Good day All,
there are numerous posts for inbound route filters for OSPF. I am struggling to find examples of outbound route filters. I need to prevent certain connected IP ranges from being distributed by ospf.
if (dst==10.0.0.0/24) { accept; }
if (dst in 10.0.0.0/8) { accept; }
if (dst==10.0.0.0/8) { reject; }
if (dst==192.168.0.0/16) { reject; }
accept;
if (dst in 10.0.0.0/8) { reject; }
if (dst in 192.168.0.0/16) { reject; }
accept;
# From a working example
/routing filter rule
# Allow CGNAT subnets to be advertised
add chain=ospf-out disabled=no rule="if (dst in 100.64.0.0/10 && dst-len in 24-32) { accept; }"
# Allow management IP's to be advertised
add chain=ospf-out disabled=no rule="if (dst in 10.0.0.0/8 && dst-len in 16-32) { accept; }"
# By default anything else the router has is rejected