[c-nsp] ospf between me and customer - design ?

Ryan O'Connell ryan at complicity.co.uk
Thu Feb 24 15:11:40 EST 2005


On 24/02/2005 16:00, matthew zeier wrote:

>For various reasons, it's been decided to run OSPF between me and a 
>customer network.  However, since their gear is outside my 
>administrative control, I want to make sure I only get the networks I 
>expect from them and they only get a default route from me.
>
>Unfortunately, I haven't had to think about OSPF in a long time and I'm 
>not sure what the best route to solve this is.
>
>Assuming they'll be in their own area, should I use area filter-lists or 
>create another ospf process and use distribute-in/out filters?   Or 
>should I make them a stub and use either a seperate ospf process or area 
>filter-lists ?
>  
>

If you must do it, run a seperate process and use distribute lists. 
However, you should consider the effect it could have on your network if 
they accidentally redistribute BGP into OSPF or have a very very large 
number of flapping routes for some reason - it will most likely take 
down both routers which could be a disaster if they're important. (E.g. 
part of your core)

Is there some reason you can't run BGP with them using a private AS 
number and just redistribute that into your own OSPF?

-- 
         Ryan O'Connell - CCIE #8174
<ryan at complicity.co.uk> - http://www.complicity.co.uk

I'm not losing my mind, no I'm not changing my lines,
I'm just learning new things with the passage of time



More information about the cisco-nsp mailing list