Summary

This is a configuration example of an OSPF LSA type 3 filter in a simple network diagram. Make sure you have a good grasp of the in and out directions to which the filter will be applied.

Network Diagram

We will verify the area filter-list command, which filters LSA type 3 of OSPF, with the following network diagram.

Figure Network Diagram
Figure Network Diagram

The following is a summary of the routing table and LSDB for each router before configuring the filters.

R1 LSDB summary/Routing table

R1#show ip ospf database

            OSPF Router with ID (1.1.1.1) (Process ID 100)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         282         0x80000004 0x0021A0 2
2.2.2.2         2.2.2.2         619         0x80000004 0x00CF8C 2
3.3.3.3         3.3.3.3         317         0x80000006 0x00AF9F 2

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.13.0       1.1.1.1         277         0x80000001 0x00EA26
172.16.1.0      2.2.2.2         619         0x80000002 0x00C4B0
172.16.2.0      2.2.2.2         619         0x80000002 0x00B9BA
172.16.3.0      2.2.2.2         619         0x80000002 0x00AEC4
192.168.1.0     1.1.1.1         7           0x80000001 0x005667
192.168.1.0     3.3.3.3         307         0x80000001 0x007C49
192.168.2.0     1.1.1.1         7           0x80000001 0x004B71
192.168.2.0     3.3.3.3         307         0x80000001 0x007153
192.168.3.0     1.1.1.1         7           0x80000001 0x00407B
192.168.3.0     3.3.3.3         308         0x80000001 0x00665D

                Router Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         13          0x80000002 0x006954 2
3.3.3.3         3.3.3.3         11          0x80000004 0x008953 5

                Summary Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.12.0       1.1.1.1         284         0x80000001 0x00F51C
172.16.1.0      1.1.1.1         284         0x80000001 0x0082E7
172.16.2.0      1.1.1.1         284         0x80000001 0x0077F1
172.16.3.0      1.1.1.1         284         0x80000001 0x006CFB
R1#show ip route
-- omitted --
Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 3 subnets
O IA    172.16.1.0 [110/782] via 10.1.12.2, 00:00:28, Serial1/0
O IA    172.16.2.0 [110/782] via 10.1.12.2, 00:00:28, Serial1/0
O IA    172.16.3.0 [110/782] via 10.1.12.2, 00:00:28, Serial1/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.1.13.0 is directly connected, Serial1/1
C       10.1.12.0 is directly connected, Serial1/0
O    192.168.1.0/24 [110/782] via 10.1.13.3, 00:00:28, Serial1/1
O    192.168.2.0/24 [110/782] via 10.1.13.3, 00:00:28, Serial1/1
O    192.168.3.0/24 [110/782] via 10.1.13.3, 00:00:30, Serial1/1

R2 LSDB summary/Routing table

R2#show ip ospf database

            OSPF Router with ID (2.2.2.2) (Process ID 100)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         340         0x80000004 0x0021A0 2
2.2.2.2         2.2.2.2         675         0x80000004 0x00CF8C 2
3.3.3.3         3.3.3.3         375         0x80000006 0x00AF9F 2

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.13.0       1.1.1.1         335         0x80000001 0x00EA26
172.16.1.0      2.2.2.2         675         0x80000002 0x00C4B0
172.16.2.0      2.2.2.2         675         0x80000002 0x00B9BA
172.16.3.0      2.2.2.2         675         0x80000002 0x00AEC4
192.168.1.0     1.1.1.1         65          0x80000001 0x005667
192.168.1.0     3.3.3.3         365         0x80000001 0x007C49
192.168.2.0     1.1.1.1         65          0x80000001 0x004B71
192.168.2.0     3.3.3.3         365         0x80000001 0x007153
192.168.3.0     1.1.1.1         65          0x80000001 0x00407B
192.168.3.0     3.3.3.3         366         0x80000001 0x00665D

                Router Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum Link count
2.2.2.2         2.2.2.2         676         0x80000003 0x004977 3

                Summary Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.12.0       2.2.2.2         677         0x80000002 0x00BA22
10.1.13.0       2.2.2.2         330         0x80000004 0x004980
192.168.1.0     2.2.2.2         66          0x80000001 0x00BABE
192.168.2.0     2.2.2.2         66          0x80000001 0x00AFC8
192.168.3.0     2.2.2.2         66          0x80000001 0x00A4D2
R2#show ip rou
R2#show ip route
-- omitted --
Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 3 subnets
C       172.16.1.0 is directly connected, Loopback0
C       172.16.2.0 is directly connected, Loopback1
C       172.16.3.0 is directly connected, Loopback2
     10.0.0.0/24 is subnetted, 2 subnets
O IA    10.1.13.0 [110/845] via 10.1.12.1, 00:05:40, Serial0/0
C       10.1.12.0 is directly connected, Serial0/0
O IA 192.168.1.0/24 [110/846] via 10.1.12.1, 00:01:10, Serial0/0
O IA 192.168.2.0/24 [110/846] via 10.1.12.1, 00:01:10, Serial0/0
O IA 192.168.3.0/24 [110/846] via 10.1.12.1, 00:01:11, Serial0/0

R3 LSDB summary/Routing table

R3#show ip ospf database

       OSPF Router with ID (3.3.3.3) (Process ID 100)


                Router Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         6           0x80000004 0x6556   2
3.3.3.3         3.3.3.3         4           0x80000002 0x8D51   5

                Summary Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.12.0       1.1.1.1         409         0x80000001 0xF51C
172.16.1.0      1.1.1.1         409         0x80000001 0x82E7
172.16.2.0      1.1.1.1         410         0x80000001 0x77F1
172.16.3.0      1.1.1.1         410         0x80000001 0x6CFB
R3#show ip route
-- omitted --
Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 3 subnets
O IA    172.16.1.0 [110/846] via 10.1.13.1, 00:00:00, Serial0/0
O IA    172.16.2.0 [110/846] via 10.1.13.1, 00:00:00, Serial0/0
O IA    172.16.3.0 [110/846] via 10.1.13.1, 00:00:00, Serial0/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.1.13.0 is directly connected, Serial0/0
O IA    10.1.12.0 [110/845] via 10.1.13.1, 00:00:00, Serial0/0
C    192.168.1.0/24 is directly connected, Loopback0
C    192.168.2.0/24 is directly connected, Loopback1
C    192.168.3.0/24 is directly connected, Loopback2

From this state, we will use the area filter-list command on R1 and R2 to filter LSA type 3.

R1 area filter-list prefix in

On R1, filter for LSA type 3 based on the following condition.

  • Ensure that only 10.1.12.0/24 and 172.16.2.0/24 are generated as LSA type 3 for LSDB of area 1.

R1 is the ABR of Area 0 and Area 1. Therefore, R1 generates LSA type 3 from the LSDB of area 0 into the LSDB of area 1. Currently, R1 generates the following four LSA type 3s

  • 10.1.12.0/24
  • 172.16.1.0/24
  • 172.16.2.0/24
  • 172.16.3.0/24

The LSA type 3 generated in the LSDB of area 1 in R1 is synchronized with the LSDB of R3, so R3 also has the above four LSA type 3s. Filter this so that there are only the following two.

  • 10.1.12.0/24
  • 172.16.2.0/24

Apply the area filter-list command in area 1 in, since this is the filter used to generate the LSDB in area 1. On R1, configure as follows.

R1 are filter-list prefix in

ip prefix-list AAA seq 5 permit 10.1.12.0/24
ip prefix-list AAA seq 10 permit 172.16.2.0/24
!
router ospf 100
 area 1 filter-list prefix AAA in

Figure LSA Type3 filter on R1
Figure LSA Type3 filter on R1

After configuring the filter, look at the LSDB summary on R1.

R1 LSDB summary (After applying filter)

R1#show ip ospf database

            OSPF Router with ID (1.1.1.1) (Process ID 100)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         1073        0x80000004 0x0021A0 2
2.2.2.2         2.2.2.2         1411        0x80000004 0x00CF8C 2
3.3.3.3         3.3.3.3         1108        0x80000006 0x00AF9F 2

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.13.0       1.1.1.1         1068        0x80000001 0x00EA26
172.16.1.0      2.2.2.2         1411        0x80000002 0x00C4B0
172.16.2.0      2.2.2.2         1411        0x80000002 0x00B9BA
172.16.3.0      2.2.2.2         1411        0x80000002 0x00AEC4
192.168.1.0     1.1.1.1         661         0x80000001 0x005667
192.168.1.0     3.3.3.3         1098        0x80000001 0x007C49
192.168.2.0     1.1.1.1         661         0x80000001 0x004B71
192.168.2.0     3.3.3.3         1098        0x80000001 0x007153
192.168.3.0     1.1.1.1         661         0x80000001 0x00407B
192.168.3.0     3.3.3.3         1099        0x80000001 0x00665D

                Router Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         671         0x80000004 0x006556 2
3.3.3.3         3.3.3.3         667         0x80000005 0x008754 5

                Summary Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.12.0       1.1.1.1         1075        0x80000001 0x00F51C
172.16.2.0      1.1.1.1         1075        0x80000001 0x0077F1

We can see that only the following two are generated as LSA type 3 in the LSDB of area 1 of R1.

  • 10.1.12.0/24
  • 172.16.2.0/24

The LSDB in this area 1 will be synchronized with R3; on R3, the LSDB summary after applying the filter will look like this

R3 LSDB summary (After applying filter)

R3#show ip ospf database

       OSPF Router with ID (3.3.3.3) (Process ID 100)


                Router Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         743         0x80000004 0x6556   2
3.3.3.3         3.3.3.3         736         0x80000005 0x8754   5

                Summary Net Link States (Area 1)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.12.0       1.1.1.1         1147        0x80000001 0xF51C
172.16.2.0      1.1.1.1         1147        0x80000001 0x77F1

Thus, R3, like R1, registers only the following two as LSA type 3.

  • 10.1.12.0/24
  • 172.16.2.0/24

These two routes will then be registered in the routing table on R3 as O IA routes.

R3 Routing table(After applying filter)

R3#show ip route
-- omitted --
Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 1 subnets
O IA    172.16.2.0 [110/846] via 10.1.13.1, 00:13:32, Serial0/0
     10.0.0.0/24 is subnetted, 2 subnets
C       10.1.13.0 is directly connected, Serial0/0
O IA    10.1.12.0 [110/845] via 10.1.13.1, 00:13:32, Serial0/0
C    192.168.1.0/24 is directly connected, Loopback0
C    192.168.2.0/24 is directly connected, Loopback1
C    192.168.3.0/24 is directly connected, Loopback2

We can also verify the application of the area filter-list by using show ip ospf on R1.

R1 show ip ospf

R1#show ip ospf
 Routing Process "ospf 100" with ID 1.1.1.1
-- omitted --
    Area BACKBONE(0)
        Number of interfaces in this area is 1
        Area has no authentication
        SPF algorithm last executed 00:07:00.544 ago
        SPF algorithm executed 8 times
        Area ranges are
        Number of LSA 13. Checksum Sum 0x06EE6B
        Number of opaque link LSA 0. Checksum Sum 0x000000
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0
    Area 1
        Number of interfaces in this area is 1
        Area has no authentication
        SPF algorithm last executed 00:14:22.528 ago
        SPF algorithm executed 5 times
        Area ranges are
        Area-filter AAA in
        Number of LSA 4. Checksum Sum 0x0259B7
        Number of opaque link LSA 0. Checksum Sum 0x000000
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0


R2 area filter-list prefix out

Next, filter the LSA type 3 based on the following conditions on R2.

  • R2 generates only 172.16.2.0/24 as LSA type 3 for LSDB of area 0.

R2 is the ABR for Area 2 and Area 0. R2 generates LSA type 3 in the LSDB of area 0 from the LSDB of area 2. there are three LSA type 3 in the LSDB of area 0 generated by R2.

  • 172.16.1.0/24
  • 172.16.2.0/24
  • 172.16.3.0/24

Make this only 172.16.2.0/24 by using area filter-list. Apply the area filter-list in area 2 out, since the filter is performed when generating LSA type 3 from LSDB of area 2 to LSDB of area 0. On R2, configure as follows.

R2 area filter-list prefix out

ip prefix-list BBB permit 172.16.2.0/24
!
router ospf 100
 area 2 filter-list prefix BBB out

Figure LSA Type3 filter on R2
Figure LSA Type3 filter on R2

After configuring the filters, look at the LSDB summary on R2.

R2 LSDB summary(After applying filter)

R2#sh ip ospf database

            OSPF Router with ID (2.2.2.2) (Process ID 100)

                Router Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum Link count
1.1.1.1         1.1.1.1         120         0x80000006 0x001DA2 2
2.2.2.2         2.2.2.2         7           0x80000008 0x00C790 2

                Summary Net Link States (Area 0)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.13.0       1.1.1.1         766         0x80000003 0x00E628
172.16.2.0      2.2.2.2         5           0x80000001 0x00BBB9
192.168.1.0     1.1.1.1         766         0x80000003 0x005269
192.168.2.0     1.1.1.1         766         0x80000003 0x004773
192.168.3.0     1.1.1.1         766         0x80000003 0x003C7D

                Router Link States (Area 2)

Link ID         ADV Router      Age         Seq#       Checksum Link count
2.2.2.2         2.2.2.2         7           0x80000003 0x004977 3

                Summary Net Link States (Area 2)

Link ID         ADV Router      Age         Seq#       Checksum
10.1.12.0       2.2.2.2         8           0x80000002 0x00BA22
10.1.13.0       2.2.2.2         11          0x80000002 0x004D7E
192.168.1.0     2.2.2.2         12          0x80000002 0x00B8BF
192.168.2.0     2.2.2.2         12          0x80000002 0x00ADC9
192.168.3.0     2.2.2.2         12          0x80000002 0x00A2D3

This shows that the LSDB of area 0 has only the following as LSA type 3 generated by R2.

  • 172.16.2.0/24

Also, if we look at show ip ospf on R2, we can see that the area filter-list is applied in area 2 out.

R2 show ip ospf

R2#show ip ospf
 Routing Process "ospf 100" with ID 2.2.2.2
--omitted --
    Area BACKBONE(0)
        Number of interfaces in this area is 1
        Area has no authentication
        SPF algorithm last executed 00:01:40.708 ago
        SPF algorithm executed 6 times
        Area ranges are
        Number of LSA 7. Checksum Sum 0x053192
        Number of opaque link LSA 0. Checksum Sum 0x000000
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0
    Area 2
        Number of interfaces in this area is 3
        Area has no authentication
        SPF algorithm last executed 00:01:42.256 ago
        SPF algorithm executed 5 times
        Area ranges are
        Area-filter BBB out
        Number of LSA 6. Checksum Sum 0x035A72
        Number of opaque link LSA 0. Checksum Sum 0x000000
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0

How the OSPF works