Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNP) > Discussions

_Communities

1282 Views 5 Replies Latest reply: Jan 12, 2012 10:14 AM by Brendan RSS

Currently Being Moderated

OSPF ASBR "distribute-list route-map" redistribution don't work

Jan 12, 2012 3:40 AM

Brendan 141 posts since
Feb 17, 2011

Getting this error:

 

R2(config-router)#distribute-list route-map MAP1 out rip

% OUT direction is not allowed in case of OSPF

 

 

Doing simple test on ASBR. Redistributing RIP into OSPF:

 

router ospf 1

log-adjacency-changes

redistribute rip subnets

network 192.168.2.0 0.0.0.255 area 0

distribute-list 1 out rip

router rip

version 2

network 192.168.1.0

no auto-summary

 

 

access-list 1 permit 10.10.10.0 0.0.0.255

!

route-map MAP1 permit 10

match ip address 1

 

 

First, I tried this command to filter redistributed routes:


R2(config-router)# distribute-list 1 out rip

R2(config-router)#


Using distribute-list with either access-lists or prefix-lists to filter routes works fine.

 

However, if I use route-map, it gives the error.

 

R2(config-router)#distribute-list route-map MAP1 out rip

% OUT direction is not allowed in case of OSPF

 

 

These are the choices:

 

R2(config-router)#distribute-list ?

  <1-199>      IP access list number

  <1300-2699>  IP expanded access list number

  WORD         Access-list name

  gateway      Filtering incoming updates based on gateway

  prefix       Filter prefixes in routing updates

  route-map    Filter prefixes based on the route-map

 

 

So, why can't I use route-map, when access/prefix lists work fine? I've been googling, and I see OSPF only allows "distribute-list out" on ASBR. This is an ASBR.

 

R2#sh ip proto | incl auto

  It is an autonomous system boundary router

 

I'm just curious why "distribute-list out" doesn't work with route-map for redistribution. Again, using access-list or prefix-list works fine with "distribute-list out" to filter redistributed routes. Testing on EIGRP shows using distribute-list route-map works fine.

 

 

Thanks!

  • Mike Gannon 483 posts since
    Jul 1, 2008

    I found this problem too:

    From testing it out on GNS with different IOS/models it appears you can only filter inbound updates in OSPF, where as EIGRP you can filter in or out.

     

    I imagine Cisco have maintained the syntax incase they want to change the options or just to make it easier to remember the configuration.

     

    You can set the distribute list up on the remote router as an inbound list and have the same effect

     

    Mike

  • normbeef 78 posts since
    Jun 4, 2009

    I believe that the reason OSPF "out" distribution lists are not required is that the LSA for a route itself cannot be suppressed (or filtered) by the outgoing distribution list. 

     

    Thus the filtering of OSPF routes should be done from an Inbound filter just before the route gets into the routing table.

     

    i.e.  EIGRP / RIP are classed as distance vector so they do not have a LSA database as such, thus they can be filtered outbound.

  • Vijay Swaminathan 491 posts since
    Aug 29, 2008

    Thanks Brendan for bringing this up..

     

    I guess the problem is something else. May be experts might comment more on this.

     

    Was curious to lab this up and noticed few strange behaviors.

     

    R1-------------------R2 ----------------- R3

     

    R1 has three loopbacks L1, L2 and L3 with ip's 1.1.1.1, 1.1.1.2,1.1.1.3

     

    runing RIP b/w R1 and R2 and OSPF b/w R2 and R3.

     

    the configuration at R2 is:

     

    REDISTROUTEr(config-router)#do sh run | s router ospf|ip prefix|route-map

    router ospf 1

    router-id 1.1.1.1

    log-adjacency-changes

    redistribute rip subnets

    ip prefix-list L1 seq 10 permit 1.1.1.1/32

    route-map Loopback1 permit 10

    match ip address prefix-list L1

     

    Question 1:

     

    When "distribute-list prefix L1 out rip"  is applied under the ospf routing process, then the filter is actually applied to the rip subnets received (similar to inbound filter) not sure why it is behaving this way.

     

    Before applying the distribute-list

     

    REDISTROUTEr(config-router)#do sh ip ospf dat | b Type-5

                    Type-5 AS External Link States

     

     

    Link ID         ADV Router      Age         Seq#       Checksum Tag

    1.1.1.1         1.1.1.1         675         0x80000002 0x0099FD 0

    1.1.1.2         1.1.1.1         618         0x80000001 0x009106 0

    1.1.1.3         1.1.1.1         618         0x80000001 0x00870F 0

    10.10.123.0     1.1.1.1         618         0x80000001 0x006EA1 0

    REDISTROUTEr(config-router)#

     

    After applying the distribute-list command:

     

    REDISTROUTEr(config-router)#do sh ip ospf dat | b Type-5

                    Type-5 AS External Link States

     

     

    Link ID         ADV Router      Age         Seq#       Checksum Tag

    1.1.1.1         1.1.1.1         721         0x80000002 0x0099FD 0

    REDISTROUTEr(config-router)#

     

    but when the same is applied through route-map, it does not work and the error is shown as % OUT direction is not allowed in case of OSPF

     

    Question 2:  Why is this not allowed?

     

    I understand that routers in the same area should have identical database. so we cannot apply filter within area in the outbound direction . but I guess still the filter can be applied in the inbound direction while receiving route from rip.. even that does not seem to work.

     

    REDISTROUTEr(config-router)#do sh run | s router ospf|ip prefix|route-map

    router ospf 1

    router-id 1.1.1.1

    log-adjacency-changes

    redistribute rip subnets

    distribute-list route-map Loopback1 in

    ip prefix-list L1 seq 10 permit 1.1.1.1/32

    route-map Loopback1 permit 10

    match ip address prefix-list L1

     

    The above configuration does not seem to fiter the inbound routes from rip.

     

    Any comments from the experts?

     

    -Vijay

     

    Message was edited by: Vijay Swaminathan

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)