Community discussions

MikroTik App
 
nabuk
newbie
Topic Author
Posts: 47
Joined: Sun Sep 05, 2004 1:45 pm
Location: Italy

Ospf routing filer how to ?

Thu Feb 23, 2006 9:54 pm

Hi,
I want configure some routing filter to stop /32 subnet re-distributing in ospf.
But mikrotik seem to ignore my filter:

prefix=x.x.x.x/32 prefix-lenght=32 action=reject chain=ospf-out

Any idea ?

Also, how can i stop the re-distribution of subnet smaller that /30 or /29 ?


Thanks to all

Mikrotik was 2.9.13 with routing-test
 
eflanery
Member
Member
Posts: 382
Joined: Fri May 28, 2004 10:11 pm
Location: Moscow, ID
Contact:

Fri Feb 24, 2006 12:03 am

To just drop the /32s:
prefix=0.0.0.0/0 prefix-length=32 action=discard chain=ospf-out
if you want to drop everything /29 or longer:
prefix=0.0.0.0/0 prefix-length=29-32 action=discard chain=ospf-out
--Eric
 
nabuk
newbie
Topic Author
Posts: 47
Joined: Sun Sep 05, 2004 1:45 pm
Location: Italy

Fri Feb 24, 2006 9:25 am

Thanks, but it doesn't work. Must I enable filter somewere in ospf settings ?
 
eflanery
Member
Member
Posts: 382
Joined: Fri May 28, 2004 10:11 pm
Location: Moscow, ID
Contact:

Fri Feb 24, 2006 9:01 pm

Your not trying to filter routes that arrive via OSPF from being redistributed via OSPF, are you?

That won't work, and things would be much worse if it did, OSPF really needs to be internally consistant. Ospf-out filtering must be done at the router that is injecting the routes in the first place, not somewhere in the middle.

However, asuming that is not the case, it would be interesting to see the results of a "/routing export" command.

--Eric
 
nabuk
newbie
Topic Author
Posts: 47
Joined: Sun Sep 05, 2004 1:45 pm
Location: Italy

Fri Feb 24, 2006 9:50 pm

Eric,
I want filter on pppoe-server. It add a /32 route for every customer, and i want block the re-distribution of thoose /32 subnet.

# feb/24/2006 20:47:59 by RouterOS 2.9.12
# software id = 9UAC-3TT
#
/ routing filter
add chain=ospf-out prefix=0.0.0.0/0 prefix-length=32 action=discard comment="" disabled=no
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=as-type-1 redistribute-static=no redistribute-rip=no redistribute-bgp=no metric-default=1 metric-connected=20 metric-static=20 \
metric-rip=20 metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none prefix-list-import="" prefix-list-export="" disabled=no
add area-id=0.0.0.1 name="local_10" default-cost=1 stub=no authentication=none prefix-list-import="" prefix-list-export="" disabled=no
/ routing ospf network
add network=y.y.y.y/30 area=local_10 disabled=no
/ routing bgp instance
set default as=65530 router-id=0.0.0.0 redistribute-static=no redistribute-connected=no redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no name="default" out-filter="" disabled=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1 metric-bgp=1 update-timer=30s timeout-timer=3m \
garbage-timer=2m
/ routing rip interface
add interface=all receive=v2 send=v2 authentication=none authentication-key="" in-filter="" out-filter="" key-chain=none disabled=no
 
eflanery
Member
Member
Posts: 382
Joined: Fri May 28, 2004 10:11 pm
Location: Moscow, ID
Contact:

Mon Feb 27, 2006 8:24 pm

I have a similar setup on a few units, and it works fine.

However, there are a couple of differences.

I'm first allowing only the networks I want, and then dropping the rest.

Sort of like:
chain=ospf-out prefix=0.0.0.0/0 prefix-length=1-24 action=accept
chain=ospf-out action=discard
Also, all the units setup like this are still running 2.9.6, so something may have changed.

I'll give it a spin on some more recent test boxes when I get a chance.

--Eric

Who is online

Users browsing this forum: 0xFFF, Baidu [Spider], Bing [Bot], biomesh, gotsprings, rafaelwzs, sindy, tippenring, Znevna and 85 guests