First, list the error-prone points:
1. Configure on the ABR
2. Filter the calculated route, which will only affect the route learning of the router. Configure the inbound direction import in the ospf process view
3. Filter Type 3 LSAs , Will affect all downstream routers, configure the outbound direction in the area view of the incoming area, and will not filter the routes of the ABR itself
Experimental topology:
Experiment 1:
Configure filter-policy on R2 so that there is no route to 192.168.0.1/32 on R2, but it does not affect the routing table on R3
R1的配置:
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip add 1.1.1.1 24
[H3C-GigabitEthernet0/0]int lo0
[H3C-LoopBack0]ip add 192.168.0.1 32
[H3C-LoopBack0]int lo1
[H3C-LoopBack1]ip add 192.168.1.1 32
[H3C-LoopBack1]ospf 1 router-id 1.1.1.1
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]net 1.1.1.0 0.0.0.255
[H3C-ospf-1-area-0.0.0.0]net 192.168.0.1 0.0.0.0
[H3C-ospf-1-area-0.0.0.0]net 192.168.1.1 0.0.0.0
R2的配置:
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip add 1.1.1.2 24
[H3C-GigabitEthernet0/0]int g0/1
[H3C-GigabitEthernet0/1]ip add 1.1.2.2 24
[H3C-GigabitEthernet0/1]acl basic 2000
[H3C-acl-ipv4-basic-2000]rule 0 deny source 192.168.0.1 0.0.0.0
[H3C-acl-ipv4-basic-2000]rule 5 permit
[H3C-acl-ipv4-basic-2000]ospf 1 router-id 2.2.2.2
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]net 1.1.1.0 0.0.0.255
[H3C-ospf-1-area-0.0.0.0]area 1
[H3C-ospf-1-area-0.0.0.1]net 1.1.2.0 0.0.0.255
[H3C-ospf-1-area-0.0.0.1]quit
[H3C-ospf-1]filter-policy 2000 import
R3的配置:
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip add 1.1.2.3 24
[H3C-GigabitEthernet0/0]ospf 1 router-id 3.3.3.3
[H3C-ospf-1]area 1
[H3C-ospf-1-area-0.0.0.1]net 1.1.2.0 0.0.0.255
Observation of experimental phenomena:
1. Check the ospf routing table on R2, and notice that the filtering route will exist in the ospf routing table. This is a big pit. I didn’t know before, but thought it was a configuration error, and it took a long time to troubleshoot.
2. On R2 Check the routing table:
3. Observe the ospf routing table and ip routing table on R3
Conclusion:
1. When using filter-policy to filter routes, the ABR ip routing table will not have the filtered route, but the ospf routing table will have the filtered route . At the same time, it will not affect the ip and ospf routing tables of its downstream routers, such as R3 in the example.
Experiment 2:
Configure filter on R2 so that there is no route to 192.168.0.1/32 on R3
R1的配置:
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip add 1.1.1.1 24
[H3C-GigabitEthernet0/0]int lo0
[H3C-LoopBack0]ip add 192.168.0.1 32
[H3C-LoopBack0]int lo1
[H3C-LoopBack1]ip add 192.168.1.1 32
[H3C-LoopBack1]ospf 1 router-id 1.1.1.1
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]net 1.1.1.0 0.0.0.255
[H3C-ospf-1-area-0.0.0.0]net 192.168.0.1 0.0.0.0
[H3C-ospf-1-area-0.0.0.0]net 192.168.1.1 0.0.0.0
R2的配置:
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip add 1.1.1.2 24
[H3C-GigabitEthernet0/0]int g0/1
[H3C-GigabitEthernet0/1]ip add 1.1.2.2 24
[H3C-GigabitEthernet0/1]acl basic 2000
[H3C-acl-ipv4-basic-2000]rule 0 deny source 192.168.0.1 0.0.0.0
[H3C-acl-ipv4-basic-2000]rule 5 permit
[H3C-acl-ipv4-basic-2000]ospf 1 router-id 2.2.2.2
[H3C-ospf-1]area 0
[H3C-ospf-1-area-0.0.0.0]net 1.1.1.0 0.0.0.255
[H3C-ospf-1-area-0.0.0.0]filter 2000 export
[H3C-ospf-1-area-0.0.0.0]area 1
[H3C-ospf-1-area-0.0.0.1]net 1.1.2.0 0.0.0.255
R3的配置:
[H3C]int g0/0
[H3C-GigabitEthernet0/0]ip add 1.1.2.3 24
[H3C-GigabitEthernet0/0]ospf 1 router-id 3.3.3.3
[H3C-ospf-1]area 1
[H3C-ospf-1-area-0.0.0.1]net 1.1.2.0 0.0.0.255
Experimental phenomenon:
1. Observe the ip routing table and ospf routing table
on R2. 2. Observe the ip routing table and ospf routing table on R3.
Conclusion:
1. Use filter to filter the three types of LSAs, which will not affect the ip routing table of the ABR itself. And ospf routing table. The ip routing table and ospf routing table of routers in the outgoing area of the ABR will be affected