Saturday, June 14, 2008

OSPF - Filtering type 3 LSAs

R3 and R4 share the same Ethernet segment 172.12.34.0 via their fastethernet0/1 interfaces

Router IDs:
R3 = 3.3.3.3
R4 = 4.4.4.4

The link between R3 and R4 is in area 345 and R4 is an ABR connected to area 0.

Below is a snapshot of the area 345 LSDB. You can see the type 3 LSAs that R3 is getting from R4:

R3#show ip ospf database | begin Summary Net Link States

Summary Net Link States (Area 345)

Link ID ADV Router Age Seq# Checksum
6.6.6.6 4.4.4.4 545 0x80000001 0x00884B
172.12.25.0 4.4.4.4 545 0x80000001 0x00AC2E
172.12.45.4 4.4.4.4 555 0x80000001 0x00A2A0
172.12.45.5 4.4.4.4 545 0x80000001 0x001BE6
172.12.45.6 4.4.4.4 545 0x80000001 0x0011EF

(output omitted)

Suppose we want to filter the host route LSAs (#1,3,4 and 5 in the list above). Here's how we could do it:

On R4:

R4(config)#ip prefix-list BLOCK32 deny 0.0.0.0/0 ge 32
R4(config)#ip prefix-list BLOCK32 permit 0.0.0.0/0 le 32
R4(config-router)#area 0 filter-list prefix BLOCK32 out

Clear the OSPF process on R3 and now let's have a look:

R3#show ip ospf database | begin Summary Net
Summary Net Link States (Area 345)

Link ID ADV Router Age Seq# Checksum
172.12.25.0 4.4.4.4 1074 0x80000001 0x00AC2E

(output omitted)

You can verify on R4 like this:

R4#show ip ospf | section Area
Area BACKBONE(0)
Area has no authentication
Area ranges are
Area-filter BLOCK32 out
Area 345
Area has no authentication
Area ranges are
R4#

Of course this did break some connectivity in my lab, so be careful when you use this :)

1 comment:

  1. What is this for? I don't understand what is this mean? I hope that it will explain in the most easiest way for us to understand.

    Mary from √©vier de cuisine 

    ReplyDelete

Note: Only a member of this blog may post a comment.