Ervin Taufik

[junOS] Filter prefix length ospf

Posted in Cisco, Linux, Mikrotik by ervin andriana taufik on March 14, 2009

Biasanya tidak semua prefix mau di terima kita, misalnya ada ip2 private yg tidak mau kita terima routenya.
Pada case ini misal kita mau filter prefix 20.21.22.0/24 , kita lihat dulu route sebelumnya.

ebenz@enterprise# run show route | match 20.21.22.
20.21.22.0/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.4/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.8/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.12/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.16/30 *[OSPF/150] 00:00:53, metric 21, tag 0
20.21.22.20/30 *[OSPF/150] 00:00:53, metric 21, tag 0

[edit]
ebenz@enterprise#

simple config untuk mem-filter ip di ospf ;

ebenz@enterprise# edit policy-options policy-statement ospf-filter
[edit policy-options policy-statement ospf-filter]
ebenz@enterprise# set term filter-private from neighbor 172.16.0.204
ebenz@enterprise# set term filter-private from route-filter 20.21.22.0/24 orlonger
ebenz@enterprise# set term filter-private then reject
ebenz@enterprise# set term else then accept
ebenz@enterprise# show
term filter-private {
from {
neighbor 172.16.0.204;
route-filter 20.21.22.0/24 orlonger;
}
then reject;
}
term else {
then accept;
}

[edit policy-options policy-statement ospf-filter]

kemudian import statment pada protocol ospf

ebenz@enterprise# edit protocols ospf

[edit protocols ospf]
ebenz@enterprise# set import ospf-filter

[edit protocols ospf]
ebenz@enterprise# show
import ospf-filter;
area 0.0.0.1 {
interface fe-0/0/0.0 {
hello-interval 10;
neighbor 172.16.0.204;
neighbor 172.16.0.200;
}
}

[edit protocols ospf]
ebenz@enterprise# commit
commit complete

[edit protocols ospf]
ebenz@enterprise# run clear ospf neighbor

[edit protocols ospf]
ebenz@enterprise# run show route | match 20.21.22.

[edit protocols ospf]

sudah hilangšŸ˜‰ coba kita show route

ebenz@enterprise# top

[edit]
ebenz@enterprise# exit
Exiting configuration mode

ebenz@enterprise> show route

inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both

0.0.0.0/0 *[OSPF/150] 00:00:56, metric 1, tag 0
> to 172.16.0.200 via fe-0/0/0.0
30.31.32.0/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.4/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.8/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.12/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
30.31.32.16/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.0/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.4/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.8/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.12/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0
40.41.42.16/30 *[OSPF/150] 00:00:51, metric 21, tag 0
> to 172.16.0.204 via fe-0/0/0.0

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: