Search This Blog

Thursday, October 28, 2010

OSPF Filtering - Part 1

OSPF use IP protocol 89 to flood LSA's, these LSA's are used to form adjacencies (neighbors relationship), request update and advertise route prefixes and acknowledge these updates and synchronize databases. So we could say that the LSA's are one of the core intergradient when running OSPF.

There are 3 methods of filtering LSA's:

1. Distribute-list

filter routes from the routing table of the specific router, where we configure the list, but not from the LSDB, hence route will continue advertised LSA's to other routers.

Config example:

Router(config)#access-list 1 deny 10.1.0.0 0.0.0.255

Router(config)#access-list 1 permit any

Router(config)#ip ospf 1

Router(config-router)#distribute-list 1 in

In the following example we filter route 10.1.0.0/24 from the routing table, but the route will still exist in the LSDB and will be advertised to adjacent routers.

Distribute-list can affect the LSDB only when filtering from area 0 to other areas, Whereas if we filter from other area to area 0 it will effect only the configured router. Also configuring Distribute-list on an ASBR can filter LSA type 5 and 7 (External and NSSA).

2. Prefix-List

Filters LSA type 3, Inter-area LSA's, hence must be configured on an ABR in order to work.

Config example:

Router(config)#ip prefix-list seq 5 Test deny 11.1.1.0/24

Router(config)#ip prefix-list seq 10 Test permit 0.0.0.0/0 le 32

Router(config)#ip ospf 1

Router(config-router)#
area x filter-list prefix Test out

Area x is the area which the routes we want to filter found in.

The following example is configured on an ABR and will prevent from LSA type 3, from area x with route prefix 11.1.1.0/24, to flood into another area.

3. Summarization

We can summarize and prevent advertisement using ABR/ASBR summarization, it's very similar to the summarization process but with the addition of not-advertise and by that preventing advertisement of the summary route prefix.

For ABR:

Router(config)#ip ospf 1

Router(config-router)#
area x range 11.1.1.0 255.255.255.0 not-advertise

For ASBR:

Router(config)#ip ospf 1

Router(config-router)#
summary-address 50.5.5.0 255.255.255.0 not-advertise

4. Database-Filter

Allows one-way filter of All OSPF LSA but still keeps the adjacency and receiving LSA's from the filtered interface/neighbor.

Interface mode:

Router(config)#ip ospf 1

Router(config-router)#
ip ospf database-filter all out

Neighbor mode:

Router(config)#ip ospf 1

Router(config-router)# neighbor 10.1.34.4 database-filter all out

Can be only configured where two routers are adjacent through Point-to-Multipoint network type.


 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)