Hello,
I’d check the databases on both sides.
And flush/reload the config and fibs.
Then check again which link state advertisements are in the database.
To make sure you now get the /32 advertised.
Sent from my iPhone
> On 5 Feb 2023, at 21:15, Radek wrote:
>
> Hello Diederik, hello Tom,
> this is a simple lab/testing configuration, that's why there is no "passive"
> and other...
> The purpose of this configuration is to allow access to certain IP address
> and restrict access to the rest of the subnet.
> I can use PF to block/pass what I need... but I'm trying make sure if I can
> do it by announcing "not more than needed" over OSPF.
>
> "redistribute 10.1.111.11/32" seems to be what I need, but probally I missed
> something, because this option doesn't work for me as expected.
>
> $ cat /etc/ospfd.conf
> router-id 10.109.3.15
> redistribute 10.1.111.11/32
>
> area 0.0.0.0 {
>interface vr0
>interface vr3
> }
>
> Then, I can still see/ping other IPs in 10.1.111.0/24 from the far end
> network.
>
> On the far router I can see the whole subnet instead of somthing like " *O
>32 10.1.111.11/2410.109.3.15".
>
> $ ospfctl show fib
> flags: * = valid, O = OSPF, C = Connected, S = Static
> Flags Prio Destination Nexthop
> *S8 0.0.0.0/010.109.3.254
> *O 32 10.1.111.0/2410.109.3.15
>
> Any clues?
>
>> On Sat, 4 Feb 2023 23:16:57 +
>> Tom Smyth wrote:
>>
>> Hi Radek,
>>
>> it is better practice to add ospf network statements to ospfd.conf
>> (if you dont want to send / recieve ospf messages on an interface set the
>> interface to passive in ospfd.conf
>> avoid redistribute connected
>> (add the network you want to be added to your ospf network) and leave the
>> other network ommitted from your ospfd.conf
>>
>>
>> I hope this helps,
>>
>>
>>> On Sat, 4 Feb 2023 at 20:02, Radek wrote:
>>>
>>> Hello,
>>> is it possible to announce over OSPF only one (or a few specific) IP
>>> address instead of the whole subnet?
>>> If yes.. an ospfd.conf example would be appreciated.
>>>
>>> $ cat /etc/hostname.vr3
>>> inet 10.1.111.1 255.255.255.0
>>>
>>> $ cat /etc/ospfd.conf
>>> router-id 10.109.3.15
>>> redistribute connected
>>>
>>> area 0.0.0.0 {
>>>interface vr0
>>>interface vr3
>>> }
>>>
>>> Thanks,
>>> Radek
>>>
>>>
>>
>> --
>> Kindest regards,
>> Tom Smyth.
>
>
> Radek
>
