OSPF filter

hrober · January 23, 2012, 6:18pm

Hi guys,

I’m trying to filter some external routes using out-ospf chain but it isnt working. My scenario is:

[RTR_1] -----[OSPF]----[Core Router]----[OSPF]----[Border Router]

RTR_1 has a OSPF session’s with Core Router and this one has a session with Border Router.

I would like to filter advertisments between Core Router and Border Router. For example:

Suppose that accidentally someone has add a incorrect route in RTR_1, in this case I wouldn’t like to propagate this wrong advertisment to Border Router.

I tryed something like this:

/routing filter
add action=accept chain=ospf-out disabled=no invert-match=no prefix=10.0.0.0/24 \
    protocol=ospf
add action=reject chain=ospf-out disabled=no invert-match=no

But if I install a different route from 10.0.0.0/24 in RTR_1 it’ll propagate to Border router.

awsmith · January 31, 2012, 8:07pm

My understanding is that you can only filter redistribution into and out-from OSPF, not OSPF routes themselves, as OSPF depends on routers having the same information within an area.