4 Replies Latest reply: Jan 6, 2016 7:25 AM by Aref - CCIE #62163 (Security) / CCNPx2 (R&S - Security) / Network+ / Security+ RSS

    OSPF Type 5 LSA filtering at ASBR

    farroar

      I have been practicing filtering in OSPF and have encountered a question I can't seem to answer.

       

      We can filter LSA type 3 and type 5. This can be done at an ABR for type 3 LSAs into and out of an area. This is done via the area X filter-list prefix command. I've read that the same is true for filtering type 5 LSAs at an ASBR, using the same method. But this doesn't seem to work in GNS3. Say I have a network of 10.0.12.0/24 in an EIGRP process that is configured on the ASBR. I want to filter the type 5 LSA for this network at the ASBR just like I did for the type 3 LSA at the ABR. I configured as follows:

       

       

      ip prefix-list filter deny 10.0.12.0/24

      ip prefix-list filter permit 0.0.0.0/0 le 32

       

      router ospf 1

      area 0 filter-list prefix filter in

       

      My thinking is that I am filtering the 10.0.12.0/24 network from going IN to area 0. When I apply this command, the type 5 LSA for this network still remains in the OSPF domain.

       

      The OCG mentions that type 5 LSAs can be filtered the same way that a type 3 is filtered. It then goes into detail on the configuration of a type 3 filter but not a type 5. How would we filter a type 5?

       

      Thanks!