Chapter-2: OSPF Route Filtering

.owl-carousel .owl-video-play-icon{--wpr-bg-6464ba76-8bd9-488d-841c-0716e698f838: url('https://sprintgrad.com/wp-content/plugins/blog-designer-pack/assets/css/owl.video.play.png');}.iti__flag{--wpr-bg-01782edc-cc20-4625-ba65-89511d069804: url('https://sprintgrad.com/wp-content/plugins/sms-alert/images/flags.png');}.iti__flag{--wpr-bg-aca4687e-b65e-4c78-9eaf-05e4320f3a57: url('https://sprintgrad.com/wp-content/plugins/sms-alert/images/flags@2x.png');}#wpdiscuz-loading-bar{--wpr-bg-7962bd76-b8c4-4471-a6fc-04d5929ffde2: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/img/loading.gif');}#wpdcom .wmu-tabs .wmu-preview-remove .wmu-delete{--wpr-bg-52338d08-fd4a-44a1-94af-f359f6264431: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/img/delete.png');}#wpdcom .wmu-attachment-delete,.wpd-content .wmu-attachment-delete{--wpr-bg-ddd63fae-77f7-4f4c-88df-4bab8daf783d: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/img/file-icons/delete.png');}#cboxOverlay{--wpr-bg-0b85ce11-52db-4e48-b0d2-45bb88158bb1: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/overlay.png');}#cboxTopLeft{--wpr-bg-a7ce0856-1134-4f84-9c8e-7b694008c9f6: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxTopRight{--wpr-bg-44dbdab2-d18d-4985-8119-fed404f2960c: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxBottomLeft{--wpr-bg-cf03cf81-c806-4333-b79e-abdb93e8ab83: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxBottomRight{--wpr-bg-d04ddf63-71b2-4270-8446-bd068ee04a76: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxMiddleLeft{--wpr-bg-bcd0fa72-8a9d-4184-86cc-59f8a605f78f: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxMiddleRight{--wpr-bg-9f1c8391-e53c-439e-8eae-2d8f528f54b6: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxTopCenter{--wpr-bg-68e38754-a9fb-4d1d-b644-f17c7837d766: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/border.png');}#cboxBottomCenter{--wpr-bg-570fe792-d31b-43f7-b4a1-e92b7133a47a: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/border.png');}#cboxLoadingOverlay{--wpr-bg-e71cc2a1-1e50-42af-a9fd-fce3463716a6: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/loading_background.png');}#cboxLoadingGraphic{--wpr-bg-43513112-fb89-408c-9250-503f55bebd3f: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/loading.gif');}#cboxPrevious{--wpr-bg-c1230cde-ecb4-4420-8010-972cfb40a154: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxNext{--wpr-bg-b491585f-bc4a-49ec-ad94-efc192eaa4c4: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}#cboxClose{--wpr-bg-2582595a-91ba-4317-9002-21c38548ef04: url('https://sprintgrad.com/wp-content/plugins/wpdiscuz/assets/third-party/colorbox/images/controls.png');}.lp-ico-ai{--wpr-bg-c7be1cdc-1ced-49a2-a4ac-2f60361b3512: url('https://sprintgrad.com/wp-content/plugins/learnpress/images/icons/ico-ai.svg');}.bdt-lazy-loading{--wpr-bg-1baa6a2f-bbe2-4100-80b8-b22565d3348f: url('https://sprintgrad.com/wp-content/plugins/bdthemes-element-pack-lite/assets/images/loading.svg');}.elementor-5996 .elementor-element.elementor-element-582479c6:not(.elementor-motion-effects-element-type-background), .elementor-5996 .elementor-element.elementor-element-582479c6 > .elementor-motion-effects-container > .elementor-motion-effects-layer{--wpr-bg-a55e97c9-2b9b-4f30-aba3-29d66b1e21ca: url('https://sprintgrad.com/wp-content/uploads/2023/02/footer-color-background.png');}

Chapter-2: OSPF Route Filtering

Objective

This lab focuses on implementing OSPF route filtering. By the end of this lab, participants will understand how to control OSPF route propagation and prevent specific routes (inter-area, external routes) from being advertised or learned within the OSPF domain.

Key Features Implemented

LSA Type-3 filtering
LSA Type-5 filtering
Preventing specific OSPF routes from being installed in the routing table of a router using distribute lists
Route Verification

Topology

The lab utilizes the OSPF multi-area topology as shown in the diagram from page 1 of the "Chapter-2: OSPF Route Filtering" PDF.

Configuration Tasks

Configure IP addresses and routing protocols as shown in the topology:
- Assign IP addresses to all interfaces as per the topology.
- Configure OSPF on the router interfaces in the appropriate areas.
- Configure EIGRP domains as indicated in the topology.
Redistribute EIGRP into OSPF and vice versa:
- On R3 and R5, configure redistribution between EIGRP and OSPF.
Configure LSA Type-3 Filtering:
- Prevent the loopbacks of R3 from being advertised into Area 2.
- Prevent the loopbacks of R7 from being advertised into Area 5.
- Prevent 12.1.1.0/30 network from being advertised out of Area 0.
Configure LSA Type-5 Filtering:
- Prevent Loopback1 and Loopback2 of R6 from being advertised into the OSPF domain using a prefix list.
- Prevent Loopback4 and Loopback5 of R5 from being advertised into the OSPF domain using an ACL.
Configure Route Filtering:
- Restrict Loopback1 and Loopback2 of R3 from being displayed in the routing table of R4.
- Restrict Loopback3 and Loopback4 of R7 from being displayed in the routing table of R3.
Verify the configuration:
- Check OSPF database and ensure the routing tables reflect the desired filtering.

Base Configurations

Ready to get started? Here, you'll find the initial configurations for each device to begin this lab.

hostname R1

interface Ethernet0/0
 ip address 12.1.1.1 255.255.255.252
 ip ospf 1 area 0
interface Ethernet0/1
 ip address 13.1.1.1 255.255.255.248
 ip ospf 1 area 3
interface Ethernet0/2
 ip address 14.1.1.1 255.255.255.248
 ip ospf 1 area 4
interface Ethernet0/3
 ip address 15.1.1.1 255.255.255.252
 ip ospf 1 area 5

router ospf 1
 router-id 1.1.1.1

hostname R2

interface Ethernet0/0
 ip address 12.1.1.2 255.255.255.252
 ip ospf 2 area 0
interface Ethernet0/1
 ip address 27.1.1.1 255.255.255.252
 ip ospf 2 area 2

router ospf 2
 router-id 2.2.2.2

hostname R3

interface Loopback1
 ip address 3.1.1.1 255.255.255.255
 ip ospf 3 area 3
interface Loopback2
 ip address 3.1.1.2 255.255.255.255
 ip ospf 3 area 3
interface Loopback3
 ip address 3.1.1.3 255.255.255.255
 ip ospf 3 area 3
interface Loopback4
 ip address 3.1.1.4 255.255.255.255
 ip ospf 3 area 3
interface Loopback5
 ip address 3.1.1.5 255.255.255.255
 ip ospf 3 area 3
interface Ethernet0/0
 ip address 13.1.1.2 255.255.255.248
 ip ospf 3 area 3
interface Ethernet0/1
 ip address 36.1.1.1 255.255.255.252

router ospf 3
 router-id 3.3.3.3
 redistribute eigrp 200 subnets

router eigrp 200
 network 36.1.1.1 0.0.0.0
 redistribute ospf 3 metric 1 1 1 1 1

hostname R4

interface Ethernet0/0
 ip address 14.1.1.2 255.255.255.248
 ip ospf 4 area 4

router ospf 4
 router-id 4.4.4.4

hostname R5

interface Loopback1
 ip address 5.1.1.1 255.255.255.255
interface Loopback2
 ip address 5.1.1.2 255.255.255.255
interface Loopback3
 ip address 5.1.1.3 255.255.255.255
interface Loopback4
 ip address 5.1.1.4 255.255.255.255
interface Loopback5
 ip address 5.1.1.5 255.255.255.255
interface Ethernet0/0
 ip address 15.1.1.2 255.255.255.252
 ip ospf 5 area 5

router ospf 5
 router-id 5.5.5.5
 redistribute eigrp 100 subnets

router eigrp 100
 network 5.1.1.1 0.0.0.0
 network 5.1.1.2 0.0.0.0
 network 5.1.1.3 0.0.0.0
 network 5.1.1.4 0.0.0.0
 network 5.1.1.5 0.0.0.0
 redistribute ospf 5 metric 1 1 1 1 1

hostname R6

interface Loopback1
 ip address 6.1.1.1 255.255.255.255
interface Loopback2
 ip address 6.1.1.2 255.255.255.255
interface Loopback3
 ip address 6.1.1.3 255.255.255.255
interface Loopback4
 ip address 6.1.1.4 255.255.255.255
interface Loopback5
 ip address 6.1.1.5 255.255.255.255
interface Ethernet0/0
 ip address 36.1.1.2 255.255.255.252

router eigrp 200
 network 6.1.1.1 0.0.0.0
 network 6.1.1.2 0.0.0.0
 network 6.1.1.3 0.0.0.0
 network 6.1.1.4 0.0.0.0
 network 6.1.1.5 0.0.0.0
 network 36.1.1.2 0.0.0.0

hostname R7

interface Loopback1
 ip address 7.1.1.1 255.255.255.255
 ip ospf 7 area 2
interface Loopback2
 ip address 7.1.1.2 255.255.255.255
 ip ospf 7 area 2
interface Loopback3
 ip address 7.1.1.3 255.255.255.255
 ip ospf 7 area 2
interface Loopback4
 ip address 7.1.1.4 255.255.255.255
 ip ospf 7 area 2
interface Loopback5
 ip address 7.1.1.5 255.255.255.255
 ip ospf 7 area 2
interface Ethernet0/0
 ip address 27.1.1.2 255.255.255.252
 ip ospf 7 area 2

router ospf 7
 router-id 7.7.7.7

Verification Commands

show ip ospf neighbor
- Check the OSPF adjacency states and confirm neighbor relationships.
show ip ospf database
- Verify LSA Type-3 and Type-5 filtering.
show ip route ospf
- Check the routing table for filtered and permitted routes.
show ip prefix-list
- Verify prefix lists applied for filtering.
show access-lists
- Check ACL configuration for route filtering.
show running-config
- Validate the applied configurations.

Expected Outcomes

Routes filtered via Type-3 and Type-5 LSAs should not propagate beyond their intended scope.
OSPF adjacency should remain stable across the topology.
Routing tables should reflect only the permitted routes.
End-to-end connectivity should exist for allowed routes while filtered routes remain unreachable.

Final Configurations

Want to take a look for yourself? Here, you will find the final configurations of each device required for this lab.

hostname R1

interface Ethernet0/0
 ip address 12.1.1.1 255.255.255.252
 ip ospf 1 area 0
interface Ethernet0/1
 ip address 13.1.1.1 255.255.255.248
 ip ospf 1 area 3
interface Ethernet0/2
 ip address 14.1.1.1 255.255.255.248
 ip ospf 1 area 4
interface Ethernet0/3
 ip address 15.1.1.1 255.255.255.252
 ip ospf 1 area 5

ip prefix-list deny-12-net seq 5 deny 12.1.1.0/30
ip prefix-list deny-12-net seq 10 permit 0.0.0.0/0 le 32
ip prefix-list loopbacks-of-R7 seq 5 deny 7.1.1.1/32
ip prefix-list loopbacks-of-R7 seq 10 deny 7.1.1.2/32
ip prefix-list loopbacks-of-R7 seq 15 deny 7.1.1.3/32
ip prefix-list loopbacks-of-R7 seq 20 deny 7.1.1.4/32
ip prefix-list loopbacks-of-R7 seq 25 deny 7.1.1.5/32
ip prefix-list loopbacks-of-R7 seq 30 permit 0.0.0.0/0 le 32

router ospf 1
 router-id 1.1.1.1
 area 0 filter-list prefix deny-12-net out
 area 5 filter-list prefix loopbacks-of-R7 in

hostname R2

interface Ethernet0/0
 ip address 12.1.1.2 255.255.255.252
 ip ospf 2 area 0
interface Ethernet0/1
 ip address 27.1.1.1 255.255.255.252
 ip ospf 2 area 2

ip prefix-list deny-12-net seq 5 deny 12.1.1.0/30
ip prefix-list deny-12-net seq 10 permit 0.0.0.0/0 le 32
ip prefix-list loopbacks-of-R3 seq 5 deny 3.1.1.1/32
ip prefix-list loopbacks-of-R3 seq 10 deny 3.1.1.2/32
ip prefix-list loopbacks-of-R3 seq 15 deny 3.1.1.3/32
ip prefix-list loopbacks-of-R3 seq 20 deny 3.1.1.4/32
ip prefix-list loopbacks-of-R3 seq 25 deny 3.1.1.5/32
ip prefix-list loopbacks-of-R3 seq 30 permit 0.0.0.0/0 le 32

router ospf 2
 router-id 2.2.2.2
 area 0 filter-list prefix deny-12-net out
 area 2 filter-list prefix loopbacks-of-R3 in

hostname R3

interface Loopback1
 ip address 3.1.1.1 255.255.255.255
 ip ospf 3 area 3
interface Loopback2
 ip address 3.1.1.2 255.255.255.255
 ip ospf 3 area 3
interface Loopback3
 ip address 3.1.1.3 255.255.255.255
 ip ospf 3 area 3
interface Loopback4
 ip address 3.1.1.4 255.255.255.255
 ip ospf 3 area 3
interface Loopback5
 ip address 3.1.1.5 255.255.255.255
 ip ospf 3 area 3
interface Ethernet0/0
 ip address 13.1.1.2 255.255.255.248
 ip ospf 3 area 3
interface Ethernet0/1
 ip address 36.1.1.1 255.255.255.252

ip prefix-list deny-loopback-1-2 seq 5 deny 6.1.1.1/32
ip prefix-list deny-loopback-1-2 seq 10 deny 6.1.1.2/32
ip prefix-list deny-loopback-1-2 seq 15 permit 0.0.0.0/0 le 32
ip prefix-list deny-loopback-3-4-of-R7 seq 5 deny 7.1.1.3/32
ip prefix-list deny-loopback-3-4-of-R7 seq 10 deny 7.1.1.4/32
ip prefix-list deny-loopback-3-4-of-R7 seq 15 permit 0.0.0.0/0 le 32

router ospf 3
 router-id 3.3.3.3
 redistribute eigrp 200 subnets
 distribute-list prefix deny-loopback-1-2 out
 distribute-list prefix deny-loopback-3-4-of-R7 in

router eigrp 200
 network 36.1.1.1 0.0.0.0
 redistribute ospf 3 metric 1 1 1 1 1

hostname R4

interface Ethernet0/0
 ip address 14.1.1.2 255.255.255.248
 ip ospf 4 area 4

ip prefix-list deny-loopback-1-2-of-R3 seq 5 deny 3.1.1.1/32
ip prefix-list deny-loopback-1-2-of-R3 seq 10 deny 3.1.1.2/32
ip prefix-list deny-loopback-1-2-of-R3 seq 15 permit 0.0.0.0/0 le 32

router ospf 4
 router-id 4.4.4.4
 distribute-list prefix deny-loopback-1-2-of-R3 in

hostname R5

interface Loopback1
 ip address 5.1.1.1 255.255.255.255
interface Loopback2
 ip address 5.1.1.2 255.255.255.255
interface Loopback3
 ip address 5.1.1.3 255.255.255.255
interface Loopback4
 ip address 5.1.1.4 255.255.255.255
interface Loopback5
 ip address 5.1.1.5 255.255.255.255
interface Ethernet0/0
 ip address 15.1.1.2 255.255.255.252
 ip ospf 5 area 5

access-list 100 deny   ip any host 5.1.1.4
access-list 100 deny   ip any host 5.1.1.5
access-list 100 permit ip any any

router ospf 5
 router-id 5.5.5.5
 redistribute eigrp 100 subnets
 distribute-list 100 out

router eigrp 100
 network 5.1.1.1 0.0.0.0
 network 5.1.1.2 0.0.0.0
 network 5.1.1.3 0.0.0.0
 network 5.1.1.4 0.0.0.0
 network 5.1.1.5 0.0.0.0
 redistribute ospf 5 metric 1 1 1 1 1

hostname R6

interface Loopback1
 ip address 6.1.1.1 255.255.255.255
interface Loopback2
 ip address 6.1.1.2 255.255.255.255
interface Loopback3
 ip address 6.1.1.3 255.255.255.255
interface Loopback4
 ip address 6.1.1.4 255.255.255.255
interface Loopback5
 ip address 6.1.1.5 255.255.255.255
interface Ethernet0/0
 ip address 36.1.1.2 255.255.255.252

router eigrp 200
 network 6.1.1.1 0.0.0.0
 network 6.1.1.2 0.0.0.0
 network 6.1.1.3 0.0.0.0
 network 6.1.1.4 0.0.0.0
 network 6.1.1.5 0.0.0.0
 network 36.1.1.2 0.0.0.0

hostname R7

interface Loopback1
 ip address 7.1.1.1 255.255.255.255
 ip ospf 7 area 2
interface Loopback2
 ip address 7.1.1.2 255.255.255.255
 ip ospf 7 area 2
interface Loopback3
 ip address 7.1.1.3 255.255.255.255
 ip ospf 7 area 2
interface Loopback4
 ip address 7.1.1.4 255.255.255.255
 ip ospf 7 area 2
interface Loopback5
 ip address 7.1.1.5 255.255.255.255
 ip ospf 7 area 2
interface Ethernet0/0
 ip address 27.1.1.2 255.255.255.252
 ip ospf 7 area 2

router ospf 7
 router-id 7.7.7.7

Linked Image Example

Chapter-2: OSPF Route Filtering

Objective

Key Features Implemented

Topology

Configuration Tasks

Base Configurations

Verification Commands

Expected Outcomes

Final Configurations

COMPANY

SUPPORT

CONTACT US