Solved

OSPF - passive inbound only

Posted on 2009-07-06
4
277 Views
Last Modified: 2012-05-07
On a Cisco 2811 router I want to receive routes but not broadcast and routes on a particular interface.  What is the best way to do this?  I believe

router ospf 1
.
.
 pass-interface fastethernet 1/0

...would stop both receipt and sending.  Thanks.
0
Comment
Question by:amigan_99
  • 2
4 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 24790152
The challenge is that OSPF doesn't advertise "routes". It propagates the link state database (topology) of the network. The routers then create a routing table based on this topology. So you really can't decide what routes to advertise.

There are exceptions though. If one of the networks you don't wish to advertise is connected to your router, simply don't make that interface part of the OSPF topology (Don't have a network statement for that interface).

If the network you don't want to advertise is not connected to your router (you're learning it through OSPF), then the only way to avoid advertising it is to put that network and the other router in different areas. Then you have more control over what gets advertised.

I would help to have a more specific idea of what you want to accomplish.
0
 
LVL 23

Accepted Solution

by:
that1guy15 earned 500 total points
ID: 24790184
Another option would be to use a route filter on the receiving routers and have them filter the unwanted incoming routes.

That is if you contril those routers.
0
 
LVL 1

Author Comment

by:amigan_99
ID: 24790297
Some more details..

I have an MPLS CE from AT&T.  They use BGP to communicate routes between my various CE routers at various sites.  I am having AT&T redistribute the routes learned via BGP into OSPF and I want to hear
these routes at each site's core router.  I want to the core router to learn about the routes in the MPLS cloud via OSPF.  Then if those routes disappear (say the T1 goes our or the MPLS CE router fails) I will have floating static routes with defined higher metric to send the traffic to VPN (perhaps DMVPN, perhaps regular IPsec tunnels).  The AT&T CE router does not need to hear my link state info from my core.  Clearer?
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 31600395
ty
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
slow vpn connection 9 64
md5 password 3 61
Local DNS and Home Routers 4 31
No Wireless Networks Visible In Windows 10 7 48
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question