Hi,

can i somehow filter incoming and outgoing OSPF routes ? I did not found a prefix-list option in OSPF routing.
Thank you !

You cannot filter LSA's in a Link State Protocol, this breaks the design of the protocol itself. Every router in the OSPF area must maintain a copy of the same link state database.

Now that I have said that, there ARE vendors who have done some hacking to allow some filtering on OSPF, but once again, this is generally evil and goes against everything the architects were trying to accomplish.

Brian

Yes, i agree but the point is to filter the redistribution. For example i want to redistribute connected routes but not all. Than the LSD is the same on all machines in that area, and i just limited the redistribution of ,for example, private ip addresses:

router ospf 10
redistribute connected route-map connected
network 1.2.3.0/24 area 0
!
access-list 10 permit 1.1.1.0 0.0.0.255
access-list 10 permit 2.2.2.0 0.0.0.255
!
route-map connected permit 10
match ip address 10
set metric-type type-1

I think its not a hack , and it is very usefull....

Yeah, I didn't know you were filtering redistribution. Now if they will just support true ASBR..........hmm

I'm goin nuts with the lack of redistribution filtering Be real nice if they could finally code that in. I've run across another problem though with authentication. Had MD5 auth running on an OSPF net of about 5 mikrotiks running 2.8.11. Then the time came to bring in the cisco's (I don't trust mikrotik to run BGP yet). I brought them up into the network, and one of the cisco's managed to "eat" OSPF. For whatever reason, even though the area auth setting in the MT's was md5, they were running simple....??? Fun eh? Just wondering if anyone else has seen this bug or not. I had to reduce the authentication to none to get anything to run properly, which I'm severely unhappy about. I'm a pseudo paranoid kinda guy, especially when it's my network at stake....

-Kiwi