0

When setting up an ospf instance, in-filter and out-filter allow us to control which filter chains will be used to decide what routes get added to the routing table, propagated without adding them to the routing table, dropped, or logged. But with IPv6 and ospf-v3, the option is not accepted.

Does this mean one cannot filter OSPF-v3 routes? We do not want to publish every single route on every connected link? Because if so we cannot use OSPF-v3; some interfaces have multiple addresses, some of which we need to route in IGP and some of which will ruin our virtual circuit GRE tunnels or violate IXP policies.

Improve this question

1 Answer 1

Reset to default
0

Yes. According to the documentation, the default filter chains for OSPF are ospf-in and ospf-out. Even though OSPF-V3 instances do not let you set the input and output filters, it uses these filters (at least, it does in v6.48.1) and you cannot turn them off. The documentation does not mention that these filters are used for OSPF-v3 as well as OSPF, but they are; in RouterOS v7 the menu names will even be the same.

It's a good idea to use different, non-default filter names for any OSPF-v2 instances in this case.

If OSPF-V3 appears not to work for no apparent reason, it is likely necessary to add an accept rule for the relevant prefixes, e.g.

/routing filter add chain=ospf-in prefix=2002:1234::/48 prefix-length=48-64 action=accept

In RouterOS v7, apparently this will be a supported feature and it will be possible to adjust the filter names per instance.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .