Filter a Route

control · March 2013

Afternoon All,

If I have a static route in place and I do not want this being sent out via OSPF to adjacent routers, is there a way for me to filter out this one route?
I created a static route and it's automatically being learnt by neighbor routers, but for this one route I do not want this.

Thanks

nerdydad · March 2013

There are a few different ways to filter routes, but if you are not redistributing it into ospf, it will not be advertised to the neighbors.

control · March 2013

This is my issue - it is being redistributed into OSPF, but I don't want this route to...

altdrugz · March 2013

is there the "redistribute static" in the ospf section of running-config ?

nerdydad · March 2013

There would have to be a redistribute static command in there, unless you're using packet tracer or something, sometimes simulators do funny things.

access-list 10 deny x.x.x.x x.x.x.x (route you don't want advertised)
access-list 10 permit any any (allows all other routes)

router ospf x (on the router with the static route)
distribute-list 10 out

fiftyo · March 2013

You could redistribute using route-maps:
First define the static route: ip route a.c.d.f b.b.b.b exit int/next hop
Then define a prefix-list matching the static route: ip prefix-list block_static permit x.x.x.x/y #Where y matches the subnet mask you defined in the static route, but in prefix form instead of x.x.x.x
Next define the route-map which will block this static route:
route-map block_static deny 10
match ip address prefix-list block_static
route-map block_static permit 100
#Leave this empty, if you don't end the route-map with a permit statement, all other redistributed routes will be blocked as well...
Tie everything together:
router ospf 1
redistribute static subnets route-map block_static
This will redistribute static routes, but calling on the route-map first. It looks at the first sequence number, in this case 10 which specifies deny, looks at what it matches, in this case the prefix-list matching the static route, it then denies the matched route from being redistributed. Then it moves on the the sequence number 100, which is a permit statement, sees no match statement, which means in this case it will match everything, meaning every route redistributed except the one denied earlier will be redistributed.

control · March 2013

Thanks for that.

Regarding the route map, if there is already a route map attached to the redistribute static command (but permitting networks), can I add a second route map to deny my one network?

control · March 2013

ah I can now see where the issue is. The network I don't want advertised is part of that permit route map on the router!

fiftyo · March 2013

control wrote: »

Thanks for that.

Regarding the route map, if there is already a route map attached to the redistribute static command (but permitting networks), can I add a second route map to deny my one network?

You could add a deny statement with a lower sequence number in the route-map, matching the static route you want to filter. It will then be matched earlier in the route-map, and therefore be denied to be redistributed. Or as in the post above this one, you could just remove the static route being permitted in the route-map, from the acl/prefix-list etc. it's matched in.

control · March 2013

Appreciate the feedback and advice. Cheers

vayze · March 2013

fiftyo wrote: »

You could add a deny statement with a lower sequence number in the route-map, matching the static route you want to filter. It will then be matched earlier in the route-map, and therefore be denied to be redistributed. Or as in the post above this one, you could just remove the static route being permitted in the route-map, from the acl/prefix-list etc. it's matched in.

+1++++++++++++++1

Filter a Route

Comments