[c-nsp] ospf between me and customer - design ?
Ryan O'Connell
ryan at complicity.co.uk
Thu Feb 24 15:11:40 EST 2005
On 24/02/2005 16:00, matthew zeier wrote:
>For various reasons, it's been decided to run OSPF between me and a
>customer network. However, since their gear is outside my
>administrative control, I want to make sure I only get the networks I
>expect from them and they only get a default route from me.
>
>Unfortunately, I haven't had to think about OSPF in a long time and I'm
>not sure what the best route to solve this is.
>
>Assuming they'll be in their own area, should I use area filter-lists or
>create another ospf process and use distribute-in/out filters? Or
>should I make them a stub and use either a seperate ospf process or area
>filter-lists ?
>
>
If you must do it, run a seperate process and use distribute lists.
However, you should consider the effect it could have on your network if
they accidentally redistribute BGP into OSPF or have a very very large
number of flapping routes for some reason - it will most likely take
down both routers which could be a disaster if they're important. (E.g.
part of your core)
Is there some reason you can't run BGP with them using a private AS
number and just redistribute that into your own OSPF?
--
Ryan O'Connell - CCIE #8174
<ryan at complicity.co.uk> - http://www.complicity.co.uk
I'm not losing my mind, no I'm not changing my lines,
I'm just learning new things with the passage of time
More information about the cisco-nsp
mailing list