LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

@5x4x7

OSPFでdistribute-listを使用する

Posted at

※この記事は自分用メモの転記となります。

distribute-list in について

Untitled.png

R2でACLを追加、OSPFでdistribute-list をinで適用

R2#sh access-lists
Standard IP access list 20
    10 permit 10.10.10.0, wildcard bits 0.0.0.255 (1 match)

R2(config)#router ospf 1    
R2(config-router)#distribute-list 20 in

ACLで許可したルートのみがルーティングテーブルに載っている 
R2# sh ip route ospf

Gateway of last resort is not set

      10.0.0.0/32 is subnetted, 1 subnets
O        10.10.10.1 [110/2] via 192.168.2.3, 00:11:55, GigabitEthernet0/1

が、LSDBから消えているわけではない 
R2#sh ip ospf da

            OSPF Router with ID (192.168.2.2) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
10.1.3.1        10.1.3.1        73          0x80000004 0x0034A9 4
192.168.2.2     192.168.2.2     73          0x80000005 0x00E197 1

                Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
192.168.1.1     10.1.3.1        73          0x80000002 0x00330F

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.10.10.1      192.168.2.2     1032        0x80000001 0x0004AA #これだけを許可したはず
10.10.20.1      192.168.2.2     1022        0x80000001 0x00950Fn 
192.168.2.0     192.168.2.2     73          0x80000002 0x00A3BE

~~以下略~~

したがってR2でdistribute-listを設定した(R2でルートがフィルタリングされている)のにも関わらずR1はフィルタリングしたはずのルートを受信し、ルーティングテーブルに載せる 
R1#sh ip route ospf

Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks
O IA     10.10.10.1/32 [110/3] via 192.168.1.2, 00:20:12, GigabitEthernet0/0
O IA     10.10.20.1/32 [110/3] via 192.168.1.2, 00:20:03, GigabitEthernet0/0
 ↑フィルタリングしたはずでは?
O IA  192.168.2.0/24 [110/2] via 192.168.1.2, 00:35:04, GigabitEthernet0/0

尚、ASBRで”summary-address”コマンドで”not-advertise”オプションを使用をするとLSA type5のアドバタイズを拒否することができる

Router(config-router)#do sh ip ospf da

            OSPF Router with ID (10.23.1.3) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
10.12.1.1       10.12.1.1       9           0x80000006 0x00670C 2
10.23.1.2       10.23.1.2       10          0x80000007 0x00D6DD 1
10.23.1.3       10.23.1.3       22          0x80000003 0x00E1B8 1

                Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.12.1.1       10.23.1.2       10          0x80000001 0x00873A
10.23.1.3       10.23.1.3       22          0x80000001 0x00F2BF

                Type-5 AS External Link States

Link ID         ADV Router      Age         Seq#       Checksum Tag
172.16.1.0      10.23.1.3       742         0x80000001 0x002B92 0


Router(config-router)#summary-address 172.16.1.0 255.255.255.0 not-advertise
Router(config-router)#do sh ip ospf da

            OSPF Router with ID (10.23.1.3) (Process ID 1)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
10.12.1.1       10.12.1.1       520         0x80000006 0x00670C 2
10.23.1.2       10.23.1.2       520         0x80000007 0x00D6DD 1
10.23.1.3       10.23.1.3       533         0x80000003 0x00E1B8 1

                Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.12.1.1       10.23.1.2       521         0x80000001 0x00873A
10.23.1.3       10.23.1.3       533         0x80000001 0x00F2BF
↑LSA type5がない
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?