OSPF Filtering with Route-Maps task V5 workbook

I took a different approach than the solution in this task. I was wondering if this solution also fits the requirements for the task:

 

access-list 2 permit 150.1.4.4

route-map OSPF deny 10

 match ip route-source 2

!

route-map OSPF permit 100

 

router ospf 1

 distribute-list route-map OSPF in

 

looking at the route in the table, it did filter out the route learned from R4 and instead points to R1:

BEFORE:

R5#  sh ip route 155.1.146.0

Routing entry for 155.1.146.0/24

  Known via "ospf 1", distance 110, metric 1010, type inter area

  Last update from 155.1.0.1 on Tunnel0, 00:00:18 ago

  Routing Descriptor Blocks:

  * 155.1.0.4, from 150.1.4.4, 00:00:18 ago, via Tunnel0

      Route metric is 1010, traffic share count is 1

    155.1.0.1, from 150.1.1.1, 00:00:18 ago, via Tunnel0

      Route metric is 1010, traffic share count is 1

AFTER:

R5#sh ip route 155.1.146.0

Routing entry for 155.1.146.0/24

  Known via "ospf 1", distance 110, metric 1010, type inter area

  Last update from 155.1.0.1 on Tunnel0, 00:03:04 ago

  Routing Descriptor Blocks:

  * 155.1.0.1, from 150.1.1.1, 00:03:04 ago, via Tunnel0

      Route metric is 1010, traffic share count is 1

 

Can anyone say if this works?

Comments

  • Hi, 

    Your solution is not correct, because you are filtering eveything that R5 receives from R4 in this case. You should match the prefix under seq 10 of the route-map, so that only prefix 155.1.146.0/24 is not accepted from R4.

    The config should be something similar to this : 

     

    access-list 1 permit 150.1.4.4

    ip prefix-list PFL_VL_146 seq 5 permit 155.1.146.0/24

     

    route-map RMAP_DENY_FROM_R4 deny 10

     match ip address prefix-list PFL_VL_146

     match ip route-source 1

     

    route-map RMAP_DENY_FROM_R4 permit 100

     

    router ospf 1

     distribute-list route-map RMAP_DENY_FROM_R4 in



    Expected outcome : 



    R5#sh ip rou 155.1.146.0                       

    Routing entry for 155.1.146.0/24

      Known via "ospf 1", distance 110, metric 1010, type inter area

      Last update from 155.1.0.1 on Tunnel0, 00:07:12 ago

      Routing Descriptor Blocks:

      * 155.1.0.1, from 150.1.1.1, 00:07:12 ago, via Tunnel0

          Route metric is 1010, traffic share count is 1




    R5#sh ip rou 150.1.6.6     

    Routing entry for 150.1.6.6/32

      Known via "ospf 1", distance 110, metric 1011, type inter area

      Last update from 155.1.0.1 on Tunnel0, 00:08:30 ago

      Routing Descriptor Blocks:

      * 155.1.0.4, from 150.1.4.4, 00:08:30 ago, via Tunnel0

          Route metric is 1011, traffic share count is 1

        155.1.0.1, from 150.1.1.1, 00:08:30 ago, via Tunnel0

          Route metric is 1011, traffic share count is 1



    R6's loopback is accepted with this configuration from both R4 and R1. Let's change the config to your proposed config and see if anything changes :



    R5(config)#route-map RMAP_DENY_FROM_R4 deny 10

    R5(config-route-map)#no  match ip address prefix-list PFL_VL_146

    R5(config-route-map)#end

    R5#





    R5#sh ip rou 155.1.146.0                       

    Routing entry for 155.1.146.0/24

      Known via "ospf 1", distance 110, metric 1010, type inter area

      Last update from 155.1.0.1 on Tunnel0, 00:00:22 ago

      Routing Descriptor Blocks:

      * 155.1.0.1, from 150.1.1.1, 00:00:22 ago, via Tunnel0

          Route metric is 1010, traffic share count is 1

    R5#

    R5#

    R5#sh ip rou 150.1.6.6                         

    Routing entry for 150.1.6.6/32

      Known via "ospf 1", distance 110, metric 1011, type inter area

      Last update from 155.1.0.1 on Tunnel0, 00:00:27 ago

      Routing Descriptor Blocks:

      * 155.1.0.1, from 150.1.1.1, 00:00:27 ago, via Tunnel0

          Route metric is 1011, traffic share count is 1



    In this case, all prefixes are NOT accepted from R4 while the task says the following : 

    "
    • Configure route-map filtering on R5 so that traffic destined to VLAN 146 is sent toward R1.
    "

    introducing an implicit requirment in the task : only traffic to VLAN146 should be sent to R1.



    Hope it makes more sense now.

Sign In or Register to comment.