OSPF route filtering commands .
- intra-area routes
- area range + not advertise
- distribute-list in ( affect the routing table only )
- filter-list
- inter-area routes
- filter-list
- distribute-list in ( affect the routing table +flooding)
- external routes
- distribute-list out
- summary-address + not advertise
- redistribute + filter (route-map)
intra area routes
1. area range + not advertise
- will only work for directly connected networks.
- this command will create a summary route, but it will not be injected to area 0.
R1(config-router)#area 1 range 172.16.0.0 255.252.0.0 not-advertise
2. distribute-list in
- be careful because this command behavior change with inter routes.
- this command will only block the route from the routing table but the route will still be flooded to other areas.
- the reason is that the route will be summarized before the distribute-list
- in easy word, type 3 will created and flooded before the distribute-list in
- this command will create blackhole. because the flooded route will be unreachable .
Please use this command with intra routes unless you know what you are doing
R1(config-router)#distribute-list prefix myrange in
R1(config)# ip prefix-list block172 seq 1 deny 172.16.0.0/14 ge 24 le 24
3. Filter-list
- will be explained in next section.
Inter area routes
1. Filter-list ( intra + inter)
- can be used at any ABR.
- this will just prevent the LSA that received/created by a router from being inject to an area.
- this command work with intra – inter and summarized routes .
- this command work with routes that is going IN or coming OUT from an area
- filter-list out will include all areas that an ABR connected to, so if you have 1 area connected to that ABR it wont make a different, but if you have two areas and want to choose then use IN
R1(config-router)#area 0 filter-list prefix block172 in (intra) or R1(config-router)#area 1 filter-list prefix block172 out (intra) or R2(config-router)#area 0 filter-list prefix block172 out (inter) or R2(config-router)#area 2 filter-list prefix block172 in (inter) or R2(config-router)#area 3 filter-list prefix block172 in (inter)
2. distribute-list in
- what this command will do is preventing the routes from entering the routing table, and as a result of that:the ABR is re-generating a type-3 lsa, the Route must be in the routing table,so this command remove a route from routing table so type-3 will not be created.
R2(config-router)#distribute-list prefix block172 in
now i think you got the idea about they work.
the question will be where to add them, here or there and why.
check this diagram : i have added all possible points to use the above commands, you will only use one of them and that will depend on the situation.
on point 2 :
distribute-list in : remove the route from routing table + it will not be sent to area 2 or 3
filter-list out : filter a route from being sent to any area ( this route can be intra or inter or a summarized )
filter-list in : will filter a route going to a specific area.
on point 1 :
distribute-list in : remove the route from routing table but the route will continue to be flooded (blackhole)
area range : will create a summary but this summary will not be advertised to any area
filter-list out : will filter the router from being sent to any area , imagine that R1 is connected area 4 + area 0
filter-list in : this will prevent the route to be send to specific area’s
external routes
1.Summary-address + not advertise
- so this command will create external summary, but this summary will not be injected.
R2(config-router)#summary-address 172.16.0.0 255.252.0.0 not-advertise
2.Distribute-list out
R3(config-router)#distribute-list prefix block200 out
3. redistribute + route map
R3(config-router)#redistribute eigrp 1 route-map block200 R3(config)#route-map block200 permit 1 R3(config-route-map)#match ip address prefix-list block200