9.1.3 Lab – OSPFv2 Route Summarization and Filtering (Answers)

9.1.3 Lab – OSPFv2 Route Summarization and Filtering (Answers)

Topology

9.1.3 Lab - OSPFv2 Route Summarization and Filtering (Answers) 2

Addressing Table

Device Interface IPv4 Address
R1 G0/0/0 172.16.0.2/30
G0/0/1 10.10.0.1/30
Lo0 209.165.200.225/27
R2 G0/0/0 172.16.0.1/30
G0/0/1 172.16.1.1/30
R3 G0/0/0 172.16.1.2/30
G0/0/1 10.10.4.1/30
D1 G1/0/11 10.10.0.2/30
G1/0/23 10.10.1.1/24
Lo2 10.10.2.1/24
Lo3 10.10.3.1/24
D2 G1/0/11 10.10.4.2/30
G1/0/23 10.10.5.1/24
Lo16 10.10.16.1/24
Lo17 10.10.17.1/24
Lo18 10.10.18.1/24
Lo19 10.10.19.1/24
Lo20 10.10.20.1/24
Lo21 10.10.21.1/24
Lo22 10.10.22.1/24
Lo23 10.10.23.1/24
PC1 NIC 10.10.1.10/24
PC2 NIC 10.10.5.10/24

Objectives

  • Part 1: Build the Network, Configure Basic Device Settings and Routing
  • Part 2: OSPFv2 Route Summarization
  • Part 3: OSPFv2 Route Filtering

Background / Scenario

Areas make OSPF more scalable and increase efficiency. Consider a large multinational organization with a thousand OSPF routers. If all routers were in a single area, the information contained in their LSDB would be overwhelming. Segmenting the OSPF domain into multiple areas reduces the size of the LSDB for each area, making SPF tree calculations faster, and decreasing LSDB flooding between routers when a link flaps.

To make OSPF even more scalable and efficient, network routes can be summarized and advertised in other areas. As well, specific route filtering can be used to provide more precise control on route propagation.

In this lab, you will configure route summarization and route filtering in a multiarea OSPF version 2 network. This lab was specifically designed to use three routers and two Layer 3 switches. To help visualize the potential of summarization and route filtering, additional loopback interfaces will be configured to simulate LANs and create larger routing tables.

Note: This lab is an exercise in developing, deploying, and verifying how OSPF route summarization and filtering operates and does not reflect networking best practices.

Note: The router used with this CCNP hands-on lab is a Cisco 4221and the two Layer 3 switches are Catalyst 3560 switches. Other routers and Layer 3 switches and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs.

Note: Ensure that the routers and switches have been erased and have no startup configurations. If you are unsure contact your instructor.

Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.

Required Resources

  • 3 Routers (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
  • 2 Switches (Cisco 3650 with Cisco IOS XE Release 16.9.4 universal image or comparable)
  • 2 PCs (Windows with terminal emulation program, such as Tera Term)
  • Console cables to configure the Cisco IOS devices via the console ports
  • Ethernet cables as shown in the topology

Instructions

Part 1: Build the Network, Configure Basic Device Settings and Routing

In Part 1, you will set up the network topology and configure basic settings and interface addressing on the router and Layer 3 switches. You will also configure multiarea OSPFv2 on the OSPF backbone routers R1, R2, and R3. You will manually configure OSPFv2 on D1 and D2.

Step 1: Cable the network as shown in the topology.

Attach the devices as shown in the topology diagram, and cable as necessary.

Step 2: Configure basic settings for the routers.

a. Console into each router, enter global configuration mode, and apply the basic settings, interface addressing, and OSPFv2 configuration. The configuration for each device is provided for you below.

Note: Routers were configured with OSPFv2.

Router R1

hostname R1
no ip domain lookup
line con 0
 logging sync
 exec-time 0 0
 exit
banner motd # This is R1, OSPFv2 Route Summarization and Filtering Lab #
interface g0/0/0
 ip add 172.16.0.2 255.255.255.252
 no shut
 exit
interface GigabitEthernet0/0/1
 ip address 10.10.0.1 255.255.255.252
 no shut
 exit
router ospf 123
 router-id 1.1.1.1
 auto-cost reference-bandwidth 1000
 network 10.10.0.0 0.0.0.3 area 1
 network 172.16.0.0 0.0.0.3 area 0
 exit

Router R2

hostname R2
no ip domain lookup
line con 0
 logging sync
 exec-time 0 0
 exit
banner motd # This is R2, OSPFv2 Route Summarization and Filtering Lab #
interface g0/0/0
 ip add 172.16.0.1 255.255.255.252
 no shut
 exit
interface GigabitEthernet0/0/1
 ip address 172.16.1.1 255.255.255.252
 no shut
 exit
int lo0
 ip add 209.165.200.225 255.255.255.224
 exit
ip route 0.0.0.0 0.0.0.0 Loopback0
router ospf 123
 router-id 2.2.2.1
 auto-cost reference-bandwidth 1000
 network 172.16.0.0 0.0.0.3 area 0
 network 172.16.1.0 0.0.0.3 area 0
 default-information originate
 exit

Router R3

hostname R3
no ip domain lookup
line con 0
 logging sync
 exec-time 0 0
 exit
banner motd # This is R3, OSPFv2 Route Summarization and Filtering Lab #
interface g0/0/0
 ip add 172.16.1.2 255.255.255.252
 no shut
 exit
interface GigabitEthernet0/0/1
 ip address 10.10.4.1 255.255.255.252
 no shut
 exit
router ospf 123
 router-id 3.3.3.1
 auto-cost reference-bandwidth 1000
 network 10.10.4.0 0.0.0.3 area 2
 network 172.16.1.0 0.0.0.3 area 0
 exit

b. Save the running configuration to startup-config.

Step 3: Configure basic settings for the switches.

a. Console into the switch, enter global configuration mode, and apply the basic settings and interface addressing. A command list for each switch is provided below.

Note: OSPF routing will be manually configured.

Switch D1

hostname D1
no ip domain lookup
line con 0
 exec-timeout 0 0
 logging synchronous
 exit
banner motd # This is D1, OSPFv2 Route Summarization and Filtering Lab #
interface g1/0/11
 no switchport
 ip address 10.10.0.2 255.255.255.252
 no shut
 exit
interface g1/0/23
 no switchport
 ip address 10.10.1.1 255.255.255.0
 no shut
 exit
int Lo2
 ip add 10.10.2.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo3
 ip add 10.10.3.1 255.255.255.0
 ip ospf network point-to-point
exit

Switch D2

hostname D2
no ip domain lookup
line con 0
 logging sync
 exec-time 0 0
 exit
banner motd # This is D2, OSPFv2 Route Summarization and Filtering Lab #
interface g1/0/11
 no switchport
 ip address 10.10.4.2 255.255.255.252
 no shut
 exit
interface g1/0/23
 no switchport
 ip address 10.10.5.1 255.255.255.0
 no shut
 exit
int Lo16
 ip add 10.10.16.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo17
 ip add 10.10.17.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo18
 ip add 10.10.18.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo19
 ip add 10.10.19.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo20
 ip add 10.10.20.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo21
 ip add 10.10.21.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo22
 ip add 10.10.22.1 255.255.255.0
 ip ospf network point-to-point
 exit
int Lo23
 ip add 10.10.23.1 255.255.255.0
 ip ospf network point-to-point
 exit

b. Save the running configuration to startup-config.

c. Verify the interfaces configured on D1.

D1# show ip interface brief | include manual
GigabitEthernet1/0/11  10.10.0.2       YES manual up                    up
GigabitEthernet1/0/23  10.10.1.1       YES manual up                    up
Loopback2              10.10.2.1       YES manual up                    up
Loopback3              10.10.3.1       YES manual up                    up

Notice the loopback interfaces configured on D1. Theses interfaces were configured for lab purposes to simulate other LANs.

Note: Loopback interfaces were numbered based on the network address (e.g., Lo2 = 10.10.2.0/24) for convenience only.

d. Verify the interfaces configured on D2.

D2# show ip interface brief | include manual
GigabitEthernet1/0/11  10.10.4.2       YES manual up                    up
GigabitEthernet1/0/23  10.10.5.1       YES manual up                    up
Loopback16             10.10.16.1      YES manual up                    up
Loopback17             10.10.17.1      YES manual up                    up
Loopback18             10.10.18.1      YES manual up                    up
Loopback19             10.10.19.1      YES manual up                    up
Loopback20             10.10.20.1      YES manual up                    up
Loopback21             10.10.21.1      YES manual up                    up
Loopback22             10.10.22.1      YES manual up                    up
Loopback23             10.10.23.1      YES manual up                    up

Again, notice the loopback interfaces configured on D1. Theses interfaces were configured for lab purposes to simulate other LANs.

Step 4: Verify routing on R1, R2, and R3.

a. Verify the routing table of R1 using the show ip route ospf command.

R1# show ip route ospf | begin Gateway
Gateway of last resort is 172.16.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 172.16.0.1, 00:22:17, GigabitEthernet0/0/0
      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA     10.10.4.0/30 [110/3] via 172.16.0.1, 00:21:43, GigabitEthernet0/0/0
      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O        172.16.1.0/30 [110/2] via 172.16.0.1, 00:22:11, GigabitEthernet0/0/0

The R1 routing table contains an OSPF internal or intra-area route, and interarea route, and an external route to the default gateway.

b. Verify the routing table of R2 using the show ip route ospf command.

R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

      10.0.0.0/30 is subnetted, 2 subnets
O IA     10.10.0.0 [110/2] via 172.16.0.2, 00:19:40, GigabitEthernet0/0/0
O IA     10.10.4.0 [110/2] via 172.16.1.2, 00:19:07, GigabitEthernet0/0/1

R2 is propagating the static default route and therefore does not have an external type 2 OSPF route (i.e., O* E2) in the routing table like R1 and R3.

c. Verify the routing table of R3 using the show ip route ospf command.

R3# show ip route ospf | begin Gateway
Gateway of last resort is 172.16.1.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 172.16.1.1, 00:20:00, GigabitEthernet0/0/0
      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA     10.10.0.0/30 [110/3] via 172.16.1.1, 00:20:00, GigabitEthernet0/0/0
      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O        172.16.0.0/30 [110/2] via 172.16.1.1, 00:20:00, GigabitEthernet0/0/0

Like R1, R3 has an internal route (LSA 2), an interarea route (LSA 3), and an external route (LSA 5).
The LANs connected to D1 and D2 are not yet advertised.

Step 5: Enable OSPFv2 on D1.

a. On D1, enable IP routing using the ip routing global configuration command.

D1(config)# ip routing

b. Next, enter the OSPF router configuration mode using process ID 123, assign D1 the router ID 1.1.1.2 and set the reference bandwidth to distinguish between Gigabit Ethernet and FastEthernet interfaces.

D1(config)# router ospf 123
D1(config-router)# router-id 1.1.1.2
D1(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed.
        Please ensure reference bandwidth is consistent across all routers.

Note: Setting the reference cost value too high may cause issues with low-bandwidth interfaces.

c. Next, we need to have D1 advertise all four of its directly connected interfaces. Although this could be accomplished using four separate network statements, we will use the wildcard mask to advertise all four interfaces using one network statement.

D1(config-router)# network 10.10.0.0 0.0.3.255 area 1
D1(config-router)# end
*Mar 1 01:01:22.540: %OSPF-5-ADJCHG: Process 123, Nbr 1.1.1.1 on GigabitEthernet1/0/11 from LOADING to FULL, Loading Done

d. Verify the OSPF routing table on D1.

D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.10.0.1, 00:05:20, GigabitEthernet1/0/11
      10.0.0.0/8 is variably subnetted, 9 subnets, 3 masks
O IA     10.10.4.0/30 [110/4] via 10.10.0.1, 00:05:20, GigabitEthernet1/0/11
      172.16.0.0/30 is subnetted, 2 subnets
O IA     172.16.0.0 [110/2] via 10.10.0.1, 00:05:20, GigabitEthernet1/0/11
O IA     172.16.1.0 [110/3] via 10.10.0.1, 00:05:20, GigabitEthernet1/0/11

e. Verify the routing table of R2 using the show ip route ospf command.

R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

      10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O IA     10.10.0.0/30 [110/2] via 172.16.0.2, 00:40:29, GigabitEthernet0/0/0
O IA     10.10.1.0/24 [110/12] via 172.16.0.2, 00:06:56, GigabitEthernet0/0/0
O IA     10.10.2.0/24 [110/3] via 172.16.0.2, 00:06:56, GigabitEthernet0/0/0
O IA     10.10.3.0/24 [110/3] via 172.16.0.2, 00:06:56, GigabitEthernet0/0/0
O IA     10.10.4.0/30 [110/2] via 172.16.1.2, 00:39:56, GigabitEthernet0/0/1

Notice how its routing table now includes routes to the D1 LANs. Notice also how this has increased the number of routing entries.

Step 6: Enable OSPFv2 on D2.

a. On D2, enable IP routing using the ip routing global configuration command.

D2(config)# ip routing

b. Next, enter the OSPF router configuration mode using process ID 123, assign D2 the router ID 3.3.3.2 and set the reference bandwidth to distinguish between Gigabit Ethernet and FastEthernet interfaces.

D2(config)# router ospf 123
D2(config-router)# router-id 3.3.3.2
D2(config-router)# auto-cost reference-bandwidth 1000
% OSPF: Reference bandwidth is changed.
        Please ensure reference bandwidth is consistent across all routers.

Note: Setting the reference cost value too high may cause issues with low-bandwidth interfaces.

c. Advertise the 10.10.4.0/30 and 10.10.5.0 /255 networks. Again, this could be accomplished using separate network statements. However, the wildcard mask can be used to advertise both interfaces using one network statement as shown.

D2(config-router)# network 10.10.4.0 0.0.1.255 area 2
D2(config-router)#
*Mar 1 01:15:02.643: %OSPF-5-ADJCHG: Process 123, Nbr 3.3.3.1 on GigabitEthernet1/0/11 from LOADING to FULL, Loading Done

Note: The wildcard mask 0.0.1.255 matches both networks 10.10.4.0/30 and 10.10.5.0/24

d. Next, advertise the 10.10.16.0/24 through to 10.10.23.0/24 loopback interface networks. Traditionally, this would require 8 network statements. But again, the wildcard mask can be used to advertise all 8 interfaces using one network statement as shown.

D2(config-router)# network 10.10.16.0 0.0.7.255 area 2
D2(config-router)# end

Note: The wildcard mask 0.0.7.255 matches networks 10.10.16.0/24 through to 10.10.23.0/24.

Step 7: Verify Routing.

a. Verify the routing table of D2 using the show ip route ospf command.

D2# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.4.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11
      10.0.0.0/8 is variably subnetted, 24 subnets, 3 masks
O IA     10.10.0.0/30 [110/4] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11
O IA     10.10.1.0/24 [110/14] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11
O IA     10.10.2.0/24 [110/5] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11
O IA     10.10.3.0/24 [110/5] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11
      172.16.0.0/30 is subnetted, 2 subnets
O IA     172.16.0.0 [110/3] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11
O IA     172.16.1.0 [110/2] via 10.10.4.1, 00:02:19, GigabitEthernet1/0/11

D2 has OSPF route entries for:

  • One external OSPF route to the gateway of last resort.
  • The four D1 LANs (i.e., 10.10.0.0/30 through 10.10.3.0/24)
  • The two Area 0 networks (i.e., 172.16.0.0/30 and 172.16.1.0/30)

b. From R2, verify the routing table using the show ip route ospf command.

R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

      10.0.0.0/8 is variably subnetted, 14 subnets, 2 masks
O IA     10.10.0.0/30 [110/2] via 172.16.0.2, 01:00:10, GigabitEthernet0/0/0
O IA     10.10.1.0/24 [110/12] via 172.16.0.2, 00:26:37, GigabitEthernet0/0/0
O IA     10.10.2.0/24 [110/3] via 172.16.0.2, 00:26:37, GigabitEthernet0/0/0
O IA     10.10.3.0/24 [110/3] via 172.16.0.2, 00:26:37, GigabitEthernet0/0/0
O IA     10.10.4.0/30 [110/2] via 172.16.1.2, 00:59:37, GigabitEthernet0/0/1
O IA     10.10.5.0/24 [110/12] via 172.16.1.2, 00:09:55, GigabitEthernet0/0/1
O IA     10.10.16.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.17.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.18.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.19.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.20.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.21.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.22.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1
O IA     10.10.23.0/24 [110/3] via 172.16.1.2, 00:00:13, GigabitEthernet0/0/1

Notice how the routing table of R2 now includes routes to the D1 and D2 LANs. And again, notice how this has increased the number of routing entries.

c. From D1, verify the routing table using the show ip route ospf command.

D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.10.0.1, 00:18:43, GigabitEthernet1/0/11
      10.0.0.0/8 is variably subnetted, 18 subnets, 3 masks
O IA     10.10.4.0/30 [110/4] via 10.10.0.1, 00:18:43, GigabitEthernet1/0/11
O IA     10.10.5.0/24 [110/5] via 10.10.0.1, 00:09:56, GigabitEthernet1/0/11
O IA     10.10.16.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.17.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.18.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.19.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.20.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.21.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.22.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
O IA     10.10.23.0/24 [110/5] via 10.10.0.1, 00:08:27, GigabitEthernet1/0/11
      172.16.0.0/30 is subnetted, 2 subnets
O IA     172.16.0.0 [110/2] via 10.10.0.1, 00:18:43, GigabitEthernet1/0/11
O IA     172.16.1.0 [110/3] via 10.10.0.1, 00:18:43, GigabitEthernet1/0/11

Notice the OSPF routing table now includes the additional interarea routes from D2.

Part 2: OSPFv2 Route Summarization

As shown in Part 1, routing tables increase in the number of entries as more and more networks are connected to the OSPF domain.

To reduce the size of the routing table and LSDB, network prefixes must be summarized. Route summarization improves OSPF performance as fewer network entries are required.

Route summarization involves consolidating multiple routes into a single advertisement. Proper route summarization reduces the bandwidth, memory, and CPU resources consumed by the OSPF process.

OSPF routes can only be summarized between areas. Interarea route summarization is configured on ABRs using the area area-id range network subnet-mask [advertise | not-advertise] [cost metric] router configuration command.

Parameter Description
area area-id Identifies the area subject to route summarization.
address The summary address designated for a range of addresses.
mask The IP subnet mask used for the summary route.
advertise Enabled by default, it sets the address range status to advertise and generate a type 3 summary LSA.
not-advertise (Optional) Sets the address range status to DoNotAdvertise.

Can be used for route filtering as the type 3 summary LSA is suppressed, and the component networks remain hidden from other networks.

cost cost (Optional) Metric or cost for this summary route, which is used during the OSPF SPF calculation to determine the shortest paths to the destination.

The value can be 0 to 16777215.

In this part, you will learn how to reduce the number of routing entries without compromising access to any networks.

Step 1: Configure interarea route summarization on R1.

Area 1 consists of networks 10.10.0.0/30, 10.10.1.0/24, 10.10.2.0/24, and 10.10.3.0/24. To calculate the summary address of these networks:

  1. List the networks in binary format.
  2. Count the number of left-most matching bits to determine the mask.
  3. Copy the matching bits and add zero bits to determine the network address.

The four networks are listed in binary format.

Network 1st Octet 2nd Octet 3rd Octet 4th Octet
10.10.0.0 0000 1010 0000 1010 0000 0000 0000 0000
10.10.1.0 0000 1010 0000 1010 0000 0001 0000 0000
10.10.2.0 0000 1010 0000 1010 0000 0010 0000 0000
10.10.3.0 0000 1010 0000 1010 0000 0011 0000 0000

There are 22 left-most bits that match. Octet 1 and 2 match for a sum of 16 bits. There are 6 left-most bits that match in the 3rd octet which results in a total of 22 bits that match.

A /22 subnet converts to 255.255.252.0.

Therefore, the summary network address of networks 10.10.0.0/30, 10.10.1.0/24, 10.10.2.0/24, and 10.10.3.0/24 is 10.10.0.0 255.255.252.0.

a. On the Area 1 ABR router R1, enter OSFP router config mode.

R1(config)# router ospf 123

b. Summarize the D1 LANs using the area 1 range 10.10.0.0 255.255.252.0 router configuration command.

R1(config-router)# area 1 range 10.10.0.0 255.255.252.0
R1(config-router)# end
Step 2: Verify the interarea route summarization.

a. Verify the routing table of R1 using the show ip route ospf command.

R1# show ip route ospf | begin Gateway
Gateway of last resort is 172.16.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
      10.0.0.0/8 is variably subnetted, 16 subnets, 4 masks
O        10.10.0.0/22 is a summary, 00:40:51, Null0
O        10.10.1.0/24 [110/11] via 10.10.0.2, 00:40:51, GigabitEthernet0/0/1
O        10.10.2.0/24 [110/2] via 10.10.0.2, 00:40:51, GigabitEthernet0/0/1
O        10.10.3.0/24 [110/2] via 10.10.0.2, 00:40:51, GigabitEthernet0/0/1
O IA     10.10.4.0/30 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.5.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.16.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.17.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.18.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.19.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.20.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.21.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.22.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
O IA     10.10.23.0/24 [110/4] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0
      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O        172.16.1.0/30 [110/2] via 172.16.0.1, 00:40:51, GigabitEthernet0/0/0

The routing table of the ABR using the summary address adds a discard route entry to the Null 0 interface to prevent routing loops. The portions of the summarized network range will not have a more specific route in the routing table.

b. Verify the routing table of R2 using the show ip route ospf command.

R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

      10.0.0.0/8 is variably subnetted, 11 subnets, 3 masks
O IA     10.10.0.0/22 [110/2] via 172.16.0.2, 00:36:38, GigabitEthernet0/0/0
O IA     10.10.4.0/30 [110/2] via 172.16.1.2, 02:20:03, GigabitEthernet0/0/1
O IA     10.10.5.0/24 [110/12] via 172.16.1.2, 01:30:21, GigabitEthernet0/0/1
O IA     10.10.16.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.17.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.18.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.19.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.20.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.21.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.22.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1
O IA     10.10.23.0/24 [110/3] via 172.16.1.2, 01:20:39, GigabitEthernet0/0/1

Notice how the previous four route entries for network 10.10.0.0 to 10.0.3.0 have now been summarized onto one route.

Step 3: Configure interarea route summarization on R3.

Area 2 consists of networks 10.10.4.0/30 and 10.10.5.0/24. It also consists of LANs 10.10.16.0/24 through to 10.10.23.0/24. These networks are not contiguous and cannot easily be summarized. For this reason, two summary commands will be configured on R3.

a. On R3 enter OSFP router config mode.

R3(config)# router ospf 123

b. The first summary advertisement will be for the 10.10.4.0/30 and 10.10.5.0/24 networks. To summarize they are listed in binary format.

Network 1st Octet 2nd Octet 3rd Octet 4th Octet
10.10.4.0 0000 1010 0000 1010 0000 0100 0000 0000
10.10.5.0 0000 1010 0000 1010 0000 0101 0000 0000

There are 23 left-most bits that match. Octet 1 and 2 match for a sum of 16 bits. There are 7 left-most bits that match in the 3rd octet which results in a total of 23 bits that match.

A /23 subnet converts to 255.255.254.0. Therefore, the summary network address of networks 10.10.4.0/30 and 10.10.5.0/24 is 10.10.4.0 255.255.254.0.

Summarize the D2 LANs and using the area 2 range 10.10.4.0 255.255.254.0 router configuration command.

R3(config-router)# area 2 range 10.10.4.0 255.255.254.0

c. The second summary advertisement will be for the 10.10.16.0/24 through to 10.10.23.0/24 networks. Although all eight networks could be listed in binary format, it is possible to discover the summary addresses by only listing the first network and last network in binary format.

Network 1st Octet 2nd Octet 3rd Octet 4th Octet
10.10.16.0 0000 1010 0000 1010 0001 0000 0000 0000
10.10.23.0 0000 1010 0000 1010 0001 0111 0000 0000

There are 21 left-most bits that match. Octet 1 and 2 match for a sum of 16 bits. There are 5 left-most bits that match in the 3rd octet which results in a total of 21 bits that match.

A /21 subnet converts to 255.255.248.0. Therefore, the summary network address of networks 10.10.16.0/24 through to 10.10.23.0/24 is 10.10.16.0 255.255.248.0.

A cost can also be assigned to a summary route by using the cost keyword.

Summarize the D2 LANs and assign them a cost of 65 using the area 2 range 10.10.16.0 255.255.248.0 cost 65 router configuration command.

R3(config-router)# area 2 range 10.10.16.0 255.255.248.0 cost 65
Step 4: Verify the interarea route summarization

a. Verify the routing table of R1using the show ip route ospf command.

R3# show ip route ospf | begin Gateway
Gateway of last resort is 172.16.1.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 172.16.1.1, 00:01:14, GigabitEthernet0/0/0
      10.0.0.0/8 is variably subnetted, 14 subnets, 6 masks
O IA     10.10.0.0/22 [110/3] via 172.16.1.1, 00:01:14, GigabitEthernet0/0/0
O        10.10.4.0/23 is a summary, 00:01:14, Null0
O        10.10.5.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.16.0/21 is a summary, 00:01:14, Null0
O        10.10.16.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.17.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.18.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.19.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.20.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.21.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.22.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
O        10.10.23.0/24 [110/2] via 10.10.4.2, 00:01:14, GigabitEthernet0/0/1
      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
O        172.16.0.0/30 [110/2] via 172.16.1.1, 00:01:14, GigabitEthernet0/0/0

R3 added two discard route entries to the Null 0 interface to prevent routing loops.

b. Verify the routing table of R2 using the show ip route ospf command.

R2# show ip route ospf | begin Gateway
Gateway of last resort is 0.0.0.0 to network 0.0.0.0

      10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
O IA     10.10.0.0/22 [110/2] via 172.16.0.2, 00:01:25, GigabitEthernet0/0/0
O IA     10.10.4.0/23 [110/2] via 172.16.1.2, 00:01:25, GigabitEthernet0/0/1
O IA     10.10.16.0/21 [110/66] via 172.16.1.2, 00:00:04, GigabitEthernet0/0/1

Notice how R2 now has only two route entries for the D2 LANs. Previous to route summarization on R3, R2 had 10 route entries for the D2 LANs. Also notice the cost of the 10.10.16.0/21 route has been influenced.

c. Verify the routing table of D1 using the show ip route ospf command.

D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.10.0.1, 01:19:46, GigabitEthernet1/0/11
      10.0.0.0/8 is variably subnetted, 10 subnets, 5 masks
O IA     10.10.4.0/23 [110/4] via 10.10.0.1, 00:10:04, GigabitEthernet1/0/11
O IA     10.10.16.0/21 [110/68] via 10.10.0.1, 00:09:23, GigabitEthernet1/0/11
      172.16.0.0/30 is subnetted, 2 subnets
O IA     172.16.0.0 [110/2] via 10.10.0.1, 01:19:46, GigabitEthernet1/0/11
O IA     172.16.1.0 [110/3] via 10.10.0.1, 01:19:46, GigabitEthernet1/0/11

Notice how its routing table is smaller.

d. Verify connectivity to D2.

D1# ping 10.10.23.1 source 10.10.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.23.1, timeout is 2 seconds:
Packet sent with a source address of 10.10.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

Part 3: OSPFv2 Route Filtering

In this part, you will learn about OSPF route filtering. Route filtering is a method for selectively identifying routes that are advertised or received from neighbor routers. Route filtering may be used to manipulate traffic flows, reduce memory utilization, or improve security.

Filtering of routes with vector-based routing protocols is straightforward. This is because the routes are filtered as routing updates and are advertised to downstream neighbors. However, with link-state routing protocols such as OSPF, every router in an area shares a complete copy of the link-state database. Therefore, filtering of routes generally occurs as routes enter the area on the ABR.
The following sections describe three techniques for filtering routes with OSPF.

  • Filtering with Summarization – An easy router filtering method is to use the area area-id range network subnet-mask not-advertise router config command. However, it is limited in its ability to filter.
  • Area Filtering – OSPF area filtering is accomplished by using the area area-id filter-list prefix prefix-list-name {in | out} router config command on the ABR.
  • Local OSPF Filtering – To enable a route to exist in the OSPF LSDB and prevent it from being installed in the local routing table, use the distribute list feature.
Step 1: Filter with summarization.

a. As an example of filtering with summarization, we will remove the last route summarization command configured on R3.

R3(config-router)# no area 2 range 10.10.16.0 255.255.248.0

b. On D1, verify that all of the 1010.16.0/24 through 10.10.23.0/24 networks are in the routing table.

D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.10.0.1, 01:25:49, GigabitEthernet1/0/11
      10.0.0.0/8 is variably subnetted, 17 subnets, 4 masks
O IA     10.10.4.0/23 [110/4] via 10.10.0.1, 00:16:07, GigabitEthernet1/0/11
O IA     10.10.16.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.17.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.18.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.19.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.20.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.21.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.22.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
O IA     10.10.23.0/24 [110/5] via 10.10.0.1, 00:00:07, GigabitEthernet1/0/11
      172.16.0.0/30 is subnetted, 2 subnets
O IA     172.16.0.0 [110/2] via 10.10.0.1, 01:31:12, GigabitEthernet1/0/11
O IA     172.16.1.0 [110/3] via 10.10.0.1, 01:31:12, GigabitEthernet1/0/11

The D2 LANs are in the routing table of D1.

c. Now, on R3, filter the 10.10.18.0/24 network from being advertised to another area using the not-advertise keyword.

R3(config-router)# area 2 range 10.10.18.0 255.255.255.0 not-advertise

d. On D1, verify the routing table.

D1# show ip route ospf | begin Gateway
Gateway of last resort is 10.10.0.1 to network 0.0.0.0

O*E2  0.0.0.0/0 [110/1] via 10.10.0.1, 01:31:12, GigabitEthernet1/0/11
      10.0.0.0/8 is variably subnetted, 16 subnets, 4 masks
O IA     10.10.4.0/23 [110/4] via 10.10.0.1, 00:21:30, GigabitEthernet1/0/11
O IA     10.10.16.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
O IA     10.10.17.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
O IA     10.10.19.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
O IA     10.10.20.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
O IA     10.10.21.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
O IA     10.10.22.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
O IA     10.10.23.0/24 [110/5] via 10.10.0.1, 00:05:30, GigabitEthernet1/0/11
      172.16.0.0/30 is subnetted, 2 subnets
O IA     172.16.0.0 [110/2] via 10.10.0.1, 01:31:12, GigabitEthernet1/0/11
O IA     172.16.1.0 [110/3] via 10.10.0.1, 01:31:12, GigabitEthernet1/0/11

Notice that the 10.10.18.0/24 prefix is no longer in the routing table of D1.

Step 2: Use area filtering.

On R1, filter the 10.10.2.0/24 network from being advertised into OSPF Area 0 by creating a prefix list and then referencing the list in the area area-id filter-list prefix prefix-list-name {in | out} command on R1. You will then filter the 10.10.3.0 network from being propagated into Area 2.

a. O R1, remove the route summarization command that was configured in Part 2.

R1(config-router)# no area 1 range 10.10.0.0 255.255.252.0
R1(config-router)# exit

b. Verify that the routing table of R2 has the 4 entries from Area 1.

R2# show ip route ospf | include 0/0/0
O IA     10.10.0.0/30 [110/2] via 172.16.0.2, 00:03:46, GigabitEthernet0/0/0
O IA     10.10.1.0/24 [110/12] via 172.16.0.2, 00:03:46, GigabitEthernet0/0/0
O IA     10.10.2.0/24 [110/3] via 172.16.0.2, 00:03:46, GigabitEthernet0/0/0
O IA     10.10.3.0/24 [110/3] via 172.16.0.2, 00:03:46, GigabitEthernet0/0/0

c. Create the following prefix list on R1 to deny 10.10.2.0/24 but permit everything else.

R1(config)# ip prefix-list FILTER-1 deny 10.10.2.0/24
R1(config)# ip prefix-list FILTER-1 permit 0.0.0.0/0 le 32

d. Enter OSPF router configuration mode and assign the prefix filter incoming in Area 0.

R1(config)# router ospf 123
R1(config-router)# area 0 filter-list prefix FILTER-1 in

e. Verify that 10.10.2.0 is not in the routing table of R2.

R2# show ip route ospf | include 0/0/0
O IA     10.10.0.0/30 [110/2] via 172.16.0.2, 00:08:59, GigabitEthernet0/0/0
O IA     10.10.1.0/24 [110/12] via 172.16.0.2, 00:08:59, GigabitEthernet0/0/0
O IA     10.10.3.0/24 [110/3] via 172.16.0.2, 00:08:59, GigabitEthernet0/0/0

Notice that the 10.10.2.0/24 prefix has been filtered from Area 0 is no longer in the R2 routing table.

f. Verify that D2 has a route entry for 10.10.3.0/24.

D2# show ip route | inc 10.10.3.0
O IA    10.10.3.0/24 [110/5] via 10.10.4.1, 00:13:22, GigabitEthernet1/0/11

g. On R3, create the following prefix list to deny 10.10.3.0/24 but permit everything else.

R3(config)# ip prefix-list FILTER-1 deny 10.10.3.0/24
R3(config)# ip prefix-list FILTER-1 permit 0.0.0.0/0 le 32

h. On R3, enter OSPF router configuration mode and assign the prefix filter outgoing from Area 0.

R3(config)# router ospf 123
R3(config-router)# area 0 filter-list prefix FILTER-1 out

i. Verify that 10.10.3.0 is not in the routing table of D2.

D2# show ip route | inc 10.10.3.0
Step 3: Use local OSPF filtering.

A distribute list should not be used for filtering prefixes between areas. A distribute list is configured using the distribute-list {acl-number | acl-name | prefix prefix-list-name | route-map route-map-name} in router configuration command.

In this step, we will filter the 10.10.20.0/24 network from entering the R2 routing table.

a. On R2, verify that 10.10.20.0 is in the routing table.

R2# show ip route | include 10.10.20.0
O IA     10.10.20.0/24 [110/3] via 172.16.1.2, 01:32:39, GigabitEthernet0/0/1

b. Next enter an ACL called OSPF-FILTER that denies 10.10.20.0/24 from entering the R2 routing table.

R2(config)# ip access-list standard OSPF-FILTER
R2(config-std-nacl)# deny 10.10.20.0 0.0.0.255
R2(config-std-nacl)# permit any
R2(config-std-nacl)# exit

c. On R2, enter OSPF router configuration mode and assign the distribute list filter.

R2(config)# router ospf 123
R2(config-router)# distribute-list OSPF-FILTER in
R2(config-router)# end

d. Verify that 10.10.20.0 prefix is not in the routing table of R2.

R2# show ip route | include 10.10.20.0

e. Verify that the 10.10.20.0 prefix is still being propagated in the area. Verify the routing table of R1.

R1# show ip route | include 10.10.20.0
O IA    10.10.20.0/24 [110/4] via 172.16.0.1, 00:45:23, GigabitEthernet0/0/0

The 10.10.20.0/24 prefix still appears in the routing table of R1. The distribute list only filtered the route from entering the routing table on R2 but is still in the LSDB for Area 0.

Router Interface Summary Table

Router Model Ethernet Interface #1 Ethernet Interface #2 Serial Interface #1 Serial Interface #2
1800 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
1900 Gigabit Ethernet 0/0 (G0/0) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
2801 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
2811 Fast Ethernet 0/0 (F0/0) Fast Ethernet 0/1 (F0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
2900 Gigabit Ethernet 0/0 (G0/0) Gigabit Ethernet 0/1 (G0/1) Serial 0/0/0 (S0/0/0) Serial 0/0/1 (S0/0/1)
4221 Gigabit Ethernet 0/0/0 (G0/0/0) Gigabit Ethernet 0/0/1 (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)
4300 Gigabit Ethernet 0/0/0 (G0/0/0) Gigabit Ethernet 0/0/1 (G0/0/1) Serial 0/1/0 (S0/1/0) Serial 0/1/1 (S0/1/1)

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

Device Configs – Final

Router R1

R1# show run
Building configuration...


Current configuration : 1516 bytes
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating
!
multilink bundle-name authenticated
!
spanning-tree extend system-id
!
redundancy
 mode none
!
interface GigabitEthernet0/0/0
 ip address 172.16.0.2 255.255.255.252
 negotiation auto
!
interface GigabitEthernet0/0/1
 ip address 10.10.0.1 255.255.255.252
 negotiation auto
!
interface Serial0/1/0
 no ip address
!
interface Serial0/1/1
 no ip address
!
router ospf 123
 router-id 1.1.1.1
 auto-cost reference-bandwidth 1000
 area 0 filter-list prefix FILTER-1 in
 network 10.10.0.0 0.0.0.3 area 1
 network 172.16.0.0 0.0.0.3 area 0
!
ip forward-protocol nd
no ip http server
ip http secure-server
!
ip prefix-list FILTER-1 seq 5 deny 10.10.2.0/24
ip prefix-list FILTER-1 seq 10 permit 0.0.0.0/0 le 32
!
control-plane
!
banner motd ^C This is R1, OSPFv2 Route Summarization and Filtering Lab ^C
!
line con 0
 exec-timeout 0 0
 logging synchronous
 transport input none
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
!
end

Router R2

	R2# show run
Building configuration...


Current configuration : 1540 bytes
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R2
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating
!
multilink bundle-name authenticated
!
spanning-tree extend system-id
!
redundancy
 mode none
!
interface Loopback0
 ip address 209.165.200.225 255.255.255.224
!
interface GigabitEthernet0/0/0
 ip address 172.16.0.1 255.255.255.252
 negotiation auto
!
interface GigabitEthernet0/0/1
 ip address 172.16.1.1 255.255.255.252
 negotiation auto
!
router ospf 123
 router-id 2.2.2.1
 auto-cost reference-bandwidth 1000
 network 172.16.0.0 0.0.0.3 area 0
 network 172.16.1.0 0.0.0.3 area 0
 default-information originate
 distribute-list OSPF-FILTER in
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 Loopback0
!
ip access-list standard OSPF-FILTER
 deny   10.10.20.0 0.0.0.255
 permit any
!
control-plane
!
banner motd ^C This is R2, OSPFv2 Route Summarization and Filtering Lab ^C
!
line con 0
 exec-timeout 0 0
 logging synchronous
 transport input none
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
!
end

Router R3

	R3# show run
Building configuration...


Current configuration : 1608 bytes
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R3
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating
!
multilink bundle-name authenticated
!
spanning-tree extend system-id
!
redundancy
 mode none
!
interface GigabitEthernet0/0/0
 ip address 172.16.1.2 255.255.255.252
 negotiation auto
!
interface GigabitEthernet0/0/1
 ip address 10.10.4.1 255.255.255.252
 negotiation auto
!
interface Serial0/1/0
 no ip address
!
interface Serial0/1/1
 no ip address
!
router ospf 123
 router-id 3.3.3.1
 auto-cost reference-bandwidth 1000
 area 0 filter-list prefix FILTER-1 out
 area 2 range 10.10.4.0 255.255.254.0
 area 2 range 10.10.18.0 255.255.255.0 not-advertise
 network 10.10.4.0 0.0.0.3 area 2
 network 172.16.1.0 0.0.0.3 area 0
!
ip forward-protocol nd
no ip http server
ip http secure-server
!
ip prefix-list FILTER-1 seq 5 deny 10.10.3.0/24
ip prefix-list FILTER-1 seq 10 permit 0.0.0.0/0 le 32
!
control-plane
!
banner motd ^C This is R3, OSPFv2 Route Summarization and Filtering Lab ^C
!
line con 0
 exec-timeout 0 0
 logging synchronous
 transport input none
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
!
end

Switch D1

	D1# show run
Building configuration...

Current configuration : 6660 bytes
!
version 16.9
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
! Call-home is enabled by Smart-Licensing.
service call-home
no platform punt-keepalive disable-kernel-core
!
hostname D1
!
vrf definition Mgmt-vrf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
no aaa new-model
switch 1 provision ws-c3650-24ps
!
ip routing
!
no ip domain lookup
!
login on-success log
!
license boot level ipservicesk9
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
redundancy
 mode sso
!
transceiver type all
 monitoring
!
class-map match-any system-cpp-police-topology-control
  description Topology control
class-map match-any system-cpp-police-sw-forward
  description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
  description Inter FED, EWLC control, EWLC data
class-map match-any system-cpp-police-sys-data
  description Learning cache ovfl, High Rate App, Exception, EGR Exception, NFLSAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
  description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
  description L2 LVX control packets
class-map match-any system-cpp-police-forus
  description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
  description MCAST END STATION
class-map match-any system-cpp-police-multicast
  description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
  description L2 control
class-map match-any system-cpp-police-dot1x-auth
  description DOT1X Auth
class-map match-any system-cpp-police-data
  description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
  description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
  description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
  description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
  description DHCP snooping
class-map match-any system-cpp-police-system-critical
  description System Critical and Gold Pkt
!
policy-map system-cpp-policy
!
interface Loopback2
 ip address 10.10.2.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback3
 ip address 10.10.3.1 255.255.255.0
 ip ospf network point-to-point
!
interface GigabitEthernet0/0
 vrf forwarding Mgmt-vrf
 no ip address
 negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
 no switchport
 ip address 10.10.0.2 255.255.255.252
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
 no switchport
 ip address 10.10.1.1 255.255.255.0
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan1
 no ip address
!
router ospf 123
 router-id 1.1.1.2
 auto-cost reference-bandwidth 1000
 network 10.10.0.0 0.0.3.255 area 1
!
ip forward-protocol nd
ip http server
ip http secure-server
!
control-plane
 service-policy input system-cpp-policy
!
banner motd ^C This is D1, OSPFv2 Route Summarization and Filtering Lab ^C
!
line con 0
 exec-timeout 0 0
 logging synchronous
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end

Switch D2

D2# show run
Building configuration...

Current configuration : 7253 bytes
!
version 16.9
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
! Call-home is enabled by Smart-Licensing.
service call-home
no platform punt-keepalive disable-kernel-core
!
hostname D2
!
vrf definition Mgmt-vrf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
no aaa new-model
switch 1 provision ws-c3650-24ps
!
ip routing
!
no ip domain lookup
!
login on-success log
!
license boot level ipservicesk9
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
redundancy
 mode sso
!
transceiver type all
 monitoring
!
class-map match-any system-cpp-police-topology-control
  description Topology control
class-map match-any system-cpp-police-sw-forward
  description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
  description Inter FED, EWLC control, EWLC data
class-map match-any system-cpp-police-sys-data
  description Learning cache ovfl, High Rate App, Exception, EGR Exception, NFLSAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
  description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
  description L2 LVX control packets
class-map match-any system-cpp-police-forus
  description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
  description MCAST END STATION
class-map match-any system-cpp-police-multicast
  description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
  description L2 control
class-map match-any system-cpp-police-dot1x-auth
  description DOT1X Auth
class-map match-any system-cpp-police-data
  description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
  description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
  description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
  description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
  description DHCP snooping
class-map match-any system-cpp-police-system-critical
  description System Critical and Gold Pkt
!
policy-map system-cpp-policy
!
interface Loopback16
 ip address 10.10.16.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback17
 ip address 10.10.17.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback18
 ip address 10.10.18.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback19
 ip address 10.10.19.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback20
 ip address 10.10.20.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback21
 ip address 10.10.21.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback22
 ip address 10.10.22.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback23
 ip address 10.10.23.1 255.255.255.0
 ip ospf network point-to-point
!
interface GigabitEthernet0/0
 vrf forwarding Mgmt-vrf
 no ip address
 negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
 no switchport
 ip address 10.10.4.2 255.255.255.252
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
 no switchport
 ip address 10.10.5.1 255.255.255.0
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan1
 no ip address
!
router ospf 123
 router-id 3.3.3.2
 auto-cost reference-bandwidth 1000
 network 10.10.4.0 0.0.1.255 area 2
 network 10.10.16.0 0.0.7.255 area 2
!
ip forward-protocol nd
ip http server
ip http secure-server
!
control-plane
 service-policy input system-cpp-policy
!
banner motd ^C This is D2, OSPFv2 Route Summarization and Filtering Lab ^C
!
line con 0
 exec-timeout 0 0
 logging synchronous
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
end

Download 9.1.3 Lab – OSPFv2 Route Summarization and Filtering .PDF file:


Related Articles

guest
0 Comments
Inline Feedbacks
View all comments