4-35
By default, the filtering of redistributed routes is not configured.
You can use this command to filter redistributed routes as needed.
Note that if you want to reference an advanced ACL (with a number from 3000 to 3999) in the
command, the ACL should be configured with the
rule
[
rule-id
] {
deny
|
permit
}
ip source
sour-addr
sour-wildcard
command to deny/permit a route with the specified destination, or with the
rule
[
rule-id
]
{
deny
|
permit
}
ip source
sour-addr sour-wildcard
destination
dest-addr dest-wildcard
command to
deny/permit a route with the specified destination and mask. The
source
keyword specifies the
destination address of a route while the
destination
keyword specifies the subnet mask of the route
(the subnet mask must be valid; otherwise, the configuration is ineffective).
Related commands:
import-route
.
Examples
# Filter redistributed routes using ACL2000.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule deny source 192.168.10.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] ospf 100
[Sysname-ospf-100] filter-policy 2000 export
# Configure ACL 3000 to permit only route 113.0.0.0/16 to pass, and reference ACL 3000 to filter
redistributed routes.
<Sysname> system-view
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule 10 permit ip source 113.0.0.0 0 destination 255.255.0.0 0
[Sysname-acl-adv-3000] rule 100 deny ip
[Sysname-acl-adv-3000] quit
[Sysname] ospf 100
[Sysname-ospf-100] filter-policy 3000 export
filter-policy import (OSPF view)
Syntax
filter-policy
{
acl-number
[
gateway
ip-prefix-name
] |
gateway
ip-prefix-name
|
ip-prefix
ip-prefix-name
[
gateway
ip-prefix-name
]
| route-policy route-policy-name
}
import
undo filter-policy import
View
OSPF view
Default Level
2: System level
Parameters
acl-number
: Number of an ACL used to filter incoming routes, in the range 2000 to 3999.
gateway ip-prefix-name
: Name of an IP address prefix list used to filter routes based on the next hop
of the routing information, a string of up to 19 characters.