Routing

Hi guys

I have OSPF running between 3 routers R1, R2, and R9 as shown in the attached diagram.

R2 advertises the directly connected subnets to both R1 and R9.

There is a specific subnet 10.20.30.0/24 directly connected to R1 and advertised to OSPF but I don't want R2 to install this subnet in its routing table although I still need it to reach R9 so its interfces should still OSPF passive.

To do that I configured a routing policy to reject that route and applied it as an import policy on R2, but it's still seen in the routing table.

The diagram has the topology, the configuration and the show routing table output, could you please advise regarding this?

Thanks in advance 🙂

yea that's the reason then , thanks for the information 🙂

yes, that largely answers, but I still need to know how I can acheive what I need to do then? how I can prevent this network to be advertised to R2?

Thanks in advance 🙂

Instead of doing passive interface, do a redistribution of the directly connected route with an export policy. This will allow you to filter it with an import policy in the other routers.

Ok, that can do the purpose, thanks 🙂

Is there another way to achieve this without removing this interface from ospf passive?

Instead of adding the interface, i think you can add the network addresses that have been configured on the interfaces, in place of the interface. I think that is possible. I thinbk screeni gave you the best answer. Any special why do want to keep the interface in OSPF?

I will need to make the interface stay have the OSPF coz I may enable no passive OSPF on that interface afterwards.

Let's consider that is the case, If I have this interface configured as no passive OSPF interface but I need NOT to advertise its network to R2, how can I achieve this?

Just for fun (coz i cant see any practical usage for this usecase) you can create non-forwarding routing instance (aka separate IGP process) and make custom import-policy for rib-group which will import from this routing-instance to the GRT only intended routes

tehnerd, thanks for the reply

you know that environments differ from each other, so this scenarion might be used in some networks for special reasons.

I'm interested to know how to accomplish this using the non-forwarding routing instance, so could you provide a sample configuration for that if possible.

Thanks 🙂

---

@tehnerd wrote:

Just for fun (coz i cant see any practical usage for this usecase) you can create non-forwarding routing instance (aka separate IGP process) and make custom import-policy for rib-group which will import from this routing-instance to the GRT only intended routes

---

i hope you know how rib-groups works (otherwise you must read the cfg guides).

the config will looks like:

#create rib groups 
set routing-options rib-groups NFRI2GRT import-rib NFRI.inet.0
set routing-options rib-groups NFRI2GRT import-rib inet.0
set routing-options rib-groups NFRI2GRT import-policy LEAK_NFRI2GRT
set routing-options rib-groups NFRI2GRT_IPV6 import-rib NFRI.inet6.0
set routing-options rib-groups NFRI2GRT_IPV6 import-rib inet6.0
set routing-options rib-groups NFRI2GRT_IPV6 import-policy LEAK_NFRI2GRT

#create leak policy for routes from non-forwarding to grt; this is simple leaking policy

#which accepts all the routes; you can modify it as you want; for example accept only ospf routers from

#specific route-filters

set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV4_ROUTES from protocol ospf
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV4_ROUTES to rib inet.0
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV4_ROUTES then tag 3
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV4_ROUTES then accept
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV6_ROUTES from protocol ospf3
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV6_ROUTES to rib inet6.0
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV6_ROUTES then tag 3
set policy-options policy-statement LEAK_NFRI2GRT term NFRI_IPV6_ROUTES then accept

set policy-options policy-statement LEAK_NFRI2GRT term DEFAULT_DENY then reject

#apply rib group to ospf's instance in this routing instance

set routing-instances NFRI instance-type no-forwarding

set routing-instances NFRI protocols ospf prefix-export-limit 1000
set routing-instances NFRI protocols ospf rib-group NFRI2GRT
set routing-instances NFRI protocols ospf database-protection maximum-lsa 20000

set routing-instances NFRI protocols ospf area 0.0.0.0 interface <intf to R2>

Hi.

I think you can use "network-summary-export", this command apply an export policy (policy defined in "policy-options policy-statement") that specifies which LSAs are flooded into an OSPF area.

http://www.juniper.net/techpubs/en_US/junos/topics/reference/configuration-statement/network-summary-export-edit-protocols-ospf.html

Best regards.

Mario Perez

The "network-summary-export" is used only to filter type 3 advertisement between 2 areas, so to take effect it should be applied on an ABR, but it will not be helpful in case of a single area.

---

@marioperezben2 wrote:

Hi.

I think you can use "network-summary-export", this command apply an export policy (policy defined in "policy-options policy-statement") that specifies which LSAs are flooded into an OSPF area.

 

http://www.juniper.net/techpubs/en_US/junos/topics/reference/configuration-statement/network-summary-export-edit-protocols-ospf.html

 

Best regards.

Mario Perez

---

You are right. I don´t know why I thought you uses two osfp areas.
Sorry about that.