[quagga-users 10221] Re: OSPF filtering

Ian FREISLICH ianf at clue.co.za
Mon Dec 22 07:33:50 GMT 2008


Adrian Kerchev wrote:
> =20
> I've been trying to filter inbound prefixes with import-list and
> filter-list but it does not working. Here is my configuration:
> --------------------------- cut --------------------------------
> router ospf
> ospf router-id 192.168.11.5
> network 192.168.11.0/24 area 0.0.0.0
> area 0.0.0.0 import-list test
> area 0.0.0.0 filter-list prefix test in
> !
> access-list test deny 3.3.3.0/24
> !
> ip prefix-list test seq 10 deny 3.3.3.0/24
> ip prefix-list test seq 20 permit any
>
> As you can see the prefix 3.3.3.0 is not filtered!
> I'm also using BGP with quagga and i'm not having such filtering
> problems there. Please advice what i'm doing wrong.

I also have success filtering on RIP with the following to filter
rfc-1918 routes advertised by our (dumb) sattelite provider.

router rip
 version 2
 ....
 distribute-list no-rfc-1918 in 
!
access-list no-rfc-1918 deny 10.0.0.0/8
access-list no-rfc-1918 deny 127.0.0.0/8
access-list no-rfc-1918 deny 172.16.0.0/12
access-list no-rfc-1918 deny 192.168.0.0/16
access-list no-rfc-1918 permit any
!
route-map no-rfc-1918 permit 10
 match ip address no-rfc-1918

But, ospf appears to only be able to filter outbound routes.  I
believe this is a deficiency in quagga:

firewall2(config-router)# distribute-list test  (?)
  out  Filter outgoing routing updates
firewall2(config-router)# distribute-list test 

It looks like something might be done with:

area 0 range 3.3.3.0/24 not-advertise

Ian

--
Ian Freislich


More information about the Quagga-users mailing list