Configure OSPF to filter received routes on S series switches

10

The Open Shortest Path First (OSPF) is a routing protocol based on the link status. Unlike the routing protocols using the distance-vector (D-V) algorithm, OSPF ensures topology consistency and provides loop-free routes. To configure OSPF to filter routes, run the filter-policy import command. The record about the LSA of a route filtered out exists in the OSPF database. The OSPF process does not add the route to the routing table but the LSA of the route is advertised. That is, the peer end can receive the route. The filter-policy export command can only be used to configure OSPF to filter imported external routes to be advertised.

OSPF also supports the filtering of routes carried in Type 3 LSAs on ABRs. This feature enables ABRs to filter routes when advertising Type 3 LSAs between OSPF areas. Only the packets with prefixes meeting requirements can be transmitted from one area to another. In this way, the incoming and outgoing packets of an area are controlled.

Other related questions:
Configuring OSPF to filter received routes
As a link state-based routing protocol, OSPF is different from a distance-vector (D-V) algorithm routing protocol and ensures consistent topological relationship. This is an important condition for loop-free OSPF routing. You can run the filter-policy import command to filter routes in OSPF configuration. The link-state advertisement (LSA) of a route filtered out exists in the OSPF database. OSPF simply does not add the route to the routing table of the route manager. In addition, the LSA of the route is still advertised. That is, the neighbors still have this route. Note that the filter-policy export command can be used to filter routes when external routes are redistributed for advertisement. Perform as follows to configure OSPF to filter received routes: 1. Run the system-view command to access the system view. 2. Run the ospf [ process-id ] command to access the OSPF process view. 3. Run the filter-policy { acl-number | ip-prefix ip-prefix-name } import command to configure the filtering of received routes. Perform as follows to configure OSPF to filter imported routes: 1. Run the system-view command to access the system view. 2. Run the ospf [ process-id ] command to access the OSPF process view. 3. Run the import-route { limit limit-number | { bgp [ permit-ibgp ] | direct | unr | rip [ process-id-rip ] | static | isis [ process-id-isis ] | ospf [ process-id-ospf ] } [ cost cost | type type | tag tag | route-policy route-policy-name ] * } command to import routing information of other protocols. (Optional) Run the filter-policy { acl-number | ip-prefix ip-prefix-name | route-policy route-policy-name } export [ direct | static | unr | bgp | { rip | isis | ospf } [ process-id ] ] command to configure the filtering of routes imported in step 3. Only filtered routes can be advertised. You can specify direct, static, unr, bgp, rip [ process-id ], isis [ process-id ], and ospf [ process-id ] to filter routing information of a specific protocol or process. If you do not specify direct, static, unr, bgp, rip [ process-id ], isis [ process-id ], or ospf [ process-id ], OSPF filters all imported routing information.

How does OSPF filter received routes
As a link state-based routing protocol, OSPF is different from a distance-vector (D-V) algorithm routing protocol and ensures consistent topological relationship. This is an important condition for loop-free OSPF routing. You can run the filter-policy import command to filter routes in OSPF configuration. The link-state advertisement (LSA) of a route filtered out exists in the OSPF database. OSPF simply does not add the route to the routing table of the route manager. In addition, the LSA of the route is still advertised. That is, the neighbors still have this route. Note that the filter-policy export command can be used to filter routes when external routes are redistributed for advertisement. OSPF provides another feature: OSPF Area Border Router (ABR) Type 3 LSA filtering. This feature extends the ability of an ABR that is running the OSPF protocol to filter type 3 LSAs that are sent between different OSPF areas. This feature allows only packets with specified prefixes to be sent from one area to another area and restricts all packets with other prefixes. This type of area filtering can be applied out of a specific OSPF area, into a specific OSPF area, or into and out of the same OSPF areas at the same time.

Configure the priority of an OSPF route on an S series switch
The routing protocols may share and select the routing information because a switch may run multiple dynamic routing protocols simultaneously. In this case, a priority should be set for each routing protocol. When different protocols find multiple routes to the same destination, the route discovered by the protocol with a higher priority is preferred. On an S series switch, you can run the preference command in the OSPF process view to configure the OSPF priority. Perform the following operations: 1. Run the ospf [ process-id ] command in the system view to enter the OSPF process view. 2. Run the preference [ ase ] { preference | route-policy route-policy-name } * command to configure the OSPF priority. The parameters are described as follows: ase: indicates the priority of the AS-External route. preference: indicates the OSPF route priority. A smaller value indicates a higher priority. route-policy route-policy-name: indicates the priority for specified routes in the routing policy. The default OSPF priority value is 10. When an ASE is specified, the default OSPF priority is 150. For example, set the priority of routes in OSPF process 100 to 150 as follows: [HUAWEI] ospf 100 [HUAWEI-ospf-100] preference 150

Configure an S series switch to accelerate OSPF route convergence
The following network changes affect OSPF route convergence. A device detects that the peer link is down and the neighbor relationship becomes invalid. A new link-state advertisement (LSA) is generated and flooded. The Link State Database (LSDB) is updated. A new route is calculated through the Shortest Path First (SPF) routing algorithm and delivered to the Forwarding Information Base (FIB) table. To accelerate OSPF aggregation, you can perform the following operations on a switch: Set a Hello interval and a Dead interval on the peer device or configure the BFD to rapidly detect failures. Set spf-schedule-interval (of which the default value is 5, in seconds) to a smaller value to shorten the SPF calculation interval. Set the LSA generation interval to a smaller value. Set the LSA arrival check interval to a smaller value. Run the ospf trans-delay command in an interface view to speed up LSA flooding.

Why configure OSPF route tag on S series switches
For S series switches supporting OSPF, the OSPF router tag is applied to VPNs and prevents loops of Type 5 LSAs in CE dual-homing networking. If the tag of a received Type 5 LSA is the same as the router tag of OSPF on a PE, the PE neglects this LSA when calculating routes. When a CE is connected to two PEs, PE1 generates a Type 5 LSA based on the imported BGP route and sends the LSA to the CE, and the CE forwards the LSA to PE2. The OSPF route takes precedence over the BGP route, so PE2 replaces the BGP route with the OSPF route. As a result, a loop occurs. If the route tag is configured on a PE, when the PE receives an LSA with the same route tag as its own route tag, it neglects this LSA, avoiding loops. By default, the route tag is calculated using the BGP AS number. If BGP is not configured, the route tag is 0. In OSPF public network instances, router tags cannot be used to prevent loops but can be used as a filtering condition in a policy. When setting the router tag of ASE-LSAs and NSSA-LSAs, not the following: The route-tag command is used in the OSPF multi-instance scenario. The default tag command is used in the OSPF public network instance scenario. The import-route tag command can be used in either of the preceding scenarios.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top