distribute-list gateway with OSPF

The following example is showing how to use distribute-list with the gateway option for inbound route filtering  in OSPF. The diagram below shows R1 directly connected to R2 with OSPF configured between them.

Initial Configuration:

!-- R1 OSPF configuration
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
network 172.16.12.1 0.0.0.0 area 0
network 172.16.101.1 0.0.0.0 area 0   !-- R1's Loopback0
network 10.10.10.1 0.0.0.0 area 0     !-- R1's Loopback1
!-- R2 OSPF configuration
router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 network 172.16.12.2 0.0.0.0 area 0
 network 172.16.102.1 0.0.0.0 area 0   !-- R2's Loopback0

!-- Routing tables

R1(config-router)#do sh ip route ospf
     172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
O       172.16.102.1/32 [110/2] via 172.16.12.2, 00:14:12, FastEthernet0/0.12

R2(config-router)#do sh ip route ospf
         172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
O       172.16.101.1/32 [110/2] via 172.16.12.1, 00:00:07, FastEthernet0/0.12
     10.0.0.0/32 is subnetted, 1 subnets
O       10.10.10.1 [110/2] via 172.16.12.1, 00:00:07, FastEthernet0/0.12

Now I am going to apply a distribute-list to filter R1's Loopback0 (172.16.101.1/32) specially from R1 using the gateway option.

R2(config)#ip prefix-list Loop deny 172.16.101.1/32
R2(config)#ip prefix-list Loop permit 0.0.0.0/0 le 32
R2(config)#
R2(config)#ip prefix-list R1 permit 172.16.12.1/32
R2(config)#
R2(config)#router ospf 1
R2(config-router)#distribute-list prefix Loop gateway R1 in

!-- verification; as shown 172.16.101.1/32 is filtered

R2(config-router)#do sh ip route ospf
     10.0.0.0/32 is subnetted, 1 subnets
O       10.10.10.1 [110/2] via 172.16.12.1, 00:00:05, FastEthernet0/0.12

I just want to spot one point here; the gateway option uses the Next-Hop address of the route and not the router-id as used in the distance command.

Check Also

Best AI tools list