今回はOSPFのDistribute Listについて解説します。
座学
Distribute List
OSPFにおいて、In方向でDistribute Listを使用した場合、ルーティングテーブルに投入されるOSPFルートをフィルタリング可能です。LSAの破棄やLSAに含まれるプレフィックス情報の削除などはできません。
Out方向でDistribute Listを使用した場合、OSPFに再配送されるルート情報をフィルタリング可能です。
実機での動作確認1
検証内容
R1のg2、R2のg2とg3、R3のg2~g4でOSPF Area 0を有効にします。
Network TypeにはPoint-to-Pointを使用します。
R2でIn方向でDistribute Listを設定した場合の動作を確認します。
初期設定
interface GigabitEthernet2
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
network 10.1.1.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.1.1.2 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet3
ip address 10.2.2.2 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 2.2.2.2
network 10.1.1.0 0.0.0.255 area 0
network 10.2.2.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.2.2.3 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet3
ip address 10.3.3.3 255.255.255.0
!
interface GigabitEthernet4
ip address 10.4.4.3 255.255.255.0
!
router ospf 1
router-id 3.3.3.3
network 10.2.2.0 0.0.0.255 area 0
network 10.3.3.0 0.0.0.255 area 0
network 10.4.4.0 0.0.0.255 area 0
In方向のDistribute List設定前
OSPFプロセスの状態確認
R2において、In方向のDistribute Listが設定されていないことが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
3.3.3.3 110 00:00:18
Distance: (default is 110)
LSDBの状態確認
R2が保有するR3のLSA Type 1には10.3.3.0/24と10.4.4.0/24のプレフィックス情報が存在することが確認できます。
R2
R2#show ip ospf database router adv-router 3.3.3.3
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 233
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 8000000E
Checksum: 0x771B
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.4.4.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.3.3.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 2.2.2.2
(Link Data) Router Interface address: 10.2.2.3
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
R1が保有するR3のLSA Type 1には10.3.3.0/24と10.4.4.0/24のプレフィックス情報が存在することが確認できます。
R1
R1#show ip ospf database router adv-router 3.3.3.3
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 295
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 8000000E
Checksum: 0x771B
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.4.4.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.3.3.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 2.2.2.2
(Link Data) Router Interface address: 10.2.2.3
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
SPFの計算結果の確認
R2はOSPF経由で10.3.3.0/24と10.4.4.0を学習しており、かつ、10.3.3.0/24と10.4.4.0/24の両方をルーティングテーブルに投入していることが確認できます。
R2
R2#show ip ospf rib
OSPF Router with ID (2.2.2.2) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.2, GigabitEthernet2
* 10.2.2.0/24, Intra, cost 1, area 0, Connected
via 10.2.2.2, GigabitEthernet3
*> 10.3.3.0/24, Intra, cost 2, area 0
via 10.2.2.3, GigabitEthernet3
*> 10.4.4.0/24, Intra, cost 2, area 0
via 10.2.2.3, GigabitEthernet3
ルーティングテーブルの確認
R2のルーティングテーブルに10.3.3.0/24と10.4.4.0/24が投入されていることが確認できます。
R2
R2#show ip route ospf
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
O 10.3.3.0/24 [110/2] via 10.2.2.3, 00:05:19, GigabitEthernet3
O 10.4.4.0/24 [110/2] via 10.2.2.3, 00:05:12, GigabitEthernet3
R1のルーティングテーブルに10.3.3.0/24と10.4.4.0/24が投入されていることが確認できます。
R1
R1#show ip route ospf
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.2.2.0/24 [110/2] via 10.1.1.2, 00:06:32, GigabitEthernet2
O 10.3.3.0/24 [110/3] via 10.1.1.2, 00:05:59, GigabitEthernet2
O 10.4.4.0/24 [110/3] via 10.1.1.2, 00:05:52, GigabitEthernet2
疎通確認
R1の10.1.1.1からR3の10.3.3.3と10.4.4.3へのPingが成功することが確認できます。
R1
R1#ping 10.3.3.3 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R1#ping 10.4.4.3 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.4.4.3, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
In方向のDistribute List設定後
R2においてIn方向でDistribute Listを設定し、OSPFで学習したルート情報の中で10.3.3.0/24のみルーティングテーブルに投入します。
追加した設定
In方向のDistribute Listはdistribute-list prefix-list <prefix-list-name> in [ <if> ]コマンドで設定可能です。インタフェースを省略した場合、全てのインタフェースに対してIn方向のDistribute Listが適用されます。
R2
router ospf 1
distribute-list prefix OSPF_PREFIX_LIST in
!
ip prefix-list OSPF_PREFIX_LIST seq 5 permit 10.3.3.0/24
OSPFプロセスの状態確認
R2において、In方向のDistribute Listが設定されていることが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is (prefix-list) OSPF_PREFIX_LIST
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
3.3.3.3 110 00:00:18
Distance: (default is 110)
LSDBの状態確認
R2が保有するR3のLSA Type 1には10.3.3.0/24と10.4.4.0/24のプレフィックス情報が存在することが確認できます。
R2
R2#show ip ospf database router adv-router 3.3.3.3
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 233
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 8000000E
Checksum: 0x771B
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.4.4.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.3.3.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 2.2.2.2
(Link Data) Router Interface address: 10.2.2.3
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
R1が保有するR3のLSA Type 1には10.3.3.0/24と10.4.4.0/24のプレフィックス情報が存在することが確認できます。これより、In方向のDistribute Listでは、LSAからプレフィックス情報が削除されないことが確認できます。
R1
R1#show ip ospf database router adv-router 3.3.3.3
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
LS age: 295
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 3.3.3.3
Advertising Router: 3.3.3.3
LS Seq Number: 8000000E
Checksum: 0x771B
Length: 72
Number of Links: 4
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.4.4.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.3.3.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 2.2.2.2
(Link Data) Router Interface address: 10.2.2.3
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of MTID metrics: 0
TOS 0 Metrics: 1
SPFの計算結果の確認
R2はOSPF経由で10.3.3.0/24と10.4.4.0を学習していますが、10.3.3.0/24のみルーティングテーブルに投入していることが確認できます。
R2
R2#show ip ospf rib
OSPF Router with ID (2.2.2.2) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.2, GigabitEthernet2
* 10.2.2.0/24, Intra, cost 1, area 0, Connected
via 10.2.2.2, GigabitEthernet3
*> 10.3.3.0/24, Intra, cost 2, area 0
via 10.2.2.3, GigabitEthernet3
* 10.4.4.0/24, Intra, cost 2, area 0
via 10.2.2.3, GigabitEthernet3
ルーティングテーブルの確認
R2のルーティングテーブルに10.3.3.0/24のみ投入され、10.4.4.0/24は投入されてないことが確認できます。
R2
R2#show ip route ospf
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.3.3.0/24 [110/2] via 10.2.2.3, 00:05:19, GigabitEthernet3
R1のルーティングテーブルに10.3.3.0/24と10.4.4.0/24が投入されていることが確認できます。
R1
R1#show ip route ospf
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
O 10.2.2.0/24 [110/2] via 10.1.1.2, 00:06:32, GigabitEthernet2
O 10.3.3.0/24 [110/3] via 10.1.1.2, 00:05:59, GigabitEthernet2
O 10.4.4.0/24 [110/3] via 10.1.1.2, 00:05:52, GigabitEthernet2
疎通確認
R1の10.1.1.1からR3の10.3.3.3へのPingは成功し、10.4.4.3へのPingが失敗することが確認できます。
R1
R1#ping 10.3.3.3 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R1#ping 10.4.4.3 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.4.4.3, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
U.U.U
Success rate is 0 percent (0/5)
実機での動作確認2
検証内容
R1のg2、R2のg2でOSPF Area 0を有効にします。
R1のg2、R2のg2のNetwork TypeにはPoint-to-Pointを使用します。
R2でOSPFに対してConnected Routeを再配送する際、Route Mapを使用して180.1.1.0/24のみをOSPFに再配送します。
R2でOut方向でDistribute Listを設定した場合の動作を確認します。
初期設定
interface GigabitEthernet2
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
router ospf 1
router-id 1.1.1.1
network 10.1.1.0 0.0.0.255 area 0
interface GigabitEthernet2
ip address 10.1.1.2 255.255.255.0
ip ospf network point-to-point
!
interface GigabitEthernet3
ip address 180.1.1.2 255.255.255.0
!
interface GigabitEthernet4
ip address 180.2.2.2 255.255.255.0
!
router ospf 1
router-id 2.2.2.2
redistribute connected subnets
network 10.1.1.0 0.0.0.255 area 0
Out方向のDistribute List設定前
OSPFプロセスの状態確認
R2において、Out方向のDistribute Listが設定されていないことが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
3.3.3.3 110 00:00:18
Distance: (default is 110)
LSDBの状態確認
R2は180.1.1.0/24と180.2.2.0/24を格納したLSA Type 5を生成していることが確認できます。
R2
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1809 0x80000016 0x00B52F 2
2.2.2.2 2.2.2.2 74 0x8000001C 0x004F88 2
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
180.1.1.0 2.2.2.2 70 0x80000003 0x00637C 0
180.2.2.0 2.2.2.2 70 0x80000003 0x004C91 0
SPFの計算結果の確認
R1はOSPF経由で180.1.1.0/24と180.2.2.0を学習していることが確認できます。
R1
R1#show ip ospf rib
OSPF Router with ID (1.1.1.1) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.1, GigabitEthernet2
*> 180.1.1.0/24, Ext2, cost 20, fwd cost 1, tag 0
via 10.1.1.2, GigabitEthernet2
*> 180.2.2.0/24, Ext2, cost 20, fwd cost 1, tag 0
via 10.1.1.2, GigabitEthernet2
ルーティングテーブルの確認
R1のルーティングテーブルに180.1.1.0/24と180.2.2.0/24が存在していることが確認できます。
R1
R1#show ip route ospf
180.1.0.0/24 is subnetted, 1 subnets
O E2 180.1.1.0 [110/20] via 10.1.1.2, 00:01:59, GigabitEthernet2
180.2.0.0/24 is subnetted, 1 subnets
O E2 180.2.2.0 [110/20] via 10.1.1.2, 00:01:59, GigabitEthernet2
疎通確認
R1の10.1.1.1からR2の180.1.1.2と180.2.2.2へのPingが成功することが確認できます。
R1
R1#ping 180.1.1.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R1#ping 180.2.2.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Out方向のDistribute List設定後
R2においてOut方向でDistribute Listを設定し、OSPFに10.3.3.0/24のみ再配送します。
追加した設定
Out方向のDistribute Listはdistribute-list prefix-list <prefix-list-name> outコマンドで設定可能です。
R2
router ospf 1
distribute-list prefix OSPF_PREFIX_LIST out
!
ip prefix-list OSPF_PREFIX_LIST seq 5 permit 180.1.1.0/24
OSPFプロセスの状態確認
R2において、Out方向のDistribute Listが設定されていることが確認できます。
R2
R2#show ip protocols
*** IP Routing is NSF aware ***
Routing Protocol is "application"
Sending updates every 0 seconds
Invalid after 0 seconds, hold down 0, flushed after 0
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Maximum path: 32
Routing for Networks:
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 4)
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is (prefix-list) OSPF_PREFIX_LIST
Incoming update filter list for all interfaces is not set
Router ID 2.2.2.2
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
10.1.1.0 0.0.0.255 area 0
10.2.2.0 0.0.0.255 area 0
Routing Information Sources:
Gateway Distance Last Update
3.3.3.3 110 00:00:18
Distance: (default is 110)
LSDBの状態確認
R2は180.1.1.0/24を格納したLSA Type 5のみ生成していることが確認できます。
R2
R2#show ip ospf database
OSPF Router with ID (2.2.2.2) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
1.1.1.1 1.1.1.1 1809 0x80000016 0x00B52F 2
2.2.2.2 2.2.2.2 74 0x8000001C 0x004F88 2
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
180.1.1.0 2.2.2.2 70 0x80000003 0x00637C 0
SPFの計算結果の確認
R1はOSPF経由で180.2.2.0を学習していないことが確認できます。
R1
R1#show ip ospf rib
OSPF Router with ID (1.1.1.1) (Process ID 1)
Base Topology (MTID 0)
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
* 10.1.1.0/24, Intra, cost 1, area 0, Connected
via 10.1.1.1, GigabitEthernet2
*> 180.1.1.0/24, Ext2, cost 20, fwd cost 1, tag 0
via 10.1.1.2, GigabitEthernet2
ルーティングテーブルの確認
R1のルーティングテーブルから180.2.2.0/24が消失したことが確認できます。
R1
R1#show ip route ospf
180.1.0.0/24 is subnetted, 1 subnets
O E2 180.1.1.0 [110/20] via 10.1.1.2, 00:01:59, GigabitEthernet2
疎通確認
R1の10.1.1.1からR2の180.1.1.2へのPingは成功し、180.2.2.2へのPingは失敗することが確認できます。
R1
R1#ping 180.1.1.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.1.1.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R1#ping 180.2.2.2 source 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 180.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.1
.....
Success rate is 0 percent (0/5)
コメント