Routing Protocols
Tutorial: Filtering Routes in OSPF Part 2 » Filtering Between Areas Using area filter-list
Email this post
⋅ 
Print this post
⋅ Post a commentSite Search Tags: area range, filter-list, filtering, ospf, prefix-list, routing, summary-address, tutorial
In our last article on Filtering Routes in OSPF we looked at filtering routes within an OSPF area. In this article we will be filtering routes between areas using the area filter-list command. OSPF route filtering is an important concept to be familiar with for any CCIE candidate. We will be looking at the area filter-list command first. Part 3 will then look at some of the more obtuse ways of filtering using the area range and summary-address commands. Part of being a CCIE is knowing multiple ways of configuring the same task…just in case those evil proctors decide to restrict which of those methods you can and can’t do! :)
We will be using the following topology for this tutorial:
Dynagen .net Configuration File:
ghostios = True
sparsemem = True
model = 3640
[localhost]
[[3640]]
image = \Program Files\Dynamips\images\c3640-jk9o3s-mz.124-12.bin
# On Linux / Unix use forward slashes:
# image = /opt/7200-images/c7200-jk9o3s-mz.124-7a.image
ram = 128
[[ROUTER R1]]
console = 2000
e1/0 = LAN 13
e1/1 = LAN 12
autostart = False
model = 3640
[[ROUTER R2]]
console = 2001
e1/0 = LAN 23
e1/1 = LAN 12
autostart = False
model = 3640
[[ROUTER R3]]
console = 2002
e1/0 = LAN 13
e1/1 = LAN 23
e1/2 = LAN 34
autostart = False
model = 3640
[[ROUTER R4]]
console = 2003
e1/0 = LAN 45
e1/1 = LAN 46
e1/2 = LAN 34
autostart = False
model = 3640
[[ROUTER R5]]
console = 2004
e1/0 = LAN 45
e1/1 = LAN 56
autostart = False
model = 3640
[[ROUTER R6]]
console = 2005
e1/0 = LAN 46
e1/1 = LAN 56
autostart = False
model = 3640
You can download the pre-configured .net dynagen configuration file for this tutorial here.
Basic Configuration
First things first lets set up our basic topology. In this topology R1 and R2 will be internal area 2 routers with R3 the Area Border Router (ABR) between area 2 and area 0. R5 and R6 will be internal area 1 routers with R4 the ABR between area 1 and area 0.
Lets take at this configuration:
R1:
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Ethernet1/0
ip address 10.2.13.1 255.255.255.0
!
interface Ethernet1/1
ip address 10.2.12.1 255.255.255.0
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 2
network 10.2.12.1 0.0.0.0 area 2
network 10.2.13.1 0.0.0.0 area 2
R2:
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet1/0
ip address 10.2.23.2 255.255.255.0
!
interface Ethernet1/1
ip address 10.2.12.2 255.255.255.0
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 2
network 10.2.12.2 0.0.0.0 area 2
network 10.2.23.2 0.0.0.0 area 2
R3:
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Ethernet1/0
ip address 10.2.13.3 255.255.255.0
!
interface Ethernet1/1
ip address 10.2.23.3 255.255.255.0
!
interface Ethernet1/2
ip address 10.0.34.3 255.255.255.0
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.0.34.3 0.0.0.0 area 0
network 10.2.13.3 0.0.0.0 area 2
network 10.2.23.3 0.0.0.0 area 2
R4:
hostname R4
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface Ethernet1/0
ip address 10.1.45.4 255.255.255.0
!
interface Ethernet1/1
ip address 10.1.46.4 255.255.255.0
!
interface Ethernet1/2
ip address 10.0.34.4 255.255.255.0
!
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
network 4.4.4.4 0.0.0.0 area 0
network 10.0.34.4 0.0.0.0 area 0
network 10.1.45.4 0.0.0.0 area 1
network 10.1.46.4 0.0.0.0 area 1
R5:
hostname R5
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface Ethernet1/0
ip address 10.1.45.5 255.255.255.0
!
interface Ethernet1/1
ip address 10.1.56.5 255.255.255.0
!
router ospf 1
router-id 5.5.5.5
log-adjacency-changes
network 5.5.5.5 0.0.0.0 area 1
network 10.1.45.5 0.0.0.0 area 1
network 10.1.56.5 0.0.0.0 area 1
R6:
hostname R6
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface Ethernet1/0
ip address 10.1.46.6 255.255.255.0
!
interface Ethernet1/1
ip address 10.1.56.6 255.255.255.0
!
router ospf 1
router-id 6.6.6.6
log-adjacency-changes
network 6.6.6.6 0.0.0.0 area 1
network 10.1.46.6 0.0.0.0 area 1
network 10.1.56.6 0.0.0.0 area 1
We have added a loopback interface on each device and advertised them into OSPF. R1 and R2’s Loopback0 interfaces have been added to area 2. R3 and R4’s Loopback0 interfaces have been added to Area 0. R5 and R6’s Loopback0 interfaces have been added to Area 1.
Let’s verify the routing table on R5 and test connectivity before we start filtering routes.
R5#sh ip route | b Gateway
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/31] via 10.1.45.4, 00:05:51, Ethernet1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/31] via 10.1.45.4, 00:05:51, Ethernet1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/21] via 10.1.45.4, 00:05:51, Ethernet1/0
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/11] via 10.1.45.4, 00:05:51, Ethernet1/0
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 10.1.56.6, 00:05:51, Ethernet1/1
10.0.0.0/24 is subnetted, 7 subnets
O IA 10.2.12.0 [110/40] via 10.1.45.4, 00:05:51, Ethernet1/0
O IA 10.2.13.0 [110/30] via 10.1.45.4, 00:05:51, Ethernet1/0
O IA 10.2.23.0 [110/30] via 10.1.45.4, 00:05:51, Ethernet1/0
O 10.1.46.0 [110/20] via 10.1.56.6, 00:05:51, Ethernet1/1
[110/20] via 10.1.45.4, 00:05:51, Ethernet1/0
C 10.1.45.0 is directly connected, Ethernet1/0
O IA 10.0.34.0 [110/20] via 10.1.45.4, 00:05:51, Ethernet1/0
C 10.1.56.0 is directly connected, Ethernet1/1
The routing table looks correct. We have inter-area routes to R1, R2, R3 and R4’s loopback0 addresses as well as to the 10.2.12.0/24, 10.2.13.0/24, 10.2.23.0/24 and 10.0.34.0/24 networks. Exactly what we would expect.
Let’s verify connectivity:
R5#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 216/245/284 ms
Looks like we have full connectivity. Awesome!
OSPF – Distance Vector or Link State?
Remember back to when you were studying for your CCNA. If you took a course, the instructor probably blabbed on about the difference between Link State and Distance Vector routing protocols (I know I spend a large amount of time on this when I am teaching it!). In a nutshell, with Distance Vector routing protocols the routers cannot “see” past their neighbors. They rely on their neighbors to tell them everything. In turn they tell their neighbors everything they have learned so far.
With Link State routing protocols, the routers tell everyone (via a multicast exchange) information about itself, its links, and its neighbors (This is a massive simplification, but it will do for now). Link State Routers take this information and create a link state database. This database is identical for all routers. Based on this information each router use the Dijikstra’s shortest path algorithm to independantly calculate the shortest path.
Now if we had a large number of routers, this would make the size of that database massive. In “the old days” this was a problem because memory and cpu power was limited. So we break up that database into areas. This allows OSPF to scale to larger networks. The routers in an area maintain a linkstate database for their area. This database should be identical for all other routers in the same area. So there is a database for each area.
Each area is connected to another area via an ABR (Area Border Router). The ABR will have databases for two or more areas. This is where things get funky. The routers within an area inherently know how to get to other routers within the same area. The topology database will tell them. But how do they get to routers in another area. They cannot “see” past their own area. They rely on the ABR to tell them about routes to other areas. Hang on a sec doesn’t that sound a bit like Distance Vector?
In Distance Vector routing protocols, routers cannot “see” past their neighbors. They rely on there neighbors to tell them everything. This is the same as routers in different areas in OSPF. Internal area routers cannot “see” past their areas! They rely on the ABR to tell them everything about other areas. OSPF is a link state protocol within an area. OSPF can be considered a distance vector protocol between areas.
Think about this. Because we are relying on the ABR to tell our internal routers everything outside the area, we must ensure a loop free topology between areas. Hence the reason why all areas must attach to Area 0. By forcing all areas to touch Area 0 in a kind of floral petal arrangement, where area 0 is the center of the flower and the other areas are the petals, we can ensure that no loops will be formed between areas!
An ABR will summarize routes from other areas and create an LSA (Link State Advertisements) type 3 before sending it into the area.
You can see in the diagram above R3 will create a type 3 summary LSA’s for the networks in Area 1 and Area 0 and send it into area 2. R3 will also create a type 3 summary LSA for the the networks in area 2 and send it out of area 2. The direction there is important because it will come into play later when we filter these routes.
We can verify this on R1 by taking a look at the database:
R1#sh ip ospf database
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 444 0x80000004 0x0094F2 3
2.2.2.2 2.2.2.2 435 0x80000004 0x00CF95 3
3.3.3.3 3.3.3.3 401 0x80000003 0x00323F 2
Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.2.12.2 2.2.2.2 435 0x80000002 0x00A466
10.2.13.3 3.3.3.3 401 0x80000002 0x00936D
10.2.23.3 3.3.3.3 401 0x80000002 0x00579B
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
3.3.3.3 3.3.3.3 401 0x80000002 0x00AC76
4.4.4.4 3.3.3.3 401 0x80000002 0x00E232
5.5.5.5 3.3.3.3 401 0x80000002 0x0019ED
6.6.6.6 3.3.3.3 401 0x80000002 0x00EA18
10.0.34.0 3.3.3.3 402 0x80000002 0x009762
10.1.45.0 3.3.3.3 402 0x80000002 0x00766D
10.1.46.0 3.3.3.3 402 0x80000002 0x006B77
10.1.56.0 3.3.3.3 402 0x80000002 0x00616D
You can above that we have Router Link States (LSA Type 1) and Net Link States (LSA Type 2) in our database on R1. This describes the routers and networks in our area 2. R3 will take these routes and generate a LSA Type 3 and send it out into area 0. We can also see the Summary Net Link States (LSA Type 3). These have been generated by R3 and sent into area 2.
Enough theory, lets get into filtering some routes!
Recap: Filtering Routes Within An Area
In our previous tutorial, we looked at filtering routes within an OSPF area. We noted that when you use filtering tools within an area, you are only filtering from the routes entering the route table. You are not filtering the OSPF database. The database must be consistent within an area for OSPF to work correctly. This results in a discrepancy between the route table and OSPF database when filtering within an area.
An ABR will summarise routes as an LSA type 3 before sending it into the area. It is on the ABR that we will perform filtering between areas. How does filtering between areas affect the route tables and OSPF database? Let’s find out!
Filtering Routes Between Areas – Using and area filter-list
The first technique we are going to use to filter routes between areas is using the area filter-list command. Before we start lets take a look at the OSPF database on R5.
R5:
R5#sh ip ospf database
OSPF Router with ID (5.5.5.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 799 0x80000004 0x00D71F 2
5.5.5.5 5.5.5.5 792 0x80000004 0x00D7DC 3
6.6.6.6 6.6.6.6 810 0x80000004 0x007A29 3
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.1.45.5 5.5.5.5 792 0x80000002 0x00C8FA
10.1.46.6 6.6.6.6 810 0x80000002 0x00B702
10.1.56.6 6.6.6.6 810 0x80000002 0x007B30
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
1.1.1.1 4.4.4.4 799 0x80000002 0x00B35F
2.2.2.2 4.4.4.4 799 0x80000002 0x008589
3.3.3.3 4.4.4.4 799 0x80000002 0x00F222
4.4.4.4 4.4.4.4 799 0x80000002 0x0060BA
10.0.34.0 4.4.4.4 800 0x80000002 0x00797C
10.2.12.0 4.4.4.4 800 0x80000002 0x001DD8
10.2.13.0 4.4.4.4 800 0x80000002 0x00AD51
10.2.23.0 4.4.4.4 800 0x80000002 0x003FB5
You can see above that R5 has Router Link States (LSA Type 1) and Net Link States (LSA Type 2) that describe the networks and routers in area 1. We can also see the Summary Net Link States (LSA Type 3) that have been generated by R4 and sent into area 1.
R5#sh ip route | b Gateway
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O IA 1.1.1.1 [110/31] via 10.1.45.4, 00:50:57, Ethernet1/0
2.0.0.0/32 is subnetted, 1 subnets
O IA 2.2.2.2 [110/31] via 10.1.45.4, 00:50:57, Ethernet1/0
3.0.0.0/32 is subnetted, 1 subnets
O IA 3.3.3.3 [110/21] via 10.1.45.4, 00:50:57, Ethernet1/0
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/11] via 10.1.45.4, 00:50:57, Ethernet1/0
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 10.1.56.6, 00:50:57, Ethernet1/1
10.0.0.0/24 is subnetted, 7 subnets
O IA 10.2.12.0 [110/40] via 10.1.45.4, 00:50:57, Ethernet1/0
O IA 10.2.13.0 [110/30] via 10.1.45.4, 00:50:57, Ethernet1/0
O IA 10.2.23.0 [110/30] via 10.1.45.4, 00:50:57, Ethernet1/0
O 10.1.46.0 [110/20] via 10.1.56.6, 00:50:57, Ethernet1/1
[110/20] via 10.1.45.4, 00:50:57, Ethernet1/0
C 10.1.45.0 is directly connected, Ethernet1/0
O IA 10.0.34.0 [110/20] via 10.1.45.4, 00:50:57, Ethernet1/0
C 10.1.56.0 is directly connected, Ethernet1/1
Looking at the route table we can see that we have inter-area routes to the Loopbacks for R1, R2, R3, and R4. We also have inter-area routes to the networks in Area 2, and the backbone area. It is these inter-area routes that we will look to filter from going into area 1.
Lets have a look at the database on R4 where we be performing the filtering.
R4:
R4#sh ip ospf database
OSPF Router with ID (4.4.4.4) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
3.3.3.3 3.3.3.3 745 0x80000003 0x00236F 2
4.4.4.4 4.4.4.4 780 0x80000003 0x00374E 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.0.34.4 4.4.4.4 780 0x80000002 0x0022BA
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
1.1.1.1 3.3.3.3 745 0x80000002 0x006DB3
2.2.2.2 3.3.3.3 745 0x80000002 0x003FDD
5.5.5.5 4.4.4.4 780 0x80000002 0x009676
6.6.6.6 4.4.4.4 780 0x80000002 0x0068A0
10.1.45.0 4.4.4.4 780 0x80000002 0x00F3F5
10.1.46.0 4.4.4.4 780 0x80000002 0x00E8FF
10.1.56.0 4.4.4.4 780 0x80000002 0x00DEF5
10.2.12.0 3.3.3.3 745 0x80000002 0x00D62D
10.2.13.0 3.3.3.3 745 0x80000002 0x0067A5
10.2.23.0 3.3.3.3 745 0x80000002 0x00F80A
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 780 0x80000004 0x00D71F 2
5.5.5.5 5.5.5.5 775 0x80000004 0x00D7DC 3
6.6.6.6 6.6.6.6 792 0x80000004 0x007A29 3
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.1.45.5 5.5.5.5 775 0x80000002 0x00C8FA
10.1.46.6 6.6.6.6 792 0x80000002 0x00B702
10.1.56.6 6.6.6.6 792 0x80000002 0x007B30
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
1.1.1.1 4.4.4.4 780 0x80000002 0x00B35F
2.2.2.2 4.4.4.4 780 0x80000002 0x008589
3.3.3.3 4.4.4.4 781 0x80000002 0x00F222
4.4.4.4 4.4.4.4 781 0x80000002 0x0060BA
10.0.34.0 4.4.4.4 781 0x80000002 0x00797C
10.2.12.0 4.4.4.4 781 0x80000002 0x001DD8
10.2.13.0 4.4.4.4 781 0x80000002 0x00AD51
10.2.23.0 4.4.4.4 781 0x80000002 0x003FB5
You can see above that R4 has a consistent database with all the routers in Area 0 and Area 1. It has a complete view of both areas. R4 has sent the LSA Type 3 routes from area 2 into area 1.
Let’s set up R4 so that it only passes the 10.2.12.0/24 and 10.2.23.0/24 routes into area 1 using the area filter-list command:
R4:
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
area 1 filter-list prefix AREA_1_IN in
network 4.4.4.4 0.0.0.0 area 0
network 10.0.34.4 0.0.0.0 area 0
network 10.1.45.4 0.0.0.0 area 1
network 10.1.46.4 0.0.0.0 area 1
!
ip prefix-list AREA_1_IN seq 5 permit 10.2.12.0/24
ip prefix-list AREA_1_IN seq 10 permit 10.2.23.0/24
You can see above that we have created a prefix-list that matches the routes that we want to permit (ie allowed) to go into area 1. We have then applied this prefix-list to the area filter-list. Notice the direction. We are only allowing those routes matched by the prefix into area 1. Its from the perspective of the area not the router.
A lot of candidates make the mistake of saying “area 1 filter-list prefix AREA_1_IN out” thinking its filtering the routes from going out of the router. This is wrong. You have to think of it from the perspective of the areas. We are filtering routes from going into area 1.
Let’s verify the routing tables and OSPF database on R5:
R5:
R5#sh ip ospf database
OSPF Router with ID (5.5.5.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 1530 0x80000004 0x00D71F 2
5.5.5.5 5.5.5.5 1523 0x80000004 0x00D7DC 3
6.6.6.6 6.6.6.6 1541 0x80000004 0x007A29 3
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.1.45.5 5.5.5.5 1523 0x80000002 0x00C8FA
10.1.46.6 6.6.6.6 1541 0x80000002 0x00B702
10.1.56.6 6.6.6.6 1541 0x80000002 0x007B30
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.2.12.0 4.4.4.4 1530 0x80000002 0x001DD8
10.2.23.0 4.4.4.4 85 0x80000001 0x0041B4
Looks like the only LSA Type 3 (Summary Net Link States) routes that we received are the only ones we permitted on R4. Exactly what we expected! Now let’s check the route table:
R5#sh ip route | b Gateway
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 10.1.56.6, 00:56:45, Ethernet1/1
10.0.0.0/24 is subnetted, 5 subnets
O IA 10.2.12.0 [110/40] via 10.1.45.4, 00:56:45, Ethernet1/0
O IA 10.2.23.0 [110/30] via 10.1.45.4, 00:00:05, Ethernet1/0
O 10.1.46.0 [110/20] via 10.1.56.6, 00:56:45, Ethernet1/1
[110/20] via 10.1.45.4, 00:56:45, Ethernet1/0
C 10.1.45.0 is directly connected, Ethernet1/0
C 10.1.56.0 is directly connected, Ethernet1/1
Awesome! The only inter-area routes that we can see on R5 are those that we permitted on the ABR (R4).
Let’s have a look at example of filtering routes coming out of an area:
R3:
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
area 2 filter-list prefix AREA_2_OUT out
network 3.3.3.3 0.0.0.0 area 0
network 10.0.34.3 0.0.0.0 area 0
network 10.2.13.3 0.0.0.0 area 2
network 10.2.23.3 0.0.0.0 area 2
!
ip prefix-list AREA_2_OUT seq 5 permit 10.2.23.0/24
Recall that R3 will generate a Type 3 Summary LSA for all the routes in area 2 and then send it out of area 2. In the example above we area stopping R3 creating a Type 3 LSA and sending it into area 0. We are using a prefix list to specify that the only Type 3 LSA that R3 will generate is for the 10.2.23.0/24 route.
Let’s check the database on R4 now, I’ll just clear the OSPF process on R3 to speed to convergence along:
R3#clear ip ospf pro
Reset ALL OSPF processes? [no]: yes
R4:
R4#sh ip ospf data
OSPF Router with ID (4.4.4.4) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
3.3.3.3 3.3.3.3 31 0x80000005 0x00157C 2
4.4.4.4 4.4.4.4 117 0x80000004 0x002B5A 2
Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
10.0.34.3 3.3.3.3 127 0x80000001 0x005C86
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
5.5.5.5 4.4.4.4 112 0x80000002 0x009676
6.6.6.6 4.4.4.4 122 0x80000001 0x006A9F
10.1.45.0 4.4.4.4 112 0x80000001 0x00F5F4
10.1.46.0 4.4.4.4 122 0x80000001 0x00EAFE
10.1.56.0 4.4.4.4 122 0x80000001 0x00E0F4
10.2.23.0 3.3.3.3 31 0x80000003 0x00F60B
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
4.4.4.4 4.4.4.4 117 0x80000006 0x00D321 2
5.5.5.5 5.5.5.5 126 0x80000006 0x00D3DE 3
6.6.6.6 6.6.6.6 62 0x80000005 0x00782A 3
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.1.45.5 5.5.5.5 123 0x80000003 0x00C6FB
10.1.46.6 6.6.6.6 62 0x80000003 0x00B503
10.1.56.6 6.6.6.6 62 0x80000003 0x007931
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.2.23.0 4.4.4.4 117 0x80000002 0x003FB5
You can see that the only Type 3 LSA from area 2 that R4 can see is the 10.2.23.0/24 network. Exactly what we expected. Awesome!
R5:
R5#sh ip route | b Gateway
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
6.0.0.0/32 is subnetted, 1 subnets
O 6.6.6.6 [110/11] via 10.1.56.6, 00:02:18, Ethernet1/1
10.0.0.0/24 is subnetted, 4 subnets
O IA 10.2.23.0 [110/30] via 10.1.45.4, 00:02:18, Ethernet1/0
O 10.1.46.0 [110/20] via 10.1.56.6, 00:02:18, Ethernet1/1
[110/20] via 10.1.45.4, 00:02:18, Ethernet1/0
C 10.1.45.0 is directly connected, Ethernet1/0
C 10.1.56.0 is directly connected, Ethernet1/1
This in turn is the only inter-area route that we can see on R5 (remember that we are also filtering on R4).
R5#sh ip ospf database
OSPF Router with ID (5.5.5.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
5.5.5.5 5.5.5.5 6 0x80000006 0x00D3DE 3
6.6.6.6 6.6.6.6 1952 0x80000004 0x007A29 3
Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.1.45.4 4.4.4.4 3609 0x80000001 0x0003C6
10.1.45.5 5.5.5.5 3 0x80000003 0x00C6FB
10.1.46.6 6.6.6.6 1952 0x80000002 0x00B702
10.1.56.6 6.6.6.6 1952 0x80000002 0x007B30
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
10.2.23.0 4.4.4.4 4 0x80000001 0x0041B4
So you can see that we can filter routes using the area filter-list command. The area filter-list command filter’s LSA Type 3’s from going in or out of an area. The routes in an area still maintain a consistent route table and OSPF database. Filtering between areas stops routes from entering the OSPF database and in turn stops them from going into the route tables.
In our next article in this series we will look at filtering between areas using a few of the more obtuse ways such as the area range command and summary-address commands.
Hope this helps. If anybody has any questions or suggestion, leave a comment below and I’ll be happy to help. Now get back to labs! :)
Summary:
- OSPF can be considered Link-State within an area, and Distance Vector between areas
- The area filter-list command filter’s routes going in or out from an area.
Resources:
- Dynamips/Dynagen .net configuration file
- Jeff Doyle’s Favourite Interview Question – “Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?”
Discussion
14 comments for “Tutorial: Filtering Routes in OSPF Part 2 » Filtering Between Areas Using area filter-list”
Post a comment
Categories
Twitter Feed...
- How many SEO experts does it take to change a light bulb, lightbulb, light, bulb, lamp, lighting, switch, sex, xxx, hardcore
- Java Forver. Lol. http://bit.ly/d5DNmg
- Working on keeping my beginners mind when learning.. http://bit.ly/k5xvp
- The same wind blows on all of us, the set of your sail determines your destination
Follow me...
Recent Comments
- Matt on Tutorial: IPv6 Tunnels Part 2 – Automatic 6to4 Tunnels
- Marcel Lammerse on QOS: Applying CBWFQ to a sub-interface
- Aaron on Tutorial: What is the difference between bandwidth percent and bandwidth remaining percent?
- Ebiet on Tutorial: OSPF Network Types and Frame Relay Part 5
- Meeran on Tutorial: BGP Route Aggregation Part 1 – Using an Advertise-Map to control aggregation
Most Emailed
- Tutorial: How to use Cisco MQC & NBAR to filter websites like Youtube - 20 emails
- Tutorial: OSPF Network Types and Frame Relay Part 1 - 20 emails
- Tutorial: What is the difference between bandwidth percent and bandwidth remaining percent? - 18 emails
- Tutorial: How to set up a basic Dynamips Lab using Dynagen, Part 1 - 10 emails
- Tutorial: OSPF Network Types and Frame Relay Part 2 - 5 emails
Arden,
I just wanted to let you know how wonderful your timing is (for me, at least) on these past few tutorials on OSPF. I’m currently working on OSPF section with my BSCI studies and they all look to be great resources to supplement my studies.
A thousand thanks!!!
Nice and thanks! Looking forward to the next article on filtering between areas.
[...] ArdenPackeer.com – Arden continues his excellent series of tutorials with OSPF Filter-Lists. [...]
arden
gud tutorial.
regards
shivlu
Fantastic! Very easy to understand tutorial.
I was wondering though if it is possible to use this or a similar method to filter Type5 LSAs?
We have dozens and dozens of links to external sites that unfortunately are either redistributed from Statics or BGP. We would like our ABR’s to filter these out. Route summarisation won’t seem to work on Type 5’s.
Is this possible?
Many Thanks,
Nick
Just wanted to say that this is one of the best articles on this subject that I have seen! Now I have a much better understanding of this, thanks!
[...] Chilling Network Topology Discovery Patent Application Saved by Leviticus321 on Tue 02-12-2008 Tutorial: Filtering Routes in OSPF Part 2 » Filtering Between … Saved by sweetlove on Sun 16-11-2008 Math in Design Saved by suziedaniels on Fri 14-11-2008 [...]
Thanks Arden,
Good tutorial.
Regards.
Jules
I just want to say thanks for your wonderfull article… thanks!!
Nice and thanks
Very informative , clears up a lot of understanding about filtering routes
Thanks very much
The above article explains very well how to suppress type 3 LSAs.
How do you suppress type 5 LSAs (from ASBR) for certain networks only going in/out of other areas ?
Thanks
Restrictions
Only type 3 LSAs that originate from an ABR are filtered.
http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_ospf_abr_type_3_ps6350_TSD_Products_Configuration_Guide_Chapter.html
Very informative , clears up a lot of understanding about filtering routes
Thanks very much