how to filterout private ip ranges
Martin Kraus
martin.kraus at wujiman.net
Thu Jul 2 22:29:19 CEST 2009
hi. I'm trying to filter out private ip ranges from ospf. I've defined filter:
filter privateip
{
if net ~ [ 192.168.0.0/16+, 10.0.0.0/8+, 172.16.0.0/12+ ] then reject;
accept;
}
and used in ospf protocol configuration:
export filter privateip;
in birdc using:
show route filter privateip
on this router shows only public ip prefixes. however on the neighbouring router I
still get the private routes:
10.128.1.0/24 dev tap_infonet [ospf1 22:20] I (150/10)
172.29.201.0/24 via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.16.7.0/24 via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.23.0.128/25 via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.16.30.0/24 via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.23.4.128/25 via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
ospf export filter filters out some of the private prefixes, but not all.
what bothers me is that using show route with the defined filter works right.
is there something I'm doing wrong?
thanks
mk
More information about the Bird-users
mailing list