RES: [c-nsp] Re: Limiting networks announced on special link of OSPF

Murilo Antonio Pugliese mpugliese at diveo.net.br
Tue Aug 16 14:58:27 EDT 2005 

Folks.

Follow "a sample" to restrict OSPF advertisements that do work.
I'm not sure if it's intended for the discussed scenario but I'm sending anyway.

	router ospf #
	 ...
	 redistribute connected/static subnets route-map void-ospf-redistribution	
	!
	ip access-list extended void-redistribution
	 permit ip <prefix> <wildcard-mask> <mask> <wildcard-mask>
	 ...
	!
	route-map void-ospf-redistribution deny 10
	 match ip address void-redistribution
	!
	route-map void-ospf-redistribution permit 20
	!
Yours Truly.

Murilo Pugliese.

-----Mensagem original-----
De: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
Enviada em: terça-feira, 16 de agosto de 2005 11:33
Para: Jeremiah Millay; cisco-nsp at puck.nether.net
Assunto: RE: [c-nsp] Re: Limiting networks announced on special link of
OSPF


OSPF does not support generic outbound route filtering like you
described below. You can't do this for link-state routing protocols as
all routers within the area need to agree on the same topology.

	oli

Jeremiah Millay <> wrote on Tuesday, August 16, 2005 4:23 PM:

> I would use a distribute-list to filter SPECIFIC advertisements. For
> example, say you were trying to restrict the advertisement of 10.1.1.0
> out an interface like serial0/1. You would configure the following:
> access-list 24 deny 10.1.1.0 0.0.0.255
> access-list 24 permit any
> router ospf 1
>  network 10.1.1.0 0.0.0.255 area 0
>  distribute-list 24 out interface s0/1
> 
> Just change the prefix and the interface (int vlan 3 or whatever) that
> you are trying to restrict advertisements to.
> If you don't want ANY advertisements out an interface use the
> passive-interface command. (passive-interface vlan 3)
> 
> 
> cisco-nsp-request at puck.nether.net wrote:
> 
>> Message: 6
>> 
>> Date: Tue, 16 Aug 2005 15:25:06 +0800 (CST)
>> From: Joe Shen <sj_hznm at yahoo.com.cn>
>> Subject: [c-nsp] Limiting networks announced on special link of OSPF
>> To: cisco-nsp at puck.nether.net Message-ID:
>> <20050816072506.3962.qmail at web15403.mail.cnb.yahoo.com>
>> Content-Type: text/plain; charset=gb2312 
>> 
>> Hi,
>> 
>> Can I restricting networks advertised on one link in
>> OSPF?
>> 
>> 
>> My situation:
>> 
>> 
>>   Cat6509-a ------------------  Cat6509-b
>>               (Vlan3, 8 on trunk)
>> 
>> 
>> both Cat6509 run OSPF. Vlan 3 is a vlan planned for
>> server installation, while Vlan 8 is interconnection.
>> Subnet of Vlan 3 is planned as a NSSA area which
>> connects to area 0, while both catalyst6509 belong to
>> area 0. There is only one ospf process configed on
>> each catalyst6509, and there is logical interface
>> Vlan3 on both catalyst6509.
>> 
>> 
>> After setting up vlan3 interface on L3 module, I
>> noticed catalyst6509-a and catalyst6509-b establish
>> ospf neighbor relationship. And, route from 6509-b to
>> some subnet on 6509-a point to vlan 3 and vlan8. but,
>> i just don't want vlan3 on trunk link to carry any
>> traffic beside those inside vlan3.
>> 
>> How can I do it?
>> 
>> thanks
>> 
>> Joe
>> 
>> 
>> 
> 
> --
> Rock River Internet                            Jeremiah Millay
> 202 W. State St, 8th Floor              jeremiah at rockriver.net
> Rockford, IL 61101                      815-968-9888 Ext. 2202
> USA                                               fax 968-6888
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list