I have been trying to configure ditribute-lists on an OSPF network in my GNS lab that prevent LAN routers from learning routes from other LAN routers, but they do not appear to have any affect when I apply them to the OSPF process.
If I try to apply the distribute-list to a fast ethernet interface I get the following error
R2(config-router)#distribute-list CORE_BLOCK out fastEthernet 0/0
% Interface not allowed with OUT for OSPF
NB: If you are looking at the GNS configs. I have configured area 1 as a totally stubby network, but am experimenting with distriburte-lists and route maps in area 2
Config I have tried to apply on R2 from global config mode
ip access-list standard CORE_BLOCK
! deny 172.16.0.0 included for clarity
deny 172.16.0.0 0.0.255.255
permit 10.0.0.0 0.255.255.255
router ospf 2222
distribute-list CORE_BLOCK out f0/0
OSPF is special, you cannot prevent the exchange of topology information (in this manner). You can only prevent the local (on the router where you configure the filter) OSPF process from adding the route to its table.
The distribute-list commands are supported in OSPF but work differently than distance-vector routing protocols such as Routing Information Protocol (RIP) and Enhanced Interior Gateway Routing Protocol (EIGRP). OSPF routes cannot be filtered from entering the OSPF database. The distribute-list in command only filters routes from entering the routing table; it does not prevent link-state packets from being propagated. Therefore, this command does not help conserve router memory, and it does not prohibit a router from propagating filtered routes to other routers.
Thanks & Regards,
Thank you Natraj,
I thought because I was communicating between areas the routes would be filtered.
But I need to think about the way LSAs are sent.
you can use area filter-list command to filter list between areas.
Will look into it as another avenue