OSPF Filter Inter-area routes
Topology consist of 3 OSPF areas
Router R2 generates the following routes into Area 0
2.2.0.0/24
2.2.1.0/24
2.2.2.0/24
2.2.3.0/24
Router 5 generates the following routes into Area 135
5.5.0.0/24
5.5.1.0/24
5.5.2.0/24
5.5.3.0/24
Router 6 generates the following routes into Area 146
4.4.0.0/24
4.4.1.0/24
4.4.2.0/24
4.4.3.0/24
So let’s see how we can filter some Inter area routes
Task 1
Filter these 2 prefixes 2.2.0.0/24 and 2.2.3.0/24 form being
propagated outside area 0 and allow any other routes
So do that we create a prefix list to deny these 2 routes
and allow everything else
ip prefix-list FROM_AREA0 seq 5 deny 2.2.0.0/24
ip prefix-list FROM_AREA0 seq 10 deny 2.2.3.0/24
ip prefix-list FROM_AREA0 seq 15 permit 0.0.0.0/0 le 32
then we apply a filter list under the ospf
configuration on R1, the filtering has
to be done on the ABR routers
We need to filter these routes out from Area 0 so the filter
list will be applied outbound direction
Router ospf 1
area 0 filter-list prefix FROM_AREA0 out
now let’s see the effect of that on other Areas
on R6
R6(config)#do sh ip route | in 2.2
O IA 2.2.1.0
[110/22] via 10.1.46.4, 00:35:59, FastEthernet0/0
O IA 2.2.2.0
[110/22] via 10.1.46.4, 00:35:59, FastEthernet0/0
On R5
R5(config-if)#do sh ip route os | in 2.2.
O IA 2.2.1.0
[110/31] via 10.1.35.3, 00:25:49, FastEthernet0/0
O IA 2.2.2.0
[110/31] via 10.1.35.3, 00:25:49, FastEthernet0/0
So what happens if
add another route in area 0
R2(config-if)#do sh ip os inter br
Interface PID Area IP Address/Mask Cost
State Nbrs F/C
Lo0 1 0 2.2.0.2/24 1
P2P 0/0
Lo1 1 0 2.2.1.2/24 1
P2P 0/0
Lo2 1 0 2.2.2.2/24 1
P2P 0/0
Lo3 1 0 2.2.3.2/24 1
P2P 0/0
Lo4 1 0 2.2.4.1/24 1
P2P 0/0
Now on R6
R6(config)#do sh ip route | in 2.2
O IA 2.2.1.0
[110/22] via 10.1.46.4, 00:38:08, FastEthernet0/0
O IA 2.2.2.0
[110/22] via 10.1.46.4, 00:38:08, FastEthernet0/0
O IA 2.2.4.0
[110/22] via 10.1.46.4, 00:00:26, FastEthernet0/0
And R4
R5(config-if)#do sh ip route os | in 2.2.
O IA 2.2.1.0
[110/31] via 10.1.35.3, 00:27:53, FastEthernet0/0
O IA 2.2.2.0
[110/31] via 10.1.35.3, 00:27:53, FastEthernet0/0
O IA 2.2.4.0
[110/31] via 10.1.35.3, 00:00:53, FastEthernet0/0
Now let’s examine R1 routing table
R1(config-router)#do sh ip route os | in 2.2
O 2.2.0.0
[110/11] via 10.1.12.2, 00:02:25, FastEthernet0/0
O 2.2.1.0
[110/11] via 10.1.12.2, 00:02:25, FastEthernet0/0
O 2.2.2.0
[110/11] via 10.1.12.2, 00:02:25, FastEthernet0/0
O 2.2.3.0
[110/11] via 10.1.12.2, 00:02:25, FastEthernet0/0
O 2.2.4.0
[110/11] via 10.1.12.2, 00:02:25, FastEthernet0/0
As we can see filtering didn’t affect R1 because for R1
these routes are intra area routes
Task 2:
Remove configuration from previous task
Filter these 2 prefixes 2.2.0.0/24 and 2.2.3.0/24 from
entering area 135 only, these 2 prefixes should be still allowed to other areas
in the ospf domain
To achieve that we can use the same prefix list we used on
the first task
ip prefix-list FROM_AREA0 seq 5 deny 2.2.0.0/24
ip prefix-list FROM_AREA0 seq 10 deny 2.2.3.0/24
ip prefix-list FROM_AREA0 seq 15 permit 0.0.0.0/0 le 32
but we should apply the filter list inbound to area 135
so on R1
router ospf 1
area 135 filter-list prefix FROM_AREA0 in
no let’s check area 135 R5
R5(config-if)#do sh ip route os | in 2.2.
O IA 2.2.1.0
[110/31] via 10.1.35.3, 00:36:36, FastEthernet0/0
O IA 2.2.2.0
[110/31] via 10.1.35.3, 00:36:36, FastEthernet0/0
O IA 2.2.4.0
[110/31] via 10.1.35.3, 00:09:36, FastEthernet0/0
The two prefixes were filtered from getting into the Area
While on R6 Area 146 these 2 routes were received along all
routes from area 0
Task 3:
Remove configurations from previous task
Filter these 2 prefixes
4.4.0.0/24 and 4.4.3.0/24 from entering area 0 and allow everything else
Configuration should only affect Area 0
Again we match the two prefixes using a prefix list
ip prefix-list AREA_135 seq 5 deny 5.5.0.0/24
ip prefix-list AREA_135 seq 10 deny 5.5.3.0/24
ip prefix-list AREA_135 seq 15 permit 0.0.0.0/0 le 32
under the ospf configuration of R1 we filter these routes in
Area 0, if we filter them out Area 135 this will affect Area 146 as well
on R1
router ospf 1
area 0 filter-list prefix AREA_135 in
now let’s check the routing table on R2
R2(config-if)#do sh ip route os | in 5.5.
O IA 5.5.1.0
[110/31] via 10.1.12.1, 01:09:08, FastEthernet0/0
O IA 5.5.2.0
[110/31] via 10.1.12.1, 01:09:08, FastEthernet0/0
And the database
R2(config-if)#do sh ip os data | b Summary
Summary Net Link States (Area 0)
Link ID ADV
Router Age Seq# Checksum
5.5.1.0 1.1.1.1 1887 0x80000003 0x00B165
5.5.2.0 1.1.1.1 1887 0x80000003 0x00A66F
6.6.0.0
1.1.1.1 595 0x80000004 0x0047D6
6.6.1.0
1.1.1.1 595 0x80000004 0x003CE0
6.6.2.0
1.1.1.1 595 0x80000004 0x0031EA
6.6.3.0
1.1.1.1 595 0x80000004 0x0026F4
10.1.13.0
1.1.1.1 595 0x80000004 0x00AB68
10.1.14.0
1.1.1.1 595 0x80000004 0x0046D5
10.1.35.0
1.1.1.1 595 0x80000004 0x001DD6
10.1.46.0
1.1.1.1 595 0x80000004 0x0049A8
While on R6
R6(config)#do sh ip route | in 5.5
O IA 5.5.0.0 [110/32] via 10.1.46.4, 01:39:19,
FastEthernet0/0
O IA 5.5.1.0 [110/32] via 10.1.46.4, 01:39:19,
FastEthernet0/0
O IA 5.5.2.0
[110/32] via 10.1.46.4, 01:37:39, FastEthernet0/0
O IA 5.5.3.0 [110/32] via 10.1.46.4, 01:37:53,
FastEthernet0/0
Comments
Post a Comment