Configuring OSPFv3 to Filter the Routes to Be Advertised

After a filtering policy is configured for OSPFv3 routes to be imported, only the routes that match the policy will be advertised.

Context

When OSPFv3 receives LSAs, it can filter the received routes based on a filtering policy before advertising them to neighbors.

Procedure

Run system-view
The system view is displayed.
Run ospfv3 [ process-id ]
The OSPFv3 view is displayed.
(Optional) Run default-route-advertise [ [ always | permit-calculate-other | cost cost | type type | tag tag | distribute-delay delay | route-policy route-policy-name | route-filter route-filter-name ] ^*
Default routes are advertised in the OSPFv3 area.
Run any of the following commands as required:
- Configure a basic ACL:
  1. Run quit
    Return to the system view.
  2. Run acl ipv6 { name basic-acl6-name basic | [ number ] basic-acl6-number } [ match-order { config | auto } ]
    The ACL view is displayed.
  3. Run rule [ rule-id ] [ name rule-name ] { deny | permit } [ fragment | source { source-ipv6-address { prefix-length | source-wildcard } | source-ipv6-address/prefix-length | any } | time-range time-name | [ vpn-instance vpn-instance-name | vpn-instance-any ] ] ^*
    A rule is configured for the basic ACL.
    
    When the rule command is run to configure rules for a named ACL, only the source address range specified by source and the time period specified by time-range are valid as the rules.
    When a filtering policy of a routing protocol is used to filter routes:
    - If the action specified in an ACL rule is permit, a route that matches the rule will be received or advertised by the system.
    - If the action specified in an ACL rule is deny, a route that matches the rule will not be received or advertised by the system.
    - If a route has not matched any ACL rules, the route will not be received or advertised by the system.
    - If an ACL does not contain any rules, all routes matching the route-policy that references the ACL will not be received or advertised by the system.
    - In the configuration order, the system first matches a route with a rule that has a smaller number and then matches the route with a rule with a larger number. Routes can be filtered using a blacklist or a whitelist:
      
      Route filtering using a blacklist: Configure a rule with a smaller number and specify the action deny in this rule to filter out the unwanted routes. Then, configure another rule with a larger number in the same ACL and specify the action permit in this rule to receive or advertise the other routes.
      
      Route filtering using a whitelist: Configure a rule with a smaller number and specify the action permit in this rule to permit the routes to be received or advertised by the system. Then, configure another rule with a larger number in the same ACL and specify the action deny in this rule to filter out unwanted routes.
  4. Run ospfv3 [ process-id ]
    The OSPFv3 view is displayed.
  5. Run filter-policy { acl-number | acl6-name acl6-name } export [ bgp | direct | static | unr | { isis | ospfv3 | ripng } [ process-id ] ]
    An export policy that is based on the ACL is configured to filter the routes imported using the import-route command. Only the filtered routes can be advertised.
- Based on an IPv6 prefix list:
  
  Run filter-policy ipv6-prefix ipv6-prefix-name export [ bgp | direct | static | unr | { isis | ospfv3 | ripng } [ process-id ] ]
  
  An export policy that is based on an IPv6 prefix list is configured to filter the routes imported using the import-route command. Only the filtered routes can be advertised.
You can specify the parameter protocol [ process-id ] to filter the routes of a certain routing protocol or a certain OSPF process. If protocol [ process-id ] is not specified, OSPFv3 filters all imported routes.
Run commit
The configuration is committed.