After a filtering policy is configured for the OSPF routes that need to be delivered to the routing management module, only the routes that match the policy will be added to the routing table.
The system view is displayed.
The OSPF view is displayed.
Run quit
Return to the system view.
Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]
The ACL view is displayed.
Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *
A rule is configured for the ACL.
When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.
If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.
If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.
If a route has not matched any ACL rules, the route will not be received or advertised by the system.
If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.
In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:
Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.
Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.
The OSPF view is displayed.
An import policy is configured to filter received routes.
Based on the IP prefix list:
Run filter-policy ip-prefix ip-prefix-name import
An import policy is configured to filter received routes.
Based on the route-policy:
Run filter-policy route-policy route-policy-name [ secondary ] import
An import policy is configured to filter received routes.
Based on the route-filter:
Run filter-policy route-filter route-filter-name [ secondary ] import
An import policy is configured to filter received routes.
OSPF is a link-state dynamic routing protocol, with routing information carried in the link status advertisement (LSA). Therefore, the filter-policy import command cannot be used to filter the advertised or received LSAs. The filter-policy import command is used to filter the routes calculated by OSPF. Only the routes that match the filtering rules are added to the routing table and can be advertised. Routes that do not match the filtering rules can be added to the OSPF routing table but not to the routing information base (RIB) and cannot be advertised.
The configuration is committed.