Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Route filtering in OSPF

Route filtering in OSPF

Created: Sep 13, 2020 23:02:11Latest reply: Sep 15, 2020 07:10:31 412 4 0 0 0
  HiCoins as reward: 0 (problem unresolved)
View the author 1#

Good day!

How does OSPF performs the filtering of received routes?

Like (0) Dislike (0) Favorite(0) Share Report
Previous: multicast question
Next: Why do we need VPN or VRF instances in Layer 3 IP / MPLS VPN configuration?
Featured Answers

Recommended answer

(0) (0)
Popeye_Wang
Admin Created Sep 15, 2020 07:10:31

Hi,

OSPF route filtering is divided into two aspects: One is pure routing entries, and the other is LSA routing based on SPF calculation. Therefore, the most thorough filtering is to filter LSAs. In the following six types of filtering, only the first type of filter-policy import is used to filter routes, and the latter is used to filter LSAs.

OSPF filtering

1. filter-policy import (configured in the OSPF process)

This command can only suppress the generation of routes. Therefore, you can filter the routes regardless of the routes to be generated. The LSA flooding, however, cannot be prevented.

[R3-ospf-1]undo filter-policy ip-prefix 1 import

2. filter-policy export (configured in the OSPF process)

This command is used to filter the ASE/NSSA on the ASBR. This command is used to suppress the generation of LSAs. Once the LSA is generated, this command is useless. In addition, this command can be configured only on the ASBR and is not used on other routes, the LSA has been generated.

[R1-ospf-1]undo filter-policy ip-prefix 1 export

3. asbr-summary not-advertise (configured in the OSPF process)

This command is used to filter the ASE/NSSA generated by itself on the ASBR. In fact, the is suppressed. The local LSDB does not contain the related LSA..

[R1-ospf-1]undo asbr-summary 11.11.11.11 255.255.255.255

4. Filter import/export (configured in the area)

This command is used to filter the three types of LSAs on an ABR, regardless of whether the three types of LSAs are generated by the ABR or received by other routers. It is invalid for Type 5 LSAs.

[R3-ospf-1-area-0.0.0.0]undo filter ip-prefix 1 export

[R3-ospf-1-area-0.0.0.200]undo filter ip-prefix 2 import

5. abr-summary not-advertise (configured in the area)

This command is used to filter the three types of LSAs on an ABR. Only the three types of LSAs generated by the ABR can be filtered. The three types of LSAs received from other devices cannot be filtered. (The reason is that this command is an aggregation command. Currently, the aggregation commands of the VRP and IOS only aggregate the routes of the local area but not the inter-area routes. Therefore, the abr-summary not-advertise command is used to filter the intra-area routes of the local area.)

6. ospf filter-lsa-out is configured on the interface. 

You can filter out any type of LSA. After the configuration is complete, you need to clear the process.

View more
  • x
  • convention:
All Answers
(1) (0)
2#
gabo.lr
gabo.lr Created Sep 13, 2020 23:46:59

Hello!


Below you will wild the procedure for OSPF route filtering


Run system-view

The system view is displayed.


Run ospf [ process-id ]

The OSPF process view is displayed.


Run filter-policy { acl-number | acl-name acl-name | ip-prefix ip-prefix-name | route-policy route-policy-name [ secondary ] } import

OSPF is configured to filter received routes.


The parameter acl-number specifies the number of a basic ACL.

The parameter acl-name acl-name specifies the name of an ACL.

The parameter ip-prefix ip-prefix-name specifies the name of an IP prefix list.

OSPF is a link-state dynamic routing protocol, with routing information carried in LSAs. Therefore, the filter-policy import command cannot be used to filter advertised or received LSAs.


The filter-policy import command is used to filter the routes calculated by OSPF. Only routes that pass the filtering criteria are added to the routing table. Routes that do not pass the filtering criteria are not added to the OSPF routing table but can be advertised.


Run commit

The configuration is committed.


Best regards!

View more
  • x
  • convention:
(0) (0)
3#
DDSN
DDSN Admin Created Sep 14, 2020 01:25:47

Hi Samu90, 

The filter-policy import command configures a filtering policy to filter routes received by OSPF.\

Usage Scenario

The filter-policy import command is used to set a filtering policy for received routes. Only the routes that pass the filtering can be added to the routing table. The routes that fail to pass the filtering cannot be added to the routing table but can be advertised.

The OSPF routing information is recorded in the LSDB. Instead of filtering the received or sent LSAs, the device filters routes calculated by OSPF using the filter-policy import command.

Precautions

For an ACL configured using the acl command, when the rule command is used to configure a filtering rule, the filtering rule takes effect only when the source address range is specified by the source parameter and the time period is specified by the time-range parameter.

Creating an ACL before it is referenced is recommended. If a nonexistent ACL is referenced using the command, all routes received by OSPF are delivered to the IP routing table.

Creating an IP prefix list or route-policy before it is referenced is recommended. By default, nonexistent IP prefix lists or route-policies cannot be referenced using the command. If the route-policy nonexistent-config-check disable command is run in the system view and a nonexistent IP prefix list or route-policy is referenced using the current command, all routes received by OSPF are delivered to the IP routing table.


View more
  • x
  • convention:
(0) (0)
4#
simchamnan
simchamnan Created Sep 14, 2020 01:38:30

Hi friend!

https://support.huawei.com/enterprise/en/doc/EDOC1000166636/c25347a/configuring-ospf-to-filter-received-routes

Thanks!
View more
  • x
  • convention:
(0) (0)
5#
Popeye_Wang
Popeye_Wang Admin Created Sep 15, 2020 07:10:31

Hi,

OSPF route filtering is divided into two aspects: One is pure routing entries, and the other is LSA routing based on SPF calculation. Therefore, the most thorough filtering is to filter LSAs. In the following six types of filtering, only the first type of filter-policy import is used to filter routes, and the latter is used to filter LSAs.

OSPF filtering

1. filter-policy import (configured in the OSPF process)

This command can only suppress the generation of routes. Therefore, you can filter the routes regardless of the routes to be generated. The LSA flooding, however, cannot be prevented.

[R3-ospf-1]undo filter-policy ip-prefix 1 import

2. filter-policy export (configured in the OSPF process)

This command is used to filter the ASE/NSSA on the ASBR. This command is used to suppress the generation of LSAs. Once the LSA is generated, this command is useless. In addition, this command can be configured only on the ASBR and is not used on other routes, the LSA has been generated.

[R1-ospf-1]undo filter-policy ip-prefix 1 export

3. asbr-summary not-advertise (configured in the OSPF process)

This command is used to filter the ASE/NSSA generated by itself on the ASBR. In fact, the is suppressed. The local LSDB does not contain the related LSA..

[R1-ospf-1]undo asbr-summary 11.11.11.11 255.255.255.255

4. Filter import/export (configured in the area)

This command is used to filter the three types of LSAs on an ABR, regardless of whether the three types of LSAs are generated by the ABR or received by other routers. It is invalid for Type 5 LSAs.

[R3-ospf-1-area-0.0.0.0]undo filter ip-prefix 1 export

[R3-ospf-1-area-0.0.0.200]undo filter ip-prefix 2 import

5. abr-summary not-advertise (configured in the area)

This command is used to filter the three types of LSAs on an ABR. Only the three types of LSAs generated by the ABR can be filtered. The three types of LSAs received from other devices cannot be filtered. (The reason is that this command is an aggregation command. Currently, the aggregation commands of the VRP and IOS only aggregate the routes of the local area but not the inter-area routes. Therefore, the abr-summary not-advertise command is used to filter the intra-area routes of the local area.)

6. ospf filter-lsa-out is configured on the interface. 

You can filter out any type of LSA. After the configuration is complete, you need to clear the process.

View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.