1 00:00:00,000 --> 00:00:02,892 [MUSIC PLAYING] 2 00:00:02,892 --> 00:00:08,200 3 00:00:08,200 --> 00:00:12,340 Hello, and welcome to Explaining Route Filtering. 4 00:00:12,340 --> 00:00:15,550 In this skill, we're going to be jumping in and looking 5 00:00:15,550 --> 00:00:19,000 at how to filter routes out of our routing table, 6 00:00:19,000 --> 00:00:24,130 particularly with OSPF and ISIS. 7 00:00:24,130 --> 00:00:27,130 Now, we spend most of our time in routing, 8 00:00:27,130 --> 00:00:30,220 trying to get routes into our routing table. 9 00:00:30,220 --> 00:00:33,580 So to a certain extent, this is a little bit 10 00:00:33,580 --> 00:00:37,030 intuitive to what we usually do with routing. 11 00:00:37,030 --> 00:00:39,860 However, there are several reasons 12 00:00:39,860 --> 00:00:42,160 we may want to filter out routes that we 13 00:00:42,160 --> 00:00:45,430 are learning through our dynamic routing protocols. 14 00:00:45,430 --> 00:00:49,310 One of those reasons could possibly be for security. 15 00:00:49,310 --> 00:00:54,550 Now, that would most likely be a situation involving BGP. 16 00:00:54,550 --> 00:00:56,500 Hopefully we're not going to be getting routes 17 00:00:56,500 --> 00:01:00,170 from our IGP that's causing us a security issue. 18 00:01:00,170 --> 00:01:02,110 But it is still a possibility. 19 00:01:02,110 --> 00:01:05,110 So we should be aware of how to filter that. 20 00:01:05,110 --> 00:01:07,900 Oftentimes, the more common reason 21 00:01:07,900 --> 00:01:11,360 is to do this to influence path selection. 22 00:01:11,360 --> 00:01:14,530 Now, we can usually influence path selection simply 23 00:01:14,530 --> 00:01:17,660 by changing a metric, or something along those lines. 24 00:01:17,660 --> 00:01:19,900 But maybe this is between something 25 00:01:19,900 --> 00:01:22,060 like business partners, and maybe we 26 00:01:22,060 --> 00:01:23,710 don't want to get to certain subnets, 27 00:01:23,710 --> 00:01:25,450 or we don't want certain of their subnets 28 00:01:25,450 --> 00:01:28,370 to be able to get to us through a certain path. 29 00:01:28,370 --> 00:01:32,597 So if we want a redundant path, of course we would use metrics. 30 00:01:32,597 --> 00:01:34,180 But if we don't want to be able to get 31 00:01:34,180 --> 00:01:37,630 to a certain destination at all, or that destination 32 00:01:37,630 --> 00:01:41,200 to be able to get to us at all, then route filtering 33 00:01:41,200 --> 00:01:43,010 becomes the way to do that. 34 00:01:43,010 --> 00:01:47,350 So in this skill, we're going to be focusing on IGP route 35 00:01:47,350 --> 00:01:50,350 filtering, and we're going to be focusing on the building 36 00:01:50,350 --> 00:01:52,660 blocks of that filtering. 37 00:01:52,660 --> 00:01:58,090 What I mean by that is access lists and prefix lists. 38 00:01:58,090 --> 00:02:01,090 Now, access lists, in all honesty, 39 00:02:01,090 --> 00:02:02,740 aren't used that often. 40 00:02:02,740 --> 00:02:04,960 They do have some drawbacks when it 41 00:02:04,960 --> 00:02:06,730 comes to doing route filtering. 42 00:02:06,730 --> 00:02:09,160 They're not necessarily the best tool. 43 00:02:09,160 --> 00:02:12,250 However, they can be used, and they 44 00:02:12,250 --> 00:02:15,940 do have one little corner case where 45 00:02:15,940 --> 00:02:17,420 they sort of have an advantage. 46 00:02:17,420 --> 00:02:19,420 And we'll talk about that. 47 00:02:19,420 --> 00:02:25,180 Now, prefix lists are created to make up those shortcomings 48 00:02:25,180 --> 00:02:27,250 that we have in ACL. 49 00:02:27,250 --> 00:02:30,490 So our main focus will be on prefix lists. 50 00:02:30,490 --> 00:02:34,210 And as we get into more advanced filtering that we 51 00:02:34,210 --> 00:02:36,910 will do in future skills, these are 52 00:02:36,910 --> 00:02:38,950 going to be the building blocks that we're 53 00:02:38,950 --> 00:02:42,220 going to be using in other route filtering options, 54 00:02:42,220 --> 00:02:47,260 such as routing policy language and route maps that we 55 00:02:47,260 --> 00:02:50,260 have in IOS XE and IOS XR. 56 00:02:50,260 --> 00:02:52,460 So this is a good place to start. 57 00:02:52,460 --> 00:02:55,780 Even though we may not use access lists or prefix 58 00:02:55,780 --> 00:02:59,780 lists by themselves, like we'll be doing in this skill, 59 00:02:59,780 --> 00:03:02,560 we'll still use them in conjunction 60 00:03:02,560 --> 00:03:04,610 with some of those more advanced features. 61 00:03:04,610 --> 00:03:07,750 So either way, we need to know these building blocks , 62 00:03:07,750 --> 00:03:10,760 even before we move into the more advanced filtering. 63 00:03:10,760 --> 00:03:14,237 So that said, we have a lot of cool stuff to cover. 64 00:03:14,237 --> 00:03:16,570 We're of course, going to look at how these things work, 65 00:03:16,570 --> 00:03:19,130 jump into the command line and see some examples. 66 00:03:19,130 --> 00:03:20,750 So we're going to have a lot of fun. 67 00:03:20,750 --> 00:03:25,320 Join me in the next video, and I'll see you there. 68 00:03:25,320 --> 00:03:29,000