Problem with understanding ospf-out filter
Posted: Thu Dec 05, 2013 4:53 pm
Hello All !
I need some help with understanding filtering rules in ospf-out chain.
For example, I have OSPF enabled board, with many /32 and /30 connected and static routes, that are in the same prefix, for example in 192.168.0.0/16, and some routes in other prefixes. I want to redistribute only those prefixes that are in prefix 192.168.0.0/16, so I build ospf-out filter:
0 chain=ospf-out prefix=192.168.0.0/16 prefix-length=16 invert-match=no
action=accept set-bgp-prepend-path=""
Nothing happens, board redistributes all connected/static routes in all prefixes.
Ok, I slightly change it, trying to deny everything else except of 0 rule:
0 chain=ospf-out prefix=192.168.0.0/16 prefix-length=16 invert-match=no
action=accept set-bgp-prepend-path=""
1 chain=ospf-out invert-match=no action=reject set-bgp-prepend-path=""
And now board totally stops to redistribute all external prefixes.
I tried to change first rule making prefix= without masklen, or with empty prefix-length=, but nothing happens, when I insert 1 rule with rejecting everything else I totally lost redistributing of external prefixes.
Reading WiKi about Routing filters doesn't help, I'm stuck.
Please give me a glue, how can I match all more specific routes within the same subnet, and deny everything else in ospf-out filter ?
I need some help with understanding filtering rules in ospf-out chain.
For example, I have OSPF enabled board, with many /32 and /30 connected and static routes, that are in the same prefix, for example in 192.168.0.0/16, and some routes in other prefixes. I want to redistribute only those prefixes that are in prefix 192.168.0.0/16, so I build ospf-out filter:
0 chain=ospf-out prefix=192.168.0.0/16 prefix-length=16 invert-match=no
action=accept set-bgp-prepend-path=""
Nothing happens, board redistributes all connected/static routes in all prefixes.
Ok, I slightly change it, trying to deny everything else except of 0 rule:
0 chain=ospf-out prefix=192.168.0.0/16 prefix-length=16 invert-match=no
action=accept set-bgp-prepend-path=""
1 chain=ospf-out invert-match=no action=reject set-bgp-prepend-path=""
And now board totally stops to redistribute all external prefixes.
I tried to change first rule making prefix= without masklen, or with empty prefix-length=, but nothing happens, when I insert 1 rule with rejecting everything else I totally lost redistributing of external prefixes.
Reading WiKi about Routing filters doesn't help, I'm stuck.
Please give me a glue, how can I match all more specific routes within the same subnet, and deny everything else in ospf-out filter ?