Virtual Router/ Firewall/ VPN

Reply
Occasional Visitor
Posts: 1
Registered: ‎02-11-2015

How to filter OSPF **filtered** on vyatta

We have a connection between our Vyatta Router to our MPLS VPN Service Provider  which is a Cisco device.

We would like to know how to filter the OSPF **filtered** routes on Brocade Vrouter 5400 (Vyatta). We are open to any other free or lowcost option.

In order to find a solution, we tried to simulate it with GNS3.

We are trying to filter from the vyatta to Cisco.

The big picture : http://i.stack.imgur.com/UXgv4.png

Vyatta VPN_2 configuration :

    interfaces {
        ethernet eth0 {
            address 10.0.0.5/24
            duplex auto
            smp_affinity auto
            speed auto
        }
        ethernet eth1 {
            duplex auto
            smp_affinity auto
            speed auto
            vif 1419 {
                address 10.14.250.249/29
                description VLAN-Jabre
            }
        }
    }
    policy {
        access-list 10 {
            rule 5 {
                action permit
                source {
                    inverse-mask 0.0.255.255
                    network 10.14.0.0
                }
            }
        }
    }
    protocols {
        ospf {
            access-list 10 {
                import
            }
            area 0 {
                network 10.14.250.248/29
                network 10.0.0.0/24
            }
        }
    }


But we are still getting the routes from the vyatta, as we can see on CE_1 routing table.

    CE_1#show ip route vrf VPN_2
    <ommited>
         10.0.0.0/8 is variably subnetted, 11 subnets, 4 masks
    O       10.0.0.0/24 [110/2] via 10.14.250.249, 00:27:11, FastEthernet0/0.1419
    O E2    10.15.10.146/32
               [110/100] via 10.14.250.249, 00:27:11, FastEthernet0/0.1419
    O       10.25.250.0/29
               [110/3] via 10.14.250.249, 00:27:11, FastEthernet0/0.1419
    C       10.19.144.72/30 is directly connected, FastEthernet1/0.1224
    B       10.14.250.0/29 [20/0] via 10.19.144.73, 01:03:31
    O E2    10.11.248.0/29
               [110/100] via 10.14.250.249, 00:27:12, FastEthernet0/0.1419
    O       10.11.249.0/24
               [110/3] via 10.14.250.249, 00:27:12, FastEthernet0/0.1419
    C       10.14.250.248/29 is directly connected, FastEthernet0/0.1419
    O       10.23.13.38/32
               [110/4] via 10.14.250.249, 00:27:13, FastEthernet0/0.1419
    B       10.23.18.55/32 [20/0] via 10.19.144.73, 01:03:33
    O E2    10.25.250.248/29
               [110/100] via 10.14.250.249, 00:27:13, FastEthernet0/0.1419
    CE_1#


Don't understand why I'm getting from the Vyatta_VPN_2 the routes 10.25.250.0/29 and
10.11.249.0/24 on CE_1 and CE_2 which are redistributed on MPLS VPN.

Contributor
Posts: 69
Registered: ‎10-14-2011

Re: How to filter OSPF **filtered** on vyatta

I would use a route-map IE

ip accesslist 102 permit ip 10.14.0.0 0.0.255.255

 

route-map FILTER1 deny 10

match ip access list  102

 route-map FILTER1 permit 20

 

then apply the route-map as in inbound policy .

 

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.