Mailing List Archive

Filtering OSPF routes
Hi all,

We have cisco 7200 router and M-5 router both running ospf and part of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to m5 either at 7200 side or m5 side. Pls if anyone have any solution to this would be gr8 help for me.

Ajay Bhardwaj


Spectra Net Ltd - WORLDCLASS BROADBAND INFRASTRUCTURE, SERVICES AND SOLUTIONS for your entire INTERNET, IDC, CABLE TV, O&M and B.P.O requirements.

Spectra Net Ltd may monitor and read all e-mails as it is presumed that they are sent or received in connection with the business of Spectra Net Ltd or for business use only. Spectra Net Ltd monitors e-mails for security reasons to ensure that no unauthorized disclosure of Spectra Net Ltd's confidential information is passed via the e-mail system.
This e-mail and any attachments are confidential. It is intended for the recipient only. If you are not the intended recipient, any use, disclosure, distribution, printing or copying of this e-mail is unauthorized. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and delete the e-mail from your computer.
The contents of any attachment to this e-mail may contain software viruses, which could damage your own computer system. While Spectra Net Ltd has taken every reasonable precaution to minimize this risk, we cannot accept liability for any damage which you sustain as a result of software viruses. You should carry out your own virus checks before opening the attachment.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030210/74ac153f/attachment.htm
Filtering OSPF routes [ In reply to ]
You cannot filter OSPF. This would break the requirement that all
routers have
the same link state view.
This is true for both Junos and IOS.

BB

-----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and
part of area 10.

I want to deny few routes which are flowing trough ospf from
7200 to m5 either at 7200 side or m5 side. Pls if anyone have any
solution to this would be gr8 help for me.

Ajay Bhardwaj


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030210/b3937b85/attachment.htm
Filtering OSPF routes [ In reply to ]
Well, to be clear, you can filter which routes your Juniper router
will import from OSPF. But you cannot prevent the router from
passing along routes in OSPF to other routers.

-c

On Mon, Feb 10, 2003 at 10:18:48AM +0100, Ben Buxton wrote:
>
> You cannot filter OSPF. This would break the requirement that all
> routers have
> the same link state view.
> This is true for both Junos and IOS.
>
> BB
>
> -----Original Message-----
> From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
> Sent: Monday, 10 February 2003 08:39
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] Filtering OSPF routes
>
>
> Hi all,
>
> We have cisco 7200 router and M-5 router both running ospf and
> part of area 10.
>
> I want to deny few routes which are flowing trough ospf from
> 7200 to m5 either at 7200 side or m5 side. Pls if anyone have any
> solution to this would be gr8 help for me.
>
> Ajay Bhardwaj
>
>

> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
Filtering OSPF routes [ In reply to ]
On Mon, Feb 10, 2003 at 09:27:13AM -0800, Clayton Fiske wrote:
> Well, to be clear, you can filter which routes your Juniper router
> will import from OSPF.

No, you can't. You can filter what you export towards OSPF, but
you can't define an import policy chain.

Actually, JunOS' RIB architecture wouldn't even allow something like
that, at least from the model. Because all routes which are received
and pass the import chain are put into the RIB(s), and from there are
exported towards protocols again. Something that didn't pass the
import from OSPF wouldn't be available for re-export.


Regards,
Daniel
Filtering OSPF routes [ In reply to ]
Actually, you can only filter what your router exports:

[edit protocols ospf]
mdamkot@bigdog# set ?
Possible completions:
+ apply-groups Groups from which to inherit configuration data
> area Configure an OSPF area
disable Disable OSPF
+ export Export policy
external-preference Preference of external routes
> graceful-restart Configure graceful restart attributes
> overload Set the overload mode (repel transit traffic)
preference Preference of internal routes
prefix-export-limit Maximum number of prefixes that can be exported
(1..4294967295)
reference-bandwidth Bandwidth for calculating metric defaults
(9600..1000000000000)
rib-group Routing table group for importing OSPF routes
spf-delay Time to wait before running an SPF (50..1000
milliseconds)
> traceoptions Trace options for OSPF
> traffic-engineering Configure traffic engineering attributes
[edit protocols ospf]
mdamkot@bigdog# set export ?
Possible completions:
<value> Export policy
( Open an expression
[ Open a set of values
[edit protocols ospf]
mdamkot@bigdog# set export

,,,,,
/'^ ^'\
((o)-(o))
--oOOO--(_)--OOOo--------
Michael Damkot CCNP
mdamkot@va.rr.com
.oooO
( ) Oooo.
---\ (-------( )-------
\_) ) /
(_/


-----Original Message-----
From: juniper-nsp-bounces@puck.nether.net
[mailto:juniper-nsp-bounces@puck.nether.net] On Behalf Of Clayton Fiske
Sent: Monday, February 10, 2003 12:27 PM
To: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes


Well, to be clear, you can filter which routes your Juniper router will
import from OSPF. But you cannot prevent the router from passing along
routes in OSPF to other routers.

-c

On Mon, Feb 10, 2003 at 10:18:48AM +0100, Ben Buxton wrote:
>
> You cannot filter OSPF. This would break the requirement that all
> routers have the same link state view.
> This is true for both Junos and IOS.
>
> BB
>
> -----Original Message-----
> From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
> Sent: Monday, 10 February 2003 08:39
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] Filtering OSPF routes
>
>
> Hi all,
>
> We have cisco 7200 router and M-5 router both running ospf and
part
> of area 10.
>
> I want to deny few routes which are flowing trough ospf from
7200 to
> m5 either at 7200 side or m5 side. Pls if anyone have any solution to
> this would be gr8 help for me.
>
> Ajay Bhardwaj
>
>

> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
Filtering OSPF routes [ In reply to ]
MessageActually, if you are running a sufficiently high enough version of IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your exact scenario if this will accomplish what you are trying to do. It does tend to go contrary to the design of OSPF (or any link state protocol), but I suppose enough people wanted the knob, so they got it.

Not sure if JUNOS has a similar knob.

- Wayne

----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes



You cannot filter OSPF. This would break the requirement that all routers have
the same link state view.
This is true for both Junos and IOS.

BB
-----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and part of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to m5 either at 7200 side or m5 side. Pls if anyone have any solution to this would be gr8 help for me.

Ajay Bhardwaj



------------------------------------------------------------------------------


_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030215/268e1116/attachment.htm
Filtering OSPF routes [ In reply to ]
MessageActually, if you are running a sufficiently high enough version of IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your exact scenario if this will accomplish what you are trying to do. It does tend to go contrary to the design of OSPF (or any link state protocol), but I suppose enough people wanted the knob, so they got it.

Not sure if JUNOS has a similar knob.

- Wayne
----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes



You cannot filter OSPF. This would break the requirement that all routers have
the same link state view.
This is true for both Junos and IOS.

BB
-----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and part of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to m5 either at 7200 side or m5 side. Pls if anyone have any solution to this would be gr8 help for me.

Ajay Bhardwaj



------------------------------------------------------------------------------


_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030215/32f85681/attachment.htm
Filtering OSPF routes [ In reply to ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wayne,

I have seen this in action, and it is ugly.

I recently had to work on a Cisco network where all routers were in
one of two areas, and they were using the distribute-lists to only
use the 0/0 LSA. This created many routing loops, and I asked the
"designer" what they were thinking, and basically got the cold
shoulder. I couldn't understand why someone would want to use OSPF
and then deliberately break it in that manner.

Has anyone on this list ever seen a good reason to filter LSAs?

- -andrew

- -----Original Message-----
From: Wayne (juniper nsp) [mailto:wg-jnpr-nsp@wgustavus.com]
Sent: Saturday, February 15, 2003 11:43 PM
To: Ben Buxton; Ajay Bhardwaj; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes



Actually, if you are running a sufficiently high enough version of
IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your
exact scenario if this will accomplish what you are trying to do. It
does tend to go contrary to the design of OSPF (or any link state
protocol), but I suppose enough people wanted the knob, so they got
it.

Not sure if JUNOS has a similar knob.

- - Wayne

- ----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes


You cannot filter OSPF. This would break the requirement that all
routers have
the same link state view.
This is true for both Junos and IOS.

BB

- -----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and part
of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to
m5 either at 7200 side or m5 side. Pls if anyone have any solution to
this would be gr8 help for me.

Ajay Bhardwaj



_____




_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPlJPyq9gT5vxrBTJEQJqJACfRGLECJTzh9EeWLl7mG693JoJwW0An25A
oMqrBQo8mopBgWm+4DFQiqxr
=W5D4
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030218/91e2300d/attachment.htm
Filtering OSPF routes [ In reply to ]
RE: [j-nsp] Filtering OSPF routesOk,

On the off chance that it wasn't clear in my original post when I said "contrary to the design of OSPF (or any link state

protocol)", I am NOT advocating anyone doing this. I am simply pointing out that Cisco IOS provides a knob to do what he described.

- Wayne



----- Original Message -----
From: Elliott, Andrew
To: 'Wayne (juniper nsp)' ; 'Ben Buxton' ; 'Ajay Bhardwaj' ; 'juniper-nsp@puck.nether.net'
Sent: Tuesday, February 18, 2003 10:26 AM
Subject: RE: [j-nsp] Filtering OSPF routes


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wayne,

I have seen this in action, and it is ugly.

I recently had to work on a Cisco network where all routers were in
one of two areas, and they were using the distribute-lists to only
use the 0/0 LSA. This created many routing loops, and I asked the
"designer" what they were thinking, and basically got the cold
shoulder. I couldn't understand why someone would want to use OSPF
and then deliberately break it in that manner.

Has anyone on this list ever seen a good reason to filter LSAs?

- -andrew

- -----Original Message-----
From: Wayne (juniper nsp) [mailto:wg-jnpr-nsp@wgustavus.com]
Sent: Saturday, February 15, 2003 11:43 PM
To: Ben Buxton; Ajay Bhardwaj; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes




Actually, if you are running a sufficiently high enough version of
IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your
exact scenario if this will accomplish what you are trying to do. It
does tend to go contrary to the design of OSPF (or any link state
protocol), but I suppose enough people wanted the knob, so they got
it.

Not sure if JUNOS has a similar knob.

- - Wayne

- ----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes


You cannot filter OSPF. This would break the requirement that all
routers have
the same link state view.
This is true for both Junos and IOS.

BB

- -----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes



Hi all,

We have cisco 7200 router and M-5 router both running ospf and part
of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to
m5 either at 7200 side or m5 side. Pls if anyone have any solution to
this would be gr8 help for me.

Ajay Bhardwaj




_____





_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp




-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPlJPyq9gT5vxrBTJEQJqJACfRGLECJTzh9EeWLl7mG693JoJwW0An25A
oMqrBQo8mopBgWm+4DFQiqxr
=W5D4
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030218/6019a132/attachment.htm
Filtering OSPF routes [ In reply to ]
IOS only allows filtering type-3 at ABR, I think the original poster's
intend was to filter LSA within the same area.

The feature could be useful for enterprise networks, do not think it is
helpful for the SPs.

Thanks
--kent
----- Original Message -----
From: "Wayne (juniper nsp)" <wg-jnpr-nsp@wgustavus.com>
To: "Ben Buxton" <B.Buxton@Planettechnologies.nl>; "Ajay Bhardwaj"
<ajay.bhardwaj@in.spectranet.com>; <juniper-nsp@puck.nether.net>
Sent: Saturday, February 15, 2003 11:42 PM
Subject: Re: [j-nsp] Filtering OSPF routes


MessageActually, if you are running a sufficiently high enough version of
IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your exact
scenario if this will accomplish what you are trying to do. It does tend to
go contrary to the design of OSPF (or any link state protocol), but I
suppose enough people wanted the knob, so they got it.

Not sure if JUNOS has a similar knob.

- Wayne
----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes



You cannot filter OSPF. This would break the requirement that all routers
have
the same link state view.
This is true for both Junos and IOS.

BB
-----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and part of
area 10.

I want to deny few routes which are flowing trough ospf from 7200 to m5
either at 7200 side or m5 side. Pls if anyone have any solution to this
would be gr8 help for me.

Ajay Bhardwaj



----------------------------------------------------------------------------
--


_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp



----------------------------------------------------------------------------
----


> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
Filtering OSPF routes [ In reply to ]
IOS only allows filtering type-3 at ABR, I think the original poster's
intend was to filter LSA within the same area.

The IOS feature could be useful for enterprise networks, do not think it is
helpful for the SPs.

Thanks
--kent
----- Original Message -----
From: "Wayne (juniper nsp)" <wg-jnpr-nsp@wgustavus.com>
To: "Elliott, Andrew" <AElliott@xo.com>; "'Ben Buxton'"
<B.Buxton@Planettechnologies.nl>; "'Ajay Bhardwaj'"
<ajay.bhardwaj@in.spectranet.com>; <juniper-nsp@puck.nether.net>
Sent: Tuesday, February 18, 2003 12:07 PM
Subject: Re: [j-nsp] Filtering OSPF routes


RE: [j-nsp] Filtering OSPF routesOk,

On the off chance that it wasn't clear in my original post when I said
"contrary to the design of OSPF (or any link state

protocol)", I am NOT advocating anyone doing this. I am simply pointing out
that Cisco IOS provides a knob to do what he described.

- Wayne



----- Original Message -----
From: Elliott, Andrew
To: 'Wayne (juniper nsp)' ; 'Ben Buxton' ; 'Ajay Bhardwaj' ;
'juniper-nsp@puck.nether.net'
Sent: Tuesday, February 18, 2003 10:26 AM
Subject: RE: [j-nsp] Filtering OSPF routes


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wayne,

I have seen this in action, and it is ugly.

I recently had to work on a Cisco network where all routers were in
one of two areas, and they were using the distribute-lists to only
use the 0/0 LSA. This created many routing loops, and I asked the
"designer" what they were thinking, and basically got the cold
shoulder. I couldn't understand why someone would want to use OSPF
and then deliberately break it in that manner.

Has anyone on this list ever seen a good reason to filter LSAs?

- -andrew

- -----Original Message-----
From: Wayne (juniper nsp) [mailto:wg-jnpr-nsp@wgustavus.com]
Sent: Saturday, February 15, 2003 11:43 PM
To: Ben Buxton; Ajay Bhardwaj; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes




Actually, if you are running a sufficiently high enough version of
IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your
exact scenario if this will accomplish what you are trying to do. It
does tend to go contrary to the design of OSPF (or any link state
protocol), but I suppose enough people wanted the knob, so they got
it.

Not sure if JUNOS has a similar knob.

- - Wayne

- ----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes


You cannot filter OSPF. This would break the requirement that all
routers have
the same link state view.
This is true for both Junos and IOS.

BB

- -----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes



Hi all,

We have cisco 7200 router and M-5 router both running ospf and part
of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to
m5 either at 7200 side or m5 side. Pls if anyone have any solution to
this would be gr8 help for me.

Ajay Bhardwaj




_____





_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp




-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPlJPyq9gT5vxrBTJEQJqJACfRGLECJTzh9EeWLl7mG693JoJwW0An25A
oMqrBQo8mopBgWm+4DFQiqxr
=W5D4
-----END PGP SIGNATURE-----



----------------------------------------------------------------------------
----


> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
Filtering OSPF routes [ In reply to ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Right, I understood your position.

My question is what type of normal scenario (non-hack) would
necessitate the knob?

- -andrew

- -----Original Message-----
From: Wayne (juniper nsp) [mailto:wg-jnpr-nsp@wgustavus.com]
Sent: Tuesday, February 18, 2003 12:07 PM
To: Elliott, Andrew; 'Ben Buxton'; 'Ajay Bhardwaj';
juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes


Ok,

On the off chance that it wasn't clear in my original post when I
said "contrary to the design of OSPF (or any link state

protocol)", I am NOT advocating anyone doing this. I am simply
pointing out that Cisco IOS provides a knob to do what he described.

- - Wayne



- ----- Original Message -----
From: Elliott, Andrew
To: 'Wayne (juniper nsp)' ; 'Ben Buxton' ; 'Ajay Bhardwaj' ;
'juniper-nsp@puck.nether.net'
Sent: Tuesday, February 18, 2003 10:26 AM
Subject: RE: [j-nsp] Filtering OSPF routes



*** PGP Signature Status: bad
*** Signer: Andrew M. Elliott <aelliott@xo.com>
*** Signed: 2/18/2003 10:22:50 AM
*** Verified: 2/18/2003 2:00:33 PM
*** BEGIN PGP VERIFIED MESSAGE ***

Wayne,

I have seen this in action, and it is ugly.

I recently had to work on a Cisco network where all routers were in
one of two areas, and they were using the distribute-lists to only
use the 0/0 LSA. This created many routing loops, and I asked the
"designer" what they were thinking, and basically got the cold
shoulder. I couldn't understand why someone would want to use OSPF
and then deliberately break it in that manner.

Has anyone on this list ever seen a good reason to filter LSAs?

- -andrew

- -----Original Message-----
From: Wayne (juniper nsp) [ mailto:wg-jnpr-nsp@wgustavus.com]
Sent: Saturday, February 15, 2003 11:43 PM
To: Ben Buxton; Ajay Bhardwaj; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes



Actually, if you are running a sufficiently high enough version of
IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your
exact scenario if this will accomplish what you are trying to do. It
does tend to go contrary to the design of OSPF (or any link state
protocol), but I suppose enough people wanted the knob, so they got
it.

Not sure if JUNOS has a similar knob.

- - Wayne

- ----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes


You cannot filter OSPF. This would break the requirement that all
routers have
the same link state view.
This is true for both Junos and IOS.

BB

- -----Original Message-----
From: Ajay Bhardwaj [ mailto:ajay.bhardwaj@in.spectranet.com]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and part
of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to
m5 either at 7200 side or m5 side. Pls if anyone have any solution to
this would be gr8 help for me.

Ajay Bhardwaj



_____




_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp




*** END PGP VERIFIED MESSAGE ***


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPlKDWK9gT5vxrBTJEQIzIACgm1g6rBq+In1VljQQ6x+38wkxvXwAoOdN
7o+lnRnKSHi5f+L0qAgkP35X
=1KQV
-----END PGP SIGNATURE-----
Filtering OSPF routes [ In reply to ]
Well no, IOS also allows you to configure a route-map to block OSPF
routes from being added to the routing-table, matching on any OSPF
attributes. This will not help the original poster, since LSAs are still
flooded normally and its his M5 he wanted to block the routes on. With
this IOS feature, routes are only filtered from the RIB on the local
router, but I believe what he was looking for was a similar feature in
JunOS, which would probably be preferable to filtering the LSAs on the
remote (Cisco) side.

I've never tried this feature myself, but Cisco calls this "OSPF Route
Map-based filtering" and it's available in 12.0S trains. I guess it
would correspond to an import filter in JunOS, which you can not set for
OSPF.

/leg

On Tue, 2003-02-18 at 18:31, Kent Yu wrote:
> IOS only allows filtering type-3 at ABR, I think the original poster's
> intend was to filter LSA within the same area.
>
> The feature could be useful for enterprise networks, do not think it is
> helpful for the SPs.
>
> Thanks
> --kent
> ----- Original Message -----
> From: "Wayne (juniper nsp)" <wg-jnpr-nsp@wgustavus.com>
> To: "Ben Buxton" <B.Buxton@Planettechnologies.nl>; "Ajay Bhardwaj"
> <ajay.bhardwaj@in.spectranet.com>; <juniper-nsp@puck.nether.net>
> Sent: Saturday, February 15, 2003 11:42 PM
> Subject: Re: [j-nsp] Filtering OSPF routes
>
>
> MessageActually, if you are running a sufficiently high enough version of
> IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your exact
> scenario if this will accomplish what you are trying to do. It does tend to
> go contrary to the design of OSPF (or any link state protocol), but I
> suppose enough people wanted the knob, so they got it.
>
> Not sure if JUNOS has a similar knob.
>
> - Wayne
> ----- Original Message -----
> From: Ben Buxton
> To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
> Sent: Monday, February 10, 2003 4:18 AM
> Subject: RE: [j-nsp] Filtering OSPF routes
>
>
>
> You cannot filter OSPF. This would break the requirement that all routers
> have
> the same link state view.
> This is true for both Junos and IOS.
>
> BB
> -----Original Message-----
> From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
> Sent: Monday, 10 February 2003 08:39
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] Filtering OSPF routes
>
>
> Hi all,
>
> We have cisco 7200 router and M-5 router both running ospf and part of
> area 10.
>
> I want to deny few routes which are flowing trough ospf from 7200 to m5
> either at 7200 side or m5 side. Pls if anyone have any solution to this
> would be gr8 help for me.
>
> Ajay Bhardwaj
>
>
>
> ----------------------------------------------------------------------------
> --
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
> ----------------------------------------------------------------------------
> ----
>
>
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > http://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
Filtering OSPF routes [ In reply to ]
in JUNOS you can do similar things by applying a export policy under
the forwarding table branch; note that although the policy language
provides you with many "from" match-conditions not all do make
sense in a policy which control route flow beteen the
kernel routing table and the PFE

/hannes

On Tue, Feb 18, 2003 at 09:07:28PM +0100, Lars Erik Gullerud wrote:
| Well no, IOS also allows you to configure a route-map to block OSPF
| routes from being added to the routing-table, matching on any OSPF
| attributes. This will not help the original poster, since LSAs are still
| flooded normally and its his M5 he wanted to block the routes on. With
| this IOS feature, routes are only filtered from the RIB on the local
| router, but I believe what he was looking for was a similar feature in
| JunOS, which would probably be preferable to filtering the LSAs on the
| remote (Cisco) side.
|
| I've never tried this feature myself, but Cisco calls this "OSPF Route
| Map-based filtering" and it's available in 12.0S trains. I guess it
| would correspond to an import filter in JunOS, which you can not set for
| OSPF.
|
| /leg
|
| On Tue, 2003-02-18 at 18:31, Kent Yu wrote:
| > IOS only allows filtering type-3 at ABR, I think the original poster's
| > intend was to filter LSA within the same area.
| >
| > The feature could be useful for enterprise networks, do not think it is
| > helpful for the SPs.
| >
| > Thanks
| > --kent
| > ----- Original Message -----
| > From: "Wayne (juniper nsp)" <wg-jnpr-nsp@wgustavus.com>
| > To: "Ben Buxton" <B.Buxton@Planettechnologies.nl>; "Ajay Bhardwaj"
| > <ajay.bhardwaj@in.spectranet.com>; <juniper-nsp@puck.nether.net>
| > Sent: Saturday, February 15, 2003 11:42 PM
| > Subject: Re: [j-nsp] Filtering OSPF routes
| >
| >
| > MessageActually, if you are running a sufficiently high enough version of
| > IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your exact
| > scenario if this will accomplish what you are trying to do. It does tend to
| > go contrary to the design of OSPF (or any link state protocol), but I
| > suppose enough people wanted the knob, so they got it.
| >
| > Not sure if JUNOS has a similar knob.
| >
| > - Wayne
| > ----- Original Message -----
| > From: Ben Buxton
| > To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
| > Sent: Monday, February 10, 2003 4:18 AM
| > Subject: RE: [j-nsp] Filtering OSPF routes
| >
| >
| >
| > You cannot filter OSPF. This would break the requirement that all routers
| > have
| > the same link state view.
| > This is true for both Junos and IOS.
| >
| > BB
| > -----Original Message-----
| > From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com]
| > Sent: Monday, 10 February 2003 08:39
| > To: juniper-nsp@puck.nether.net
| > Subject: [j-nsp] Filtering OSPF routes
| >
| >
| > Hi all,
| >
| > We have cisco 7200 router and M-5 router both running ospf and part of
| > area 10.
| >
| > I want to deny few routes which are flowing trough ospf from 7200 to m5
| > either at 7200 side or m5 side. Pls if anyone have any solution to this
| > would be gr8 help for me.
| >
| > Ajay Bhardwaj
Filtering OSPF routes [ In reply to ]
Wayne is correct in that there are uses for filtering LSA information, that,
while in the graph theoretical sense are contrary to link state design, are
still very in-tune with IP network design. A perfect example is a
stub-host. There are oher ways to do this, but this is one example.
Another may be a firewall running gated that you may wish to hide some
information from/to. And finally. type 5 and 7 LSAs should be filterable as
they are "pathed" based on distance vector info.

Again, YMMV and loops can be common in this environment.

-c

-----Original Message-----
From: Wayne (juniper nsp) [mailto:wg-jnpr-nsp@wgustavus.com]
Sent: Tuesday, February 18, 2003 12:07 PM
To: Elliott, Andrew; 'Ben Buxton'; 'Ajay Bhardwaj';
juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes


Ok,

On the off chance that it wasn't clear in my original post when I said
"contrary to the design of OSPF (or any link state

protocol)", I am NOT advocating anyone doing this. I am simply pointing out
that Cisco IOS provides a knob to do what he described.

- Wayne



----- Original Message -----
From: Elliott, Andrew <mailto:AElliott@xo.com>
To: 'Wayne (juniper nsp)' <mailto:wg-jnpr-nsp@wgustavus.com> ; 'Ben Buxton'
<mailto:B.Buxton@Planettechnologies.nl> ; 'Ajay Bhardwaj'
<mailto:ajay.bhardwaj@in.spectranet.com> ; 'juniper-nsp@puck.nether.net'
<mailto:'juniper-nsp@puck.nether.net'>
Sent: Tuesday, February 18, 2003 10:26 AM
Subject: RE: [j-nsp] Filtering OSPF routes


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Wayne,

I have seen this in action, and it is ugly.

I recently had to work on a Cisco network where all routers were in
one of two areas, and they were using the distribute-lists to only
use the 0/0 LSA. This created many routing loops, and I asked the
"designer" what they were thinking, and basically got the cold
shoulder. I couldn't understand why someone would want to use OSPF
and then deliberately break it in that manner.

Has anyone on this list ever seen a good reason to filter LSAs?

- -andrew

- -----Original Message-----
From: Wayne (juniper nsp) [mailto:wg-jnpr-nsp@wgustavus.com
<mailto:wg-jnpr-nsp@wgustavus.com> ]
Sent: Saturday, February 15, 2003 11:43 PM
To: Ben Buxton; Ajay Bhardwaj; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Filtering OSPF routes



Actually, if you are running a sufficiently high enough version of
IOS (e.g. 12.0S), the 7200 can filter some LSAs. It depends on your
exact scenario if this will accomplish what you are trying to do. It
does tend to go contrary to the design of OSPF (or any link state
protocol), but I suppose enough people wanted the knob, so they got
it.

Not sure if JUNOS has a similar knob.

- - Wayne

- ----- Original Message -----
From: Ben Buxton
To: Ajay Bhardwaj ; juniper-nsp@puck.nether.net
Sent: Monday, February 10, 2003 4:18 AM
Subject: RE: [j-nsp] Filtering OSPF routes


You cannot filter OSPF. This would break the requirement that all
routers have
the same link state view.
This is true for both Junos and IOS.

BB

- -----Original Message-----
From: Ajay Bhardwaj [mailto:ajay.bhardwaj@in.spectranet.com
<mailto:ajay.bhardwaj@in.spectranet.com> ]
Sent: Monday, 10 February 2003 08:39
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Filtering OSPF routes


Hi all,

We have cisco 7200 router and M-5 router both running ospf and part
of area 10.

I want to deny few routes which are flowing trough ospf from 7200 to
m5 either at 7200 side or m5 side. Pls if anyone have any solution to
this would be gr8 help for me.

Ajay Bhardwaj



_____




_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/juniper-nsp
<http://puck.nether.net/mailman/listinfo/juniper-nsp>



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com
<http://www.pgp.com> >

iQA/AwUBPlJPyq9gT5vxrBTJEQJqJACfRGLECJTzh9EeWLl7mG693JoJwW0An25A
oMqrBQo8mopBgWm+4DFQiqxr
=W5D4
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://puck.nether.net/pipermail/juniper-nsp/attachments/20030220/649d65df/attachment.htm