I would like to filter OSPF routes received via a particular interface. We have a VoIP system at a location for which we’d like to provide redundancy whilst essentially dropping data traffic when the primary link is unavailable.
router1 ------- link A ------- router2
\---------- link B --------/
I have the interfaces facing link B set with a higher cost but how do I structure the OSPF route filter to accomplish the following:
/routing filter
add action=accept chain=ospf-in prefix=10.0.50.0/24 interface=linkB
add action=reject chain=ospf-in interface=linkB
Could I filter the routes based on a next-hop or gateway setting?
Thanks for you idea but this unfortunately wouldn’t work. I had simplified an objective to hopefully learn methods of filtering routes received via a specific interface or routes with a specific next-hop gateway.
We have BGP established on two routers to different ISPs and run OSPF on 1 Gbps and 10 Mbps links between these routers. I would like to restrict which routes are distributed and learnt via OSPF, when the primary link fails, so that VoIP continues to utilise the 10 Mbps service. Our BGP summarisation would then only announce the subnets for VoIP via both ISPs whilst dropping announcements for remote subnets.
Unfortunately, your design doesn’t work because OSPF behaves a lot differently than BGP - it doesn’t make a list of routes and then send them to its neighbors. OSPF builds a map of your network and a list of which networks are connected to which routers, and then plots the lowest-cost route to each of those via the map that it’s built. Therefore you really can’t filter OSPF in the way that you’re thinking.
Now what you COULD do is run a second OSPF instance and redistribute the VoIP networks into the second OSPF instance using a filter, and only activate the second instance on that 10M link. Be careful though, because this kind of topology and redistribution could lead to routing loops. I would suggest that you set the administrative distance of the second OSPF process’s routes to be pretty bad, like 199.
Furthermore, if you’re using iBGP - realize that your full routing table is still going to be shared between them, even though OSPF routes aren’t.
Just to add my 2cents here, you cant really filter ospf in that way when you’re working intra area (same area route exchange) because you can’t filter LSA, you can avoid a route being installed but it doesn’t mean the other routers will know and react according to this.
OSPF does behave like a distance vector protocol in inter area route exchange (LSA 3) it gathers information about its routing table and then send the update basically almost the same that rip does. And in external routes exchange (only in the ASBR) (LSA 5, 7).
So in reality you could do something like this in an ABR in routes being exchanged inter area. And in the ASBR in routes exchanged between autonomous systems (routing domains)