how to filterout private ip ranges

Martin Kraus martin.kraus at wujiman.net
Thu Jul 2 22:29:19 CEST 2009


hi. I'm trying to filter out  private ip ranges from ospf. I've defined filter:

filter privateip  
{
        if net ~ [ 192.168.0.0/16+, 10.0.0.0/8+, 172.16.0.0/12+ ] then reject;
        accept;
} 

and used in ospf protocol configuration:

export filter privateip;

in birdc using:

show route filter privateip 

on this router shows only public ip prefixes. however on the neighbouring router I
still get the private routes:

10.128.1.0/24      dev tap_infonet [ospf1 22:20] I (150/10)
172.29.201.0/24    via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.16.7.0/24      via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.23.0.128/25    via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.16.30.0/24     via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)
172.23.4.128/25    via 10.128.1.1 on tap_infonet [ospf1 22:21] I (150/20)

ospf export filter filters out some of the private prefixes, but not all.

what bothers me is that using show route with the defined filter works right.
is there something I'm doing wrong?

thanks
mk



More information about the Bird-users mailing list