Table of Contents
Summary
This is a configuration example of an OSPF LSA type 3 filter in a simple network diagram. Make sure you have a good grasp of the in and out directions to which the filter will be applied.
Related article
Please see the following article for more information about LSA Type 3 filter concepts and command formats.
Network Diagram
We will verify the area filter-list command, which filters LSA type 3 of OSPF, with the following network diagram.
The following is a summary of the routing table and LSDB for each router before configuring the filters.
R1 LSDB summary/Routing table
R1#show ip ospf database OSPF Router with ID (1.1.1.1) (Process ID 100) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 282 0x80000004 0x0021A0 2 2.2.2.2 2.2.2.2 619 0x80000004 0x00CF8C 2 3.3.3.3 3.3.3.3 317 0x80000006 0x00AF9F 2 Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.1.13.0 1.1.1.1 277 0x80000001 0x00EA26 172.16.1.0 2.2.2.2 619 0x80000002 0x00C4B0 172.16.2.0 2.2.2.2 619 0x80000002 0x00B9BA 172.16.3.0 2.2.2.2 619 0x80000002 0x00AEC4 192.168.1.0 1.1.1.1 7 0x80000001 0x005667 192.168.1.0 3.3.3.3 307 0x80000001 0x007C49 192.168.2.0 1.1.1.1 7 0x80000001 0x004B71 192.168.2.0 3.3.3.3 307 0x80000001 0x007153 192.168.3.0 1.1.1.1 7 0x80000001 0x00407B 192.168.3.0 3.3.3.3 308 0x80000001 0x00665D Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 13 0x80000002 0x006954 2 3.3.3.3 3.3.3.3 11 0x80000004 0x008953 5 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 10.1.12.0 1.1.1.1 284 0x80000001 0x00F51C 172.16.1.0 1.1.1.1 284 0x80000001 0x0082E7 172.16.2.0 1.1.1.1 284 0x80000001 0x0077F1 172.16.3.0 1.1.1.1 284 0x80000001 0x006CFB R1#show ip route -- omitted -- Gateway of last resort is not set 172.16.0.0/24 is subnetted, 3 subnets O IA 172.16.1.0 [110/782] via 10.1.12.2, 00:00:28, Serial1/0 O IA 172.16.2.0 [110/782] via 10.1.12.2, 00:00:28, Serial1/0 O IA 172.16.3.0 [110/782] via 10.1.12.2, 00:00:28, Serial1/0 10.0.0.0/24 is subnetted, 2 subnets C 10.1.13.0 is directly connected, Serial1/1 C 10.1.12.0 is directly connected, Serial1/0 O 192.168.1.0/24 [110/782] via 10.1.13.3, 00:00:28, Serial1/1 O 192.168.2.0/24 [110/782] via 10.1.13.3, 00:00:28, Serial1/1 O 192.168.3.0/24 [110/782] via 10.1.13.3, 00:00:30, Serial1/1
R2 LSDB summary/Routing table
R2#show ip ospf database OSPF Router with ID (2.2.2.2) (Process ID 100) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 340 0x80000004 0x0021A0 2 2.2.2.2 2.2.2.2 675 0x80000004 0x00CF8C 2 3.3.3.3 3.3.3.3 375 0x80000006 0x00AF9F 2 Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.1.13.0 1.1.1.1 335 0x80000001 0x00EA26 172.16.1.0 2.2.2.2 675 0x80000002 0x00C4B0 172.16.2.0 2.2.2.2 675 0x80000002 0x00B9BA 172.16.3.0 2.2.2.2 675 0x80000002 0x00AEC4 192.168.1.0 1.1.1.1 65 0x80000001 0x005667 192.168.1.0 3.3.3.3 365 0x80000001 0x007C49 192.168.2.0 1.1.1.1 65 0x80000001 0x004B71 192.168.2.0 3.3.3.3 365 0x80000001 0x007153 192.168.3.0 1.1.1.1 65 0x80000001 0x00407B 192.168.3.0 3.3.3.3 366 0x80000001 0x00665D Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 2.2.2.2 2.2.2.2 676 0x80000003 0x004977 3 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 10.1.12.0 2.2.2.2 677 0x80000002 0x00BA22 10.1.13.0 2.2.2.2 330 0x80000004 0x004980 192.168.1.0 2.2.2.2 66 0x80000001 0x00BABE 192.168.2.0 2.2.2.2 66 0x80000001 0x00AFC8 192.168.3.0 2.2.2.2 66 0x80000001 0x00A4D2 R2#show ip rou R2#show ip route -- omitted -- Gateway of last resort is not set 172.16.0.0/24 is subnetted, 3 subnets C 172.16.1.0 is directly connected, Loopback0 C 172.16.2.0 is directly connected, Loopback1 C 172.16.3.0 is directly connected, Loopback2 10.0.0.0/24 is subnetted, 2 subnets O IA 10.1.13.0 [110/845] via 10.1.12.1, 00:05:40, Serial0/0 C 10.1.12.0 is directly connected, Serial0/0 O IA 192.168.1.0/24 [110/846] via 10.1.12.1, 00:01:10, Serial0/0 O IA 192.168.2.0/24 [110/846] via 10.1.12.1, 00:01:10, Serial0/0 O IA 192.168.3.0/24 [110/846] via 10.1.12.1, 00:01:11, Serial0/0
R3 LSDB summary/Routing table
R3#show ip ospf database OSPF Router with ID (3.3.3.3) (Process ID 100) Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 6 0x80000004 0x6556 2 3.3.3.3 3.3.3.3 4 0x80000002 0x8D51 5 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 10.1.12.0 1.1.1.1 409 0x80000001 0xF51C 172.16.1.0 1.1.1.1 409 0x80000001 0x82E7 172.16.2.0 1.1.1.1 410 0x80000001 0x77F1 172.16.3.0 1.1.1.1 410 0x80000001 0x6CFB R3#show ip route -- omitted -- Gateway of last resort is not set 172.16.0.0/24 is subnetted, 3 subnets O IA 172.16.1.0 [110/846] via 10.1.13.1, 00:00:00, Serial0/0 O IA 172.16.2.0 [110/846] via 10.1.13.1, 00:00:00, Serial0/0 O IA 172.16.3.0 [110/846] via 10.1.13.1, 00:00:00, Serial0/0 10.0.0.0/24 is subnetted, 2 subnets C 10.1.13.0 is directly connected, Serial0/0 O IA 10.1.12.0 [110/845] via 10.1.13.1, 00:00:00, Serial0/0 C 192.168.1.0/24 is directly connected, Loopback0 C 192.168.2.0/24 is directly connected, Loopback1 C 192.168.3.0/24 is directly connected, Loopback2
From this state, we will use the area filter-list command on R1 and R2 to filter LSA type 3.
R1 area filter-list prefix in
On R1, filter for LSA type 3 based on the following condition.
- Ensure that only 10.1.12.0/24 and 172.16.2.0/24 are generated as LSA type 3 for LSDB of area 1.
R1 is the ABR of Area 0 and Area 1. Therefore, R1 generates LSA type 3 from the LSDB of area 0 into the LSDB of area 1. Currently, R1 generates the following four LSA type 3s
- 10.1.12.0/24
- 172.16.1.0/24
- 172.16.2.0/24
- 172.16.3.0/24
The LSA type 3 generated in the LSDB of area 1 in R1 is synchronized with the LSDB of R3, so R3 also has the above four LSA type 3s. Filter this so that there are only the following two.
- 10.1.12.0/24
- 172.16.2.0/24
Apply the area filter-list command in area 1 in, since this is the filter used to generate the LSDB in area 1. On R1, configure as follows.
R1 are filter-list prefix in
ip prefix-list AAA seq 5 permit 10.1.12.0/24 ip prefix-list AAA seq 10 permit 172.16.2.0/24 ! router ospf 100 area 1 filter-list prefix AAA in
After configuring the filter, look at the LSDB summary on R1.
R1 LSDB summary (After applying filter)
R1#show ip ospf database OSPF Router with ID (1.1.1.1) (Process ID 100) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 1073 0x80000004 0x0021A0 2 2.2.2.2 2.2.2.2 1411 0x80000004 0x00CF8C 2 3.3.3.3 3.3.3.3 1108 0x80000006 0x00AF9F 2 Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.1.13.0 1.1.1.1 1068 0x80000001 0x00EA26 172.16.1.0 2.2.2.2 1411 0x80000002 0x00C4B0 172.16.2.0 2.2.2.2 1411 0x80000002 0x00B9BA 172.16.3.0 2.2.2.2 1411 0x80000002 0x00AEC4 192.168.1.0 1.1.1.1 661 0x80000001 0x005667 192.168.1.0 3.3.3.3 1098 0x80000001 0x007C49 192.168.2.0 1.1.1.1 661 0x80000001 0x004B71 192.168.2.0 3.3.3.3 1098 0x80000001 0x007153 192.168.3.0 1.1.1.1 661 0x80000001 0x00407B 192.168.3.0 3.3.3.3 1099 0x80000001 0x00665D Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 671 0x80000004 0x006556 2 3.3.3.3 3.3.3.3 667 0x80000005 0x008754 5 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 10.1.12.0 1.1.1.1 1075 0x80000001 0x00F51C 172.16.2.0 1.1.1.1 1075 0x80000001 0x0077F1
We can see that only the following two are generated as LSA type 3 in the LSDB of area 1 of R1.
- 10.1.12.0/24
- 172.16.2.0/24
The LSDB in this area 1 will be synchronized with R3; on R3, the LSDB summary after applying the filter will look like this
R3 LSDB summary (After applying filter)
R3#show ip ospf database OSPF Router with ID (3.3.3.3) (Process ID 100) Router Link States (Area 1) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 743 0x80000004 0x6556 2 3.3.3.3 3.3.3.3 736 0x80000005 0x8754 5 Summary Net Link States (Area 1) Link ID ADV Router Age Seq# Checksum 10.1.12.0 1.1.1.1 1147 0x80000001 0xF51C 172.16.2.0 1.1.1.1 1147 0x80000001 0x77F1
Thus, R3, like R1, registers only the following two as LSA type 3.
- 10.1.12.0/24
- 172.16.2.0/24
These two routes will then be registered in the routing table on R3 as O IA routes.
R3 Routing table(After applying filter)
R3#show ip route -- omitted -- Gateway of last resort is not set 172.16.0.0/24 is subnetted, 1 subnets O IA 172.16.2.0 [110/846] via 10.1.13.1, 00:13:32, Serial0/0 10.0.0.0/24 is subnetted, 2 subnets C 10.1.13.0 is directly connected, Serial0/0 O IA 10.1.12.0 [110/845] via 10.1.13.1, 00:13:32, Serial0/0 C 192.168.1.0/24 is directly connected, Loopback0 C 192.168.2.0/24 is directly connected, Loopback1 C 192.168.3.0/24 is directly connected, Loopback2
We can also verify the application of the area filter-list by using show ip ospf on R1.
R1 show ip ospf
R1#show ip ospf Routing Process "ospf 100" with ID 1.1.1.1 -- omitted -- Area BACKBONE(0) Number of interfaces in this area is 1 Area has no authentication SPF algorithm last executed 00:07:00.544 ago SPF algorithm executed 8 times Area ranges are Number of LSA 13. Checksum Sum 0x06EE6B Number of opaque link LSA 0. Checksum Sum 0x000000 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0 Area 1 Number of interfaces in this area is 1 Area has no authentication SPF algorithm last executed 00:14:22.528 ago SPF algorithm executed 5 times Area ranges are Area-filter AAA in Number of LSA 4. Checksum Sum 0x0259B7 Number of opaque link LSA 0. Checksum Sum 0x000000 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0
R2 area filter-list prefix out
Next, filter the LSA type 3 based on the following conditions on R2.
- R2 generates only 172.16.2.0/24 as LSA type 3 for LSDB of area 0.
R2 is the ABR for Area 2 and Area 0. R2 generates LSA type 3 in the LSDB of area 0 from the LSDB of area 2. there are three LSA type 3 in the LSDB of area 0 generated by R2.
- 172.16.1.0/24
- 172.16.2.0/24
- 172.16.3.0/24
Make this only 172.16.2.0/24 by using area filter-list. Apply the area filter-list in area 2 out, since the filter is performed when generating LSA type 3 from LSDB of area 2 to LSDB of area 0. On R2, configure as follows.
R2 area filter-list prefix out
ip prefix-list BBB permit 172.16.2.0/24 ! router ospf 100 area 2 filter-list prefix BBB out
After configuring the filters, look at the LSDB summary on R2.
R2 LSDB summary(After applying filter)
R2#sh ip ospf database OSPF Router with ID (2.2.2.2) (Process ID 100) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 1.1.1.1 1.1.1.1 120 0x80000006 0x001DA2 2 2.2.2.2 2.2.2.2 7 0x80000008 0x00C790 2 Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 10.1.13.0 1.1.1.1 766 0x80000003 0x00E628 172.16.2.0 2.2.2.2 5 0x80000001 0x00BBB9 192.168.1.0 1.1.1.1 766 0x80000003 0x005269 192.168.2.0 1.1.1.1 766 0x80000003 0x004773 192.168.3.0 1.1.1.1 766 0x80000003 0x003C7D Router Link States (Area 2) Link ID ADV Router Age Seq# Checksum Link count 2.2.2.2 2.2.2.2 7 0x80000003 0x004977 3 Summary Net Link States (Area 2) Link ID ADV Router Age Seq# Checksum 10.1.12.0 2.2.2.2 8 0x80000002 0x00BA22 10.1.13.0 2.2.2.2 11 0x80000002 0x004D7E 192.168.1.0 2.2.2.2 12 0x80000002 0x00B8BF 192.168.2.0 2.2.2.2 12 0x80000002 0x00ADC9 192.168.3.0 2.2.2.2 12 0x80000002 0x00A2D3
This shows that the LSDB of area 0 has only the following as LSA type 3 generated by R2.
- 172.16.2.0/24
Also, if we look at show ip ospf on R2, we can see that the area filter-list is applied in area 2 out.
R2 show ip ospf
R2#show ip ospf Routing Process "ospf 100" with ID 2.2.2.2 --omitted -- Area BACKBONE(0) Number of interfaces in this area is 1 Area has no authentication SPF algorithm last executed 00:01:40.708 ago SPF algorithm executed 6 times Area ranges are Number of LSA 7. Checksum Sum 0x053192 Number of opaque link LSA 0. Checksum Sum 0x000000 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0 Area 2 Number of interfaces in this area is 3 Area has no authentication SPF algorithm last executed 00:01:42.256 ago SPF algorithm executed 5 times Area ranges are Area-filter BBB out Number of LSA 6. Checksum Sum 0x035A72 Number of opaque link LSA 0. Checksum Sum 0x000000 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 0 Flood list length 0
How the OSPF works
- OSPF Overview
- OSPF process flow
- OSPF Router ID : Identify OSPF routers
- What if the router ID of the OSPF router is duplicated?
- OSPF Neighbor and Adjacency
- OSPF DR/BDR
- How show ip ospf neighbor looks on Ethernet
- OSPF Network Type : Classification of OSPF-enabled interfaces
- Synchronization process of OSPF LSDB
- Problems with large-scale OSPF network
- OSPF Area – Inside the area, in detail; outside the area, just a summary
- OSPF Router Type
- OSPF LSA Type
- OSPF Area Type
- OSPF Basic Configuration and Verification Commands
- Details of enabling OSPF on the interface
- OSPF Advertising Loopback Interface
- Configuring and Verifying OSPF Hello/Dead interval
- OSPF Cost Configuration and Verification
- Configuring and Verifying OSPF Router Priority
- Configuring OSPF Neighbor Authentication
- Neighbor Authentication over Virtual-link
- OSPF Configuring and Verifying Stub area [Cisco]
- OSPF Stub Area Configuration Example [Cisco]
- OSPF default route generation : default-information originate command
- Configuration Example of OSPF default route generation : stub area
- OSPF Virtual-Link : Virtual area 0 point-to-point link
- Configuring and Verifying OSPF Virtual-link [Cisco]
- OSPF Virtual-link Configuration Example [Cisco]
- OSPF Virtual-link for discontinuous backbone configuration example
- OSPF Route Summary and Configuration
- Cisco OSPF Route Summary Configuration Example
- OSPF Route Type Preference
- Why the OSPF neighbor state gets stuck in Exstart?
- OSPF packet type and header format
- OSPF Hello Packet
- OSPF DD(Database Description) Packet
- OSPF LSR(Link State Request) Packet
- OSPF LSU(Link State Update) Packet
- OSPF LSAck(Link State Acknowledgement) Packet
- Limitation of OSPF redistribution routes – redistribute maximum-prefix command
- Overview of LSA Filters for OSPF – Filter LSA Type 3/Type 5
- Configuration example of LSA type 3 filter
- Configuration example of LSA type 5 filter
- OSPFv3 Configuration Example [Cisco]
- Configuration Example of OSPFv3 Route Summary [Cisco]