, the forwarding address is set to 0.0.0.0.
>> > > > >
>> > > > > Good luck with this one :-)
>> > > > >
>> > > > >
>> > > >
>> _______________________________________________________________________
>> > > > > Subscription information may be found at:
>> > > > > http://www.groupstudy.com/list/CCIELab.html
>> > >
>> > >
>> _______________________________________________________________________
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>>
>>
>>
>> --
>> Kindest regards,
>> hm
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:10 ART