Ervin Taufik

Biasanya tidak semua prefix mau di terima kita, misalnya ada ip2 private yg tidak mau kita terima routenya.
Pada case ini misal kita mau filter prefix 20.21.22.0/24 , kita lihat dulu route sebelumnya.

ebenz@enterprise# run show route | match 20.21.22.
20.21.22.0/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.4/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.8/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.12/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.16/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.20/30 *[OSPF/150] 00:00:53, metric 21, tag 0

[edit]
ebenz@enterprise#

simple config untuk mem-filter ip di ospf ;

ebenz@enterprise# edit policy-options policy-statement ospf-filter
[edit policy-options policy-statement ospf-filter]
ebenz@enterprise# set term filter-private from neighbor 172.16.0.204
ebenz@enterprise# set term filter-private from route-filter 20.21.22.0/24 orlonger
ebenz@enterprise# set term filter-private then reject
ebenz@enterprise# set term else then accept
ebenz@enterprise# show
term filter-private {
from {
neighbor 172.16.0.204;
route-filter 20.21.22.0/24 orlonger;
}
then reject;
}
term else {
then accept;
}

[edit policy-options policy-statement ospf-filter]

kemudian import statment pada protocol ospf

ebenz@enterprise# edit protocols ospf

[edit protocols ospf]
ebenz@enterprise# set import ospf-filter

[edit protocols ospf]
ebenz@enterprise# show
import ospf-filter;
area 0.0.0.1 {
interface fe-0/0/0.0 {
hello-interval 10;
neighbor 172.16.0.204;
neighbor 172.16.0.200;
}
}

[edit protocols ospf]
ebenz@enterprise# commit
commit complete

[edit protocols ospf]
ebenz@enterprise# run clear ospf neighbor

[edit protocols ospf]
ebenz@enterprise# run show route | match 20.21.22.

[edit protocols ospf]

sudah hilang coba kita show route

ebenz@enterprise# top

[edit]
ebenz@enterprise# exit
Exiting configuration mode

ebenz@enterprise> show route

inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both

0.0.0.0/0 *[OSPF/150] 00:00:56, metric 1, tag 0
> to 172.16.0.200 via fe-0/0/0.0
30.31.32.0/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.4/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.8/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.12/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.16/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.0/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.4/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.8/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.12/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.16/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0