Configuring an ospf distribution list using acls, Examples – Brocade FastIron Ethernet Switch Layer 3 Routing Configuration Guide User Manual
Page 284
device still receives the routes and installs them in the OSPF database. The feature only prevents the
software from installing the denied OSPF routes into the IP route table.
The OSPF distribution list can be managed using ACLs or Route Maps to identify routes to be denied
as described in the following sections:
• Configuring an OSPF Distribution List using ACLs
• Configuring an OSPF Distribution List using Route Maps
Configuring an OSPF distribution list using ACLs
To configure an OSPF distribution list using ACLs:
• Configure an ACL that identifies the routes you want to deny. Using a standard ACL lets you deny
routes based on the destination network, but does not filter based on the network mask. To also
filter based on the destination network's network mask, use an extended ACL.
• Configure an OSPF distribution list that uses the ACL as input.
Examples
In the following example, the first three commands configure a standard ACL that denies routes to any
10.x.x.x destination network and allows all other routes for eligibility to be installed in the IP route
table. The last three commands change the CLI to the OSPF configuration level and configure an
OSPF distribution list that uses the ACL as input. The distribution list prevents routes to any 10.x.x.x
destination network from entering the IP route table. The distribution list does not prevent the routes
from entering the OSPF database.
device(config)# ip access-list standard no_ip
device(config-std-nacl)# deny 10.0.0.0 0.255.255.255
device(config-std-nacl)# permit any
device(config)# router ospf
device(config-ospf-router) # area 0
device(config-ospf-router) # distribute-list no_ip in
In the following example, the first three commands configure an extended ACL that denies routes to
any 10.31.39.x destination network and allows all other routes for eligibility to be installed in the IP
route table. The last three commands change the CLI to the OSPF configuration level and configure
an OSPF distribution list that uses the ACL as input. The distribution list prevents routes to any
10.31.39.x destination network from entering the IP route table. The distribution list does not prevent
the routes from entering the OSPF database.
device(config)# ip access-list extended DenyNet39
device(config-ext-nacl)# deny ip 10.31.39.0 0.0.0.255 any
device(config-ext-nacl)# permit ip any any
device(config)# router ospf
device(config-ospf-router) # area 0
device(config-ospf-router) # distribute-list DenyNet39 in
In the following example, the first command configures a numbered ACL that denies routes to any
10.31.39.x destination network and allows all other routes for eligibility to be installed in the IP route
table. The last three commands change the CLI to the OSPF configuration level and configure an
OSPF distribution list that uses the ACL as input. The distribution list prevents routes to any 10.31.39.x
destination network from entering the IP route table. The distribution list does not prevent the routes
from entering the OSPF database.
device(config)# ip access-list 100 deny ip 10.31.39.0 0.0.0.255 any
device(config)# ip access-list 100 permit ip any any
device(config)# router ospf
device(config-ospf-router) # area 0
device(config-ospf-router) # distribute-list 100 in
Configuring an OSPF distribution list using ACLs
284
FastIron Ethernet Switch Layer 3 Routing Configuration Guide
53-1003087-04