Consider the above scenraio where router 2 is an ABR between areas 0,1 and 2. All adjacencies are up and full exchange of routes has taken place.
A new requirement is that area 2 is deemed confidential. Area 1 must not have access to any routes originating from Area 2.
This can be achieved by making using of the ospf filter-list functionality. First a prefix-list must be defined that indicates routes that must be filtered (and allowed!).
R2
ip prefix-list AREA2 deny 150.1.24.0/24
ip prefix-list AREA2 deny 150.1.40.40/32
ip prefix-list AREA2 permit 0.0.0.0/0 le 32
N.B. the last entry in the prefix list is essential to ensure all routes other than the previously denoted denied routes are allowed through.
On router 2 the filter-list can then be applied
R2
router ospf 1
area 1 filter-list prefix AREA2 in
When the routing table on R1 is subsequently examined the 150.1.24.0/24 and 150.1.40.40/32 routes are no longer present. Nice.
No comments:
Post a Comment