Filter a Route

Afternoon All,

If I have a static route in place and I do not want this being sent out via OSPF to adjacent routers, is there a way for me to filter out this one route?
I created a static route and it's automatically being learnt by neighbor routers, but for this one route I do not want this.

Thanks

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

nerdydad

There are a few different ways to filter routes, but if you are not redistributing it into ospf, it will not be advertised to the neighbors.

control

This is my issue - it is being redistributed into OSPF, but I don't want this route to...

altdrugz

is there the "redistribute static" in the ospf section of running-config ?

nerdydad

There would have to be a redistribute static command in there, unless you're using packet tracer or something, sometimes simulators do funny things.

access-list 10 deny x.x.x.x x.x.x.x (route you don't want advertised)
access-list 10 permit any any (allows all other routes)

router ospf x (on the router with the static route)
distribute-list 10 out

fiftyo

You could redistribute using route-maps:
First define the static route: ip route a.c.d.f b.b.b.b exit int/next hop
Then define a prefix-list matching the static route: ip prefix-list block_static permit x.x.x.x/y #Where y matches the subnet mask you defined in the static route, but in prefix form instead of x.x.x.x
Next define the route-map which will block this static route:
route-map block_static deny 10
match ip address prefix-list block_static
route-map block_static permit 100
#Leave this empty, if you don't end the route-map with a permit statement, all other redistributed routes will be blocked as well...
Tie everything together:
router ospf 1
redistribute static subnets route-map block_static
This will redistribute static routes, but calling on the route-map first. It looks at the first sequence number, in this case 10 which specifies deny, looks at what it matches, in this case the prefix-list matching the static route, it then denies the matched route from being redistributed. Then it moves on the the sequence number 100, which is a permit statement, sees no match statement, which means in this case it will match everything, meaning every route redistributed except the one denied earlier will be redistributed.

control

Thanks for that.

Regarding the route map, if there is already a route map attached to the redistribute static command (but permitting networks), can I add a second route map to deny my one network?

control

ah I can now see where the issue is. The network I don't want advertised is part of that permit route map on the router!

fiftyo

control wrote: »

Thanks for that.

Regarding the route map, if there is already a route map attached to the redistribute static command (but permitting networks), can I add a second route map to deny my one network?

You could add a deny statement with a lower sequence number in the route-map, matching the static route you want to filter. It will then be matched earlier in the route-map, and therefore be denied to be redistributed. Or as in the post above this one, you could just remove the static route being permitted in the route-map, from the acl/prefix-list etc. it's matched in.

control

Appreciate the feedback and advice. Cheers

vayze

fiftyo wrote: »

You could add a deny statement with a lower sequence number in the route-map, matching the static route you want to filter. It will then be matched earlier in the route-map, and therefore be denied to be redistributed. Or as in the post above this one, you could just remove the static route being permitted in the route-map, from the acl/prefix-list etc. it's matched in.

+1++++++++++++++1