Commonly we can filter the routes in the OSPF using route-policy. Actually, there is a more convenient way to do that job.
As shown in this topology, suppose we want to block the network 2004::/64 being spread into the OSPFv3 when importing ISIS routes into OSPFv3, we can use the route-policy .
R5: # acl ipv6 number 2001 rule 5 deny source 2004::/64 rule 10 permit # route-policy BLOCK_ROUTES deny node 10 if-match ipv6 address prefix-list v6 # route-policy BLOCK_ROUTES permit node 15 # ospfv3 1 router-id 5.5.5.5 import-route isis 1 route-policy BLOCK_ROUTES #
After configuring these configuration, network 2004::/64 will be blocked when imported into the OSPFv3.
The configuration seems too complicated, actucally, there is a convenient way to do this.
R5: # acl ipv6 number 2001 rule 5 deny source 2004::/64 rule 10 permit # ospfv3 1 router-id 5.5.5.5 filter-policy 2001 export #
Less code with same effect.
What if we want to block the connection between 2001::2/64 and 2006::2/64, the filter-policy export wouldn't be valid. In this situation, filter-policy import is introduced.
R3: # acl ipv6 number 2001 rule 5 deny source 2006::/64 rule 10 permit # ospfv3 1 router-id 3.3.3.3 filter-policy 2001 import #
Only the parameter export needs to be modified to import.
OK, let's have a look at filter-policy export and filter-policy import.
Filter-policy export filters the imported routes, while the filter-policy import filters routes received by OSPF. In other words, filter-policy export is used to filter routes generated from other routing protocol or another OSPFv3 process, filter-policy import filters the routes generated in the same OSPFv3 process.
Actually, there is another filtering method, which is filter import/export.
Unlike the fitler-policy import/export, filter import/export doesn't filter the routes but the type 3 LSA. On one level, filtering could filter the routes more completely than the filter-policy does.
