ScreenOS Firewalls (NOT SRX)
Reply
Trusted Contributor
ttl_expired
Posts: 429
Registered: ‎11-11-2008
0

Filtering OSPF route Advertisement

Hi All,

 

         I  have a Site to site SSG to SSG VPN connection which is doing OSPF.  My head office has about 500 routes due to all the remote offices.  All the remote offices have an this site to site connection with OSPF.  Essentially the Remote offices need the routes for a select few places but since OSPF is running the remote sites get all 500 routes in their routing table.  

 

        Is there a way I can filter and only send the 5-6 routes that are important throug the OSPF tunnel.  The filtering would happen on a SSG 550.

 

ps.  I dont want to just add statics at the remote sites because I actually have two SSG's with two different internets and OSPF calculates my failover.  Everything works great I would just like to make my routing tables smaller.

 

 

Thanks

Super Contributor
Cesar
Posts: 141
Registered: ‎11-18-2008
0

Re: Filtering OSPF route Advertisement

All OSPF neighbors in the same area have the same SPF database so you cannot send only 5 routes.

 

You can use mutiple areas and summarize routes coming from the backbone.

 

Hope this helps,

Cesar

 

Regular Visitor
Shafi
Posts: 6
Registered: ‎11-25-2008
0

Re: Filtering OSPF route Advertisement

Hello Cesar,

 

I think Site to Site VPN tunnels must be in Area 0. right?.

 

regards

Shaf

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.