How to block LSA in ospf on L3 within same area?

  • 1
  • 1
  • Question
  • Updated 2 years ago
  • Answered
We have 6 extreme summit L3 460x switches in OSPF. One of them is connected to ISP. We want to block route advertisement of one subnet to ISP.
Photo of Shireesh Javkhedkar

Posted 2 years ago

  • 1
  • 1
Photo of Naresh

Naresh, Employee

  • 1,266 Points 1k badge 2x thumb

Hi Shireesh,

Please find the article “How to selectively filter routes in OSPF” using below link:

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-selectively-filter-or-manipulate-routes-in-OSPF

 

Note: please test it before  implementing on production switch.
Photo of Ron Huygens

Ron Huygens, Employee

  • 2,878 Points 2k badge 2x thumb
Please note, any change and refresh applied on that policy file will result in temporary withdrawal and then immediate re-advertising of the routes.
Something you should be aware of.
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi,

If the idea is to control LSA advertisement within the same area, using inter-area filter would not take effect since that would block only LSA Type-3 advertisement. The same is true for external-policy (Type-5), export policy (used for redistribution purpose) or even import policy that will take any action after receiving the LSA and before adding that to the routing table.

Unfortunately I guess there is not CLI to address this need (control OSPF routes within the same area). Hope someone can provide an alternative.
Photo of Kevin Kim

Kevin Kim, Employee

  • 2,266 Points 2k badge 2x thumb
Hi, 

To ensure that OSPF calculates best routes without causing any l3 routing loop, OSPF Routers should have the same picture of routing topology within the same area. I think the import policy could be an option to control OSPF routes within the same area in the case that you want to prevent particular ospf routes from being installed in the routing table. 
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
I believe the challenge is to avoid the routes to be advertised to the ISP. If that's true, the import policy would prevent the route to be added to the routing table, but the ISP would still see/receive those routes...

Shireesh, please share your thoughts so we can help you accordingly.

Thanks