[quagga-dev 8487] Re: New feature request (OSPF Inbound Filtering)

Barry Friedman barryf at google.com
Thu Jan 27 16:14:03 GMT 2011


Have you tried the following?

route-map IMPORT permit 10
 match ip address prefix-list IMPORT
!
ip protocol ospf route-map IMPORT

Note this filters between ospf and the RIB, but that is also what the
Cisco command is doing:
http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a0080094704.shtml#q12

Regards,
Barry

On Thu, Jan 27, 2011 at 5:48 AM, Humberto Jucá <betolj at gmail.com> wrote:
> Hi, im Brasilian.
>
> I like the Quagga project and im using in our network (Core firewalls).
> I know how to configure routing filters in Quagga, but i miss some
> controls like "OSPF Inbound Filtering" (for any given route).
>
> Something like this:
> http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/routmap.html
>
> At now, Quagga cant do this.
> Look this example made in Cisco router:
>
>         router ospf 1
>         ...
>         distribute-list prefix IMPORT in
>         ...
>
>         ip route 10.0.0.0 255.0.0.0 10.x.y.z
>
>         ip prefix-list IMPORT seq 5 permit 10.1.2.0/24
>         ip prefix-list IMPORT seq 10 permit 10.2.0.0/16
>         ip prefix-list IMPORT seq 15 permit 10.1.4.0/24
>         ip prefix-list IMPORT seq 20 permit 172.31.1.0/24
>         ip prefix-list IMPORT seq 25 permit 172.20.0.0/16
>         ip prefix-list IMPORT seq 30 deny 10.0.0.0/8 le 32
>         ip prefix-list IMPORT seq 35 deny 172.16.0.0/12 le 32
>         ip prefix-list IMPORT seq 40 deny 192.168.0.0/16 le 32
>         ip prefix-list IMPORT seq 45 permit 0.0.0.0/0 le 32
>
> This works perfect in Cisco routers.
> I can do the same filter in 3Com layer3 Switchs ("filter-policy
> ip-prefix IMPORT import").
>
> The result in the Cisco or 3Com corresponds *exactly* to that defined
> by the filters (no matter LSA type).
> Before writing, I did this test to make sure.
>
> I cant do this filter in Quagga routers.
> _______________________________________________
> Quagga-dev mailing list
> Quagga-dev at lists.quagga.net
> http://lists.quagga.net/mailman/listinfo/quagga-dev
>



More information about the Quagga-dev mailing list