Prerequisites: CCNP level skills.
Note!
Routers use OSPF configuration from the lab 6.
One thing to remember is that all routers within the same OSPF area share the EXACT same LSA database! This will affect how we can filter OSPF updates.
There are a few filtering methods:
- Ingress filtering using a 'distribute-list'.
- Ingress filtering using a 'distribute-list' with a 'route-map'.
- Ingress filtering by changing the Administrative Distance of the prefixes to UNKNOWN (255).
- Type 3 LSA filtering using 'area area-number range' command (applied on ABR).
- Type 3 LSA filtering using 'filter-list' command.
- LSA Flooding Filtering.
The last three methods (4-5) are inter-area filters preventing LSAs from entering LSDB.
Topology
Pic. 1 - OSPF Multi-Area Topology.
Icons designed by: Andrzej Szoblik - http://www.newo.pl
Task List
Task 1
On R3, check the routing table. Make sure that it shows prefixes: 172.16.104.0/24 and 172.16.144.0/24.
Task 2
Configure router(s) so R3 does not receive 172.16.104.0/24 and 172.16.144.0/24 prefixes.
Task 3
Check the results.
Lab Solution
Task 1
On R3, check the routing table. Make sure that it shows prefixes: 172.16.104.0/24 and 172.16.144.0/24.
Pic. 2 - R3's Routing Table.
Task 2
Configure router(s) so R3 does not receive 172.16.104.0/24 and 172.16.144.0/24 prefixes.
Note!
'Filter-list' command can only take a prefix-list as its argument (as of the time of writing this post).
R1 Configuration:
!
ip prefix-list DENY_R4_LOOPBACKS seq 5 deny 172.16.104.0/24
ip prefix-list DENY_R4_LOOPBACKS seq 10 deny 172.16.144.0/24
ip prefix-list DENY_R4_LOOPBACKS seq 15 permit 0.0.0.0/0 le 32
!
ip prefix-list DENY_R4_LOOPBACKS seq 10 deny 172.16.144.0/24
ip prefix-list DENY_R4_LOOPBACKS seq 15 permit 0.0.0.0/0 le 32
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
area 1 filter-list prefix DENY_R4_LOOPBACKS out
network 10.1.13.1 0.0.0.0 area 0
network 10.1.124.1 0.0.0.0 area 1
network 172.16.101.1 0.0.0.0 area 0
router-id 1.1.1.1
log-adjacency-changes
area 1 filter-list prefix DENY_R4_LOOPBACKS out
network 10.1.13.1 0.0.0.0 area 0
network 10.1.124.1 0.0.0.0 area 1
network 172.16.101.1 0.0.0.0 area 0
!
R2 Configuration:
!
ip prefix-list DENY_R4_LOOPBACKS seq 5 deny 172.16.104.0/24
ip prefix-list DENY_R4_LOOPBACKS seq 10 deny 172.16.144.0/24
ip prefix-list DENY_R4_LOOPBACKS seq 15 permit 0.0.0.0/0 le 32
!
ip prefix-list DENY_R4_LOOPBACKS seq 10 deny 172.16.144.0/24
ip prefix-list DENY_R4_LOOPBACKS seq 15 permit 0.0.0.0/0 le 32
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
area 1 filter-list prefix DENY_R4_LOOPBACKS out
network 10.1.13.1 0.0.0.0 area 0
network 10.1.124.1 0.0.0.0 area 1
network 172.16.101.1 0.0.0.0 area 0
router-id 1.1.1.1
log-adjacency-changes
area 1 filter-list prefix DENY_R4_LOOPBACKS out
network 10.1.13.1 0.0.0.0 area 0
network 10.1.124.1 0.0.0.0 area 1
network 172.16.101.1 0.0.0.0 area 0
!
Task 3
Check the results.
Pic. 3 - R3's Routing Table with Filter-List.
The prefixes in question no longer show in R3's routing table.