Pic. 1 - Topology Diagram.
Task 1
Remove OSPF filtering applied in the previous lab.
Task 2
Configure OSPF filtering on R4, so that 10.0.2.2/32 does not show in its routing table. Do not use distribute-list to accomplish the goal.
Questions
Questions
- What is the process a router uses to pick the best path when more than one is available?
- What is an Administrative Distance?
- Are Administrative Distance (aka 'distance') values the same on multivendor routing equimpent?
Lab Solution
Solution configuration below:
Task 1
Remove OSPF filtering applied in the previous lab.
R4 Config:
!
no ip prefix-list DENY_R4_LO
!
no route-map BLOCK
!
router ospf 1
no distribute-list route-map BLOCK in
!
R4 Config:
!
no ip prefix-list DENY_R4_LO
!
no route-map BLOCK
!
router ospf 1
no distribute-list route-map BLOCK in
!
Task 2
Configure OSPF filtering on R4, so that 10.0.2.2/32 does not show in its routing table. Do not use distribute-list to accomplish the goal.
R4 Config:
!
access-list 1 permit 10.0.2.2
!
router ospf 1
distance 255 0.0.0.0 255.255.255.255 1
!
Notice!
Administrative Distance of 255 (highest possible number) is considered UNKNOWN. As such, cannot be used by the router as a valid path to a given destination.
Verification:
Study Drill
R4 Config:
!
access-list 1 permit 10.0.2.2
!
router ospf 1
distance 255 0.0.0.0 255.255.255.255 1
!
Notice!
Administrative Distance of 255 (highest possible number) is considered UNKNOWN. As such, cannot be used by the router as a valid path to a given destination.
Verification:
Pic. 2 - ACL Got a Hit.
Pic.3 - Prefix 10.0.2.2/32 Removed from RT.
Pic. 4 - Prefix 10.0.2.2/32 Still Present in LSDB.
Study Drill
Recall that a router has pre-defined algorithm to pick the best path.
- If there is only one path (prefix) available, it is chosen as the best path.
- In case, there is more than one path available with the same prefix-length, the one with lower Administrative Distance is chosen.
- In case there is more that one longest match AND they have the same value of AD, the one with the lowest value of metric is chosen.
- In case all the above are the same, a router performs traffic sharing.
The value of Administrative Distance is arbitrarily set by a router's vendor. This is why, Cisco's AD will not be the same as Juniper's assigned values of AD on their routers. The value of 255 is considered UNKNOWN. Prefixes marked with this highest value cannot be considered by a router as a valid path.
Before you leave INTRA-AREA prefix filtering, try out 'distribute-list gateway prefix-list' command. See what it does. You can do the a quick test like this. Let me, display the current OSPF table on R4:
Pic. 5 - Current OSPF Routing Table.
Now, let's add the following filtering:
R4 Test config:
!
ip prefix-list FILTER_TEST seq 5 deny 10.0.1.1/32
ip prefix-list FILTER_TEST seq 10 permit 0.0.0.0/0 le 32
!
ip prefix-list R1 seq 5 permit 172.16.0.1/32
!
! Let's apply this in OSPF context
!
router ospf 1
log-adjacency-changes
network 172.16.0.0 0.0.0.255 area 0
distribute-list prefix FILTER_TEST gateway R1 in
!
Now, let's inspect the OSPF table on R4:
Pic. 6 - OSPF Routing Table with Filtering.
Do you see the difference? Looking at the topology diagram, can you guess what this filtering does?
Do not forget to remove this extra task before doing next lab.
