Filtering LSAs in an area can prevent unnecessary LSA transmission. This reduces the size of the LSDB on the neighboring router and speeds up network convergence.
After filtering conditions are set for the incoming or outgoing Type 3 LSAs (Summary LSAs) in an area, only the Type 3 LSAs that meet the filtering conditions can be received or advertised.
This function is applicable only to the ABR.
The system view is displayed.
The OSPF process view is displayed.
The OSPF area view is displayed.
Filter outgoing Type 3 LSAs in the area. Run any of the following commands as required:
Run quit
Return to the system view.
Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]
The ACL view is displayed.
Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *
A rule for the ACL is configured.
When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.
If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.
If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.
If a route has not matched any ACL rules, the route will not be received or advertised by the system.
If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.
In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:
Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.
Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.
The OSPF view is displayed.
The OSPF area view is displayed.
The outgoing Type 3 LSAs of the local area are filtered based on the basic ACL.
Based on the IP prefix list:
Run filter ip-prefix ip-prefix-name export
Outgoing Type 3 LSAs in the area are filtered based on the IP prefix list.
Based on the route-policy:
Run filter route-policy route-policy-name export
Outgoing Type 3 LSAs in the area are filtered based on the route-policy.
Based on the XPL route-filter:
Run filter route-filter route-filter-name export
Outgoing Type 3 LSAs in the area are filtered based on the route-filter.
Filter incoming Type 3 LSAs in the area. Run any of the following commands as required:
Run quit
Return to the system view.
Run acl { name basic-acl-name { basic | [ basic ] number basic-acl-number } | [ number ] basic-acl-number } [ match-order { config | auto } ]
The ACL view is displayed.
Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment-type { fragment | non-fragment | non-subseq | fragment-subseq | fragment-spe-first } | source { source-ip-address { source-wildcard | 0 | src-netmask } | any } | time-range time-name | vpn-instance vpn-instance-name ] *
A rule for the ACL is configured.
When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.
If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.
If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.
If a route has not matched any ACL rules, the route will not be received or advertised by the system.
If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.
In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:
Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.
Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.
The OSPF view is displayed.
The OSPF area view is displayed.
Run filter { acl-number | acl-name acl-name } import [ include-abr-summary ]
Incoming Type 3 LSAs in the area are filtered based on the basic ACL.
Based on the IP prefix list:
Run filter ip-prefix ip-prefix-name import [ include-abr-summary ]
Incoming Type 3 LSAs in the area are filtered based on the IP prefix list.
Based on the route-policy:
Run filter route-policy route-policy-name import [ include-abr-summary ]
Incoming Type 3 LSAs in the area are filtered based on the route-policy.
Based on the XPL route-filter:
Run filter route-filter route-filter-name import [ include-abr-summary ]
Incoming Type 3 LSAs in the area are filtered based on the route-filter.
The configuration is committed.