OSPF route filtering and default route Injection

OSPF route filtering and default route Injection
Time: Source: unknown author: admin CLICK: 311 times
This is just a Summary of the experiment experience, and the details still need to be improved. and make a record. 1. when you use area 1 filter-list area 1 filter-list prefix FILTER in/out interface // the three types of LSA routes that match in the previous region list to enter or go out to area 1, permit or deny 2. use the area x range Command to generate a summary route without notice. This filters out three types of LSA, namely, o ia route r4 (config-router) # area 1 range 150.1.6.6 255
This is just a Summary of the experiment experience. The details still need to be improved and recorded.
 
 
‍1. Use area 1 filter-list
Area 1 filter-list prefix FILTER in/out interface
// When the three types of LSA routes matched in the pre-renewal list enter or exit area 1, permit or deny
2. Use the area x range Command to generate a summary route, but do not advertise it to filter out three types of LSA, that is, o ia route.
R4 (config-router) # area 1 range 150.1.6.6 255.255.255.255 not-advertise
// R4 is an ABR router. Do not advertise the route 150.1.6.6 in area 1 to area 0.
R4 (config-router) # area 0 range 150.1.5.5 255.255.255.255 not-advertise
// R4 is an ABR router. Do not advertise the route 150.1.5.5 in area 0 to area 1.
 
3. Use distribute-list and access-list to filter the route entry from the previous route entry to the local route table.
R1 (config-router) # distribute-list 99 in
// Only routes matching access-liss 99 can be filtered to enter the local route table,★It cannot prevent LSA from spreading.

4. Use distribute-list and route-map to disable route entries generated by some sources from accessing the local route table. Take O E2 as an example:
Access-list 1 permit host 150.1.6.6 (★Must be a router-id)
Route-map FILTER_OSPF deny 10
Match ip route-source 1 // match with 150.1.6.6 (★Must be a router-id) for the route advertised by the source
Match route-type external type-2 // only matches external routes. The two statements are logical and
Route-map FILTER_OSPF permit 10000 // empty statement. The statement structure is adjusted as needed.
Router ospf 1
Distribute route-map FILTER_OSPF in
5. Filter three types of routes and external routes by changing the management distance. (LSA is not filtered)
Note that o ia is produced by ABR, while o e is generated by ASBR.
Distance 255 150.1.6.6 0.0.0.0 99 // 99 is filtered out by 150.1.6.6 (★Must be a router-id) generated O Class E route
Distance 255 150.1.4.4 0.0.0.0 98 // 98 is filtered out by 150.1.4.4 (★Must be a router-id) to generate an o ia route
==============================================
When there are two or more NSSA zones in which an ABR exists, the maximum router-id is NSSA Area 7-> 5 translator,
And pass the new type 5 LSA after the conversion to other regions, including other ABR.
Only the route table of the translator displays the route entry of O N2. On the other ABR, the O E2 is displayed because of o e-> o n.
 
6. Run the command summary-address 160.1.60.0 255.255.255.0 not-advertise on the translator.
Filter out the five types of LSA generated after the conversion, so that the O N2 route is visible in all the route tables on the ABR, but the LSA of the route is not available in other regions.
Command reference:
R1 (config-router) # summary-address 66.66.66.66 255.255.255.255?
Not-advertise Do not advertise when translating OSPF type-7 LSA
Tag Set tag
 
NSSA suppress-fa feature
After the area 1 nssa translate type7 suppress-fa command is run on the translator, the forwarding address in the new LSA from 7 to 5 is changed to 0.0.0.0.
Previously, due to the next hop problem of FA, the O E2 (7 to 5) type routing in the route table does not appear. Now you can enter the route table.
========================================================== =
Default OSPF nssa route
■ Place seven categories of default values to nssa over The nssa region in The nssa region: area 1 nssa default-information-originate metric 100
// No default route exists.
■ Place The nssa region to The nssa region by default: no-summary to make it into the totally-nssa region.
Router ospf 1
Area 1 nssa no-summary
Area 1 default-cost 100
■ Delegate 7 categories to nssa region on the ASBR of nssa region default: area 1 nssa default-information-originate metric 100
In this case, a default ip address must exist. You can write the ip address route 0.0.0.0 0.0.0.0 null0.
When the nssa region has a default route, there is no o n route (route table optimization). The no-redistribute parameter is used to achieve this purpose.
★Note that default-information originate always generates 5 default routes, so they cannot be used in The nssa region.
It is also not possible to inject 0.0.0.0 0.0.0.0 into the ospf region by default by means of republishing static, which is the same as the link status protocol.