Hello Folks!
We have a complex network with many subnets and routers, all routing is fully static all over, and it has been successful for almost 8 years, not at all any problems has been observed.
We tried to implement OSPF in order to be able "route around" failing l2tp links. Well that was not a problem.
I made two L2TP links from each remote device connected to two different routers connected to different ISP.
Then I made OSPF distribute routes to connected networks by checking redistribute directly connected networks. It become a disaster in few moments, whole l2tp network collapsed and started to go up and down.
It seems like OSPF distributed also the public network that the vpn routers were connected to. Then I put in route filters to reject sending out those public networks. Then in worked very nicely, failover between l2tp links worked perfectly and fast.
Then next problems arrived, I have to remove and older ipsec + nat configuration between two offices.
I made lt2p links the same way as for the clients, using filters the same way as before, all seemed fine some moments. Then all break down again, looking around in the routers again the public networks was distributed, and yes filters are in all ospf routers. Other oddities arrived, several routers not at all using ospf not enabled on them, rebooted.....
routing filters... hmm...
How can I prevent ospf replicating our routes to network attached based on interface level instead of some strange mask+prefix that does not work anyway ?
For example)
I have local networks attached to an ospf router: eth1=192.168.1.0/24, eth2=172.16.1.0/24 and eth3=192.168.16.0/24.
But I want ospf to replicate out only the two first ones ?