Why do some routing policies not take effect for a routing protocol on S series switches

7

When a routing policy contains the routing attribute modification action, the routing policy does not take effect because the routes advertised by the routing protocol cannot carry the attribute. For example, a routing policy is configured to modify the next-hop attribute of OSPF external routes, the routing policy does not take effect because DD packets used to advertise routes do not carry the next-hop attribute.
Some routing policies only take effect for certain protocols. For example, the policy where community attributes are matched can only be applied to BGP. In addition, the BGP protocol runs based on point-to-point neighbor relationships; therefore, some policies can be used only on a peer device.

Other related questions:
Why static routes imported to OSPF on an S series switch fail to take effect
Question: Why do static routes imported to OSPF fail to take effect? Answer: If a static route imported to OSPF has a lower precedence than other routes, OSPF does not advertise this static route.

On S series switches, why cannot inter-area OSPF route summarization take effect
Question: Why cannot inter-area OSPF route summarization take effect? Answer: As defined in RFC 2328, when an ABR summarizes inter-area routes, it directly generates a Type 3 LSA regardless of the configured range value. When the ABR summarizes intra-area routes, it generates a Type 3 LSA based on the configured range value. However, route summarization can cause more LSAs being transmitted into the backbone area, making the network unstable.

Why do static routes imported to OSPF fail to take effect
If a static route imported to OSPF has a lower preference than other routes, OSPF does not advertise this static route.

Problem and solution when an OSPF route filtering policy does not take effect
The reason that an OSPF route filtering policy does not take effect is as follows: For example: User ---------- MA5200F ---------- Firewall---------- NE80 ---------- Internet Open Shortest Path First (OSPF) is run on three devices, and the firewall acts as the NAT device. The NE80E cannot learn routes to private network segments. Firewall configurations are as follows: acl number 2999 rule 5 deny source 10.0.0.0 0.255.255.255 /*Filtered private network segments*/ rule 10 deny source 192.168.0.0 0.0.255.255 /*Filtered private network segments*/ rule 15 permit ospf 1 filter-policy export 2999 area 0.0.0.0 network 218.206.107.220 0.0.0.3 The routing table of the NE80 still has routes to private network segments. [JSNJ-MB-CMNET-RT01-HJL_NE80]display ip routing-table 10.33.16.192 Destination/Mask Protocol Pre Cost Nexthop Interface 10.33.16.192/26 O_ASE 50 1 218.206.97.234 Ethernet5/0/13 0.0.0.0/0 STATIC 40 0 218.206.97.109 GigabitEthernet1/0/ The route policy in the OSPF view of the firewall that uses the VRP3.30 platform takes effect only for local routes, not the LSA transmitted by the firewall to the NE80. In conclusion, because OSPF is a dynamic routing protocol based on link status and routing information is expressed through link status, OSPF cannot filter advertised or received LSAs. The filter-policy import command filters the routes calculated by OSPF. Only routes that match the filtering conditions are added to the routing table. The filter-policy export command enables a device to filter routes advertised by the device. Only routes that match the filtering conditions can be advertised.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top