OSPF prefix suppression is a feature that hides all IP prefixes of OSPF interfaces connected to OSPF nodes. This way the routing tables become shorter, the OSPF convergence process gets faster, and network security increases since attacks on transit networks decrease.
In this post, you will learn how the OSPF prefix suppression feature works, and how to configure it on Cisco IOS.
What is Transit-Only Network in OSPF?
The core concept behind OSPF prefix suppression is the transit-only network, which is a network segment connecting OSPF-enabled routers only.
Figure 1 – Network topology of an OSPF routing domain
For example, network segments connecting routers R1, R2, R3, R4, R5, R6, and R7 are transit-only; they carry OSPF traffic only and there is no data traffic generated in those networks.
What is OSPF Prefix Suppression Work?
OSPF prefix suppression is a feature used to hide IP prefixes of transit-only networks in order to save space in routing tables, decrease the number of Link State Advertisements (LSA) exchanged on the network, speed up network convergence, and get rid of remote attacks.
Most OSPF neighbor communications occur per physical network segment and don’t require passing through OSPF nodes except for virtual links. In addition, to route traffic to a destination network, each OSPF node needs to know the next-hop router’s IP address, which is always reachable because it is on one of the router’s connected networks. As a result, routers in an OSPF domain don’t need to install every transit-only network in their routing table in order to redirect data traffic.
In fact, network routers can redirect IP packets exchanged between subnets 10.0.61.0/24, 10.0.62.0/24, 10.0.63.0/24, 10.0.71.0/24, 10.0.72.0/24, and 10.0.73.0/24 without having to install all transit-only subnets.
Moreover, if a hacker forms an OSPF relationship with router R6 or R7, they cannot launch remote attacks toward transit-only networks because R6 and R7 cannot route traffic to them, as you can see in the following show ip route ospf command outputs.
Router R6
R6# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks O 10.0.71.0/24 [110/5] via 10.0.46.4, 00:01:55, GigabitEthernet0/4 [110/5] via 10.0.16.1, 00:02:15, GigabitEthernet0/1 O 10.0.72.0/24 [110/5] via 10.0.46.4, 00:01:55, GigabitEthernet0/4 [110/5] via 10.0.16.1, 00:02:15, GigabitEthernet0/1 O 10.0.73.0/24 [110/5] via 10.0.46.4, 00:01:55, GigabitEthernet0/4 [110/5] via 10.0.16.1, 00:02:15, GigabitEthernet0/1
Router R7
R7# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks O 10.0.61.0/24 [110/5] via 10.0.37.3, 00:01:58, GigabitEthernet0/3 [110/5] via 10.0.27.2, 00:01:58, GigabitEthernet0/2 O 10.0.62.0/24 [110/5] via 10.0.37.3, 00:01:58, GigabitEthernet0/3 [110/5] via 10.0.27.2, 00:01:58, GigabitEthernet0/2 O 10.0.63.0/24 [110/5] via 10.0.37.3, 00:01:58, GigabitEthernet0/3 [110/5] via 10.0.27.2, 00:01:58, GigabitEthernet0/2
Finally, OSPF prefix suppression reduces the size of the routing tables and thus speeds up network convergence.
How Does OSPF Prefix Suppression Work?
The behavior of the OSPF prefix suppression varies from one OSPF network type to another. To demonstrate that, I will use the following network diagram in the rest of this guide.
Figure 2 – Network topology of our OSPF routing domain
Here are the links to download the initial router configurations.
Router R1 | Router R2 | Router R3 | Router R4 |
Point-to-Point Links
First, we set the OSPF network type of the link between routers R1 and R4 to point-to-point.
Router R1
R1(config)# interface gigabitEthernet 0/4
R1(config-if)# ip ospf network point-to-point
Router R4
R4(config)# interface gigabitEthernet 0/1
R4(config-if)# ip ospf network point-to-point
For point-to-point interfaces, OSPF produces two link entries. The first entry is called Type 1 link (point-to-point); it is used for SPF calculation and describes the neighboring router if it does exist, as shown in the next example.
Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.14.1 Number of MTID metrics: 0 TOS 0 Metrics: 1
The second entry is called Type 3 link (stub); OSPF uses it to install the subnet’s corresponding route in the routing table and describes the interface’s subnet IP address and mask, as illustrated in the following example.
Link connected to: a Stub Network (Link ID) Network/subnet number: 10.0.14.0 (Link Data) Network Mask: 255.255.255.0 Number of MTID metrics: 0 TOS 0 Metrics: 1
When OSPF prefix suppression is enabled on a point-to-point interface, OSPF removes the Type 3 link from the originated router LSA.
We enable OSPF prefix suppression on R1’s GigabitEthernet 0/4 and R4’s GigabitEthernet 0/1 interfaces using the ip ospf prefix-suppression command.
Router R1
R1(config)# interface gigabitEthernet 0/4
R1(config-if)# ip ospf prefix-suppression
Router R4
R4(config)# interface gigabitEthernet 0/1
R4(config-if)# ip ospf prefix-suppression
The show ip ospf database router command output states that R1 stops including the Type 3 link for subnet 10.0.14.0/24 in its router LSA.
R1# show ip ospf database router 1.1.1.1
OSPF Router with ID (1.1.1.1) (Process ID 1)
Router Link States (Area 0)
LS age: 18
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 1.1.1.1
Advertising Router: 1.1.1.1
LS Seq Number: 80000005
Checksum: 0xCE07
Length: 48
Number of Links: 2
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 4.4.4.4
(Link Data) Router Interface address: 10.0.14.1
Number of MTID metrics: 0
TOS 0 Metrics: 1
Link connected to: a Transit Network
(Link ID) Designated Router address: 10.0.0.4
(Link Data) Router Interface address: 10.0.0.1
Number of MTID metrics: 0
TOS 0 Metrics: 1
Likewise, router R4 no longer includes the Type 3 link for interface GigabitEthernet 0/1.
R4# show ip ospf database router 4.4.4.4
OSPF Router with ID (4.4.4.4) (Process ID 1)
Router Link States (Area 0)
LS age: 4
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 4.4.4.4
Advertising Router: 4.4.4.4
LS Seq Number: 8000000B
Checksum: 0xE873
Length: 84
Number of Links: 5
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 1.1.1.1
(Link Data) Router Interface address: 10.0.14.4
Number of MTID metrics: 0
TOS 0 Metrics: 1
omitted output
Point-to-Multipoint Links
The behavior of OSPF prefix suppression is the same whether the point-to-multipoint link support layer 2 broadcasts or not. Before continuing, we set the OSPF network type of interfaces in subnet 10.0.0.0/24 to point-to-multipoint.
Router R1
R1(config)# interface gigabitEthernet 0/0
R1(config-if)# ip ospf network point-to-multipoint
Router R2
R2(config)# interface gigabitEthernet 0/0
R2(config-if)# ip ospf network point-to-multipoint
Router R3
R3(config)# interface gigabitEthernet 0/0
R3(config-if)# ip ospf network point-to-multipoint
Router R4
R4(config)# interface gigabitEthernet 0/0
R4(config-if)# ip ospf network point-to-multipoint
On point-to-multipoint links, OSPF creates one Type 1 link entry for each full OSPF adjacent neighbor, and one Type 3 link entry for the underlying interface’s IP address that it associated with a subnet mask of /32.
R1# show ip ospf database router 1.1.1.1 OSPF Router with ID (1.1.1.1) (Process ID 1) Router Link States (Area 0) LS age: 1456 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 1.1.1.1 Advertising Router: 1.1.1.1 LS Seq Number: 80000009 Checksum: 0x204D Length: 84 Number of Links: 5 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.14.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 3.3.3.3 (Link Data) Router Interface address: 10.0.0.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 2.2.2.2 (Link Data) Router Interface address: 10.0.0.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.0.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: a Stub Network (Link ID) Network/subnet number: 10.0.0.1 (Link Data) Network Mask: 255.255.255.255 Number of MTID metrics: 0 TOS 0 Metrics: 0
Similar to point-to-point links, when OSPF prefix suppression is enabled on a point-to-multipoint interface, OSPF omits the Type 3 link in the originated router LSA.
We enable OSPF prefix suppression on the GigabitEthernet 0/0 interfaces of R1, R2, R3, and R4 using the ip ospf prefix-suppression command.
Router R1
R1(config)# interface gigabitEthernet 0/0
R1(config-if)# ip ospf prefix-suppression
Router R2
R2(config)# interface gigabitEthernet 0/0
R2(config-if)# ip ospf prefix-suppression
Router R3
R3(config)# interface gigabitEthernet 0/0
R3(config-if)# ip ospf prefix-suppression
Router R4
R4(config)# interface gigabitEthernet 0/0
R4(config-if)# ip ospf prefix-suppression
The show ip ospf database router command output states the routers stop including the Type 3 links (stub networks) for IP address 10.0.0.1/32, 10.0.0.2/32, 10.0.0.3/32, and 10.0.0.4/32 in their router LSA.
R1# show ip ospf database router OSPF Router with ID (1.1.1.1) (Process ID 1) Router Link States (Area 0) LS age: 144 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 1.1.1.1 Advertising Router: 1.1.1.1 LS Seq Number: 8000000B Checksum: 0xDDA8 Length: 72 Number of Links: 4 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.14.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 3.3.3.3 (Link Data) Router Interface address: 10.0.0.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 2.2.2.2 (Link Data) Router Interface address: 10.0.0.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.0.1 Number of MTID metrics: 0 TOS 0 Metrics: 1 LS age: 139 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 2.2.2.2 Advertising Router: 2.2.2.2 LS Seq Number: 80000009 Checksum: 0xFAA Length: 60 Number of Links: 3 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 3.3.3.3 (Link Data) Router Interface address: 10.0.0.2 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 1.1.1.1 (Link Data) Router Interface address: 10.0.0.2 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.0.2 Number of MTID metrics: 0 TOS 0 Metrics: 1 LS age: 131 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 3.3.3.3 Advertising Router: 3.3.3.3 LS Seq Number: 80000009 Checksum: 0x2E84 Length: 60 Number of Links: 3 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 4.4.4.4 (Link Data) Router Interface address: 10.0.0.3 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 1.1.1.1 (Link Data) Router Interface address: 10.0.0.3 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 2.2.2.2 (Link Data) Router Interface address: 10.0.0.3 Number of MTID metrics: 0 TOS 0 Metrics: 1 LS age: 124 Options: (No TOS-capability, DC) LS Type: Router Links Link State ID: 4.4.4.4 Advertising Router: 4.4.4.4 LS Seq Number: 8000000D Checksum: 0xF780 Length: 72 Number of Links: 4 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 1.1.1.1 (Link Data) Router Interface address: 10.0.14.4 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 3.3.3.3 (Link Data) Router Interface address: 10.0.0.4 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 2.2.2.2 (Link Data) Router Interface address: 10.0.0.4 Number of MTID metrics: 0 TOS 0 Metrics: 1 Link connected to: another Router (point-to-point) (Link ID) Neighboring Router ID: 1.1.1.1 (Link Data) Router Interface address: 10.0.0.4 Number of MTID metrics: 0 TOS 0 Metrics: 1
Broadcast and Non-Broadcast Multi-Access Links
We reset the OSPF network type of the GigabitEthernet0/0 interfaces in subnet 10.0.0.0/24 to the default one, which is broadcast.
Router R1
R1(config)# interface gigabitEthernet 0/0
R1(config-if)# no ip ospf network point-to-multipoint
Router R2
R2(config)# interface gigabitEthernet 0/0 R2(config-if)# no ip ospf network point-to-multipoint
Router R3
R3(config)# interface gigabitEthernet 0/0 R3(config-if)# no ip ospf network point-to-multipoint
Router R4
R4(config)# interface gigabitEthernet 0/0 R4(config-if)# no ip ospf network point-to-multipoint
On a broadcast or non-broadcast link, the DR generates a network LSA for the link and advertises /32 as the subnet mask of the associated subnet in order to hide the transit-only network, as shown in the following the show ip ospf database network command output.
R4# show ip ospf database network OSPF Router with ID (4.4.4.4) (Process ID 1) Net Link States (Area 0) LS age: 80 Options: (No TOS-capability, DC) LS Type: Network Links Link State ID: 10.0.0.4 (address of Designated Router) Advertising Router: 4.4.4.4 LS Seq Number: 80000001 Checksum: 0xC229 Length: 40 Network Mask: /32 Attached Router: 4.4.4.4 Attached Router: 1.1.1.1 Attached Router: 2.2.2.2 Attached Router: 3.3.3.3
OSPF Prefix Suppression Configuration
Configuring OSPF Prefix Suppression on Cisco IOS
Cisco IOS allows enabling OSPF prefix suppression globally for an entire OSPF process or on a per-interface basis.
In this section, I will be using this network topology.
The following table states the IP address of each router interface.
Router | Interface | IP Address |
R1 | GigabitEthernet 0/4 | 10.0.14.1/24 |
GigabitEthernet 0/5 | 10.0.15.1/24 | |
GigabitEthernet 0/7 | 10.0.17.1/24 | |
R2 | GigabitEthernet 0/3 | 10.0.23.2/24 |
GigabitEthernet 0/5 | 10.0.25.2/24 | |
GigabitEthernet 0/7 | 10.0.27.2/24 | |
R3 | GigabitEthernet 0/2 | 10.0.23.3/24 |
GigabitEthernet 0/5 | 10.0.35.3/24 | |
GigabitEthernet 0/6 | 10.0.36.3/24 | |
R4 | GigabitEthernet 0/1 | 10.0.14.4/24 |
GigabitEthernet 0/5 | 10.0.45.4/24 | |
GigabitEthernet 0/6 | 10.0.46.4/24 | |
R5 | GigabitEthernet 0/1 | 10.0.15.5/24 |
GigabitEthernet 0/2 | 10.0.25.5/24 | |
GigabitEthernet 0/3 | 10.0.35.5/24 | |
GigabitEthernet 0/4 | 10.0.45.5/24 | |
R6 | GigabitEthernet 0/3 | 10.0.36.6/24 |
GigabitEthernet 0/4 | 10.0.46.6/24 | |
Loopback 0 | 10.0.61.6/24 | |
Loopback 1 | 10.0.62.6/24 | |
Loopback 2 | 10.0.63.6/24 | |
R7 | GigabitEthernet 0/1 | 10.0.17.7/24 |
GigabitEthernet 0/2 | 10.0.27.7/24 | |
Loopback 0 | 10.0.71.7/24 | |
Loopback 1 | 10.0.72.7/24 | |
Loopback 2 | 10.0.73.7/24 |
Here are the links to download the initial configurations of the routers.
Router R1 | Router R2 | Router R3 | Router R4 |
Router R5 | Router R6 | Router R7 |
Cisco IOS prefix-suppression Command
The prefix-suppression command stops an Open Shortest Path First (OSPF) process from announcing IP prefixes configured on all OSPF-enabled interfaces except secondary IP addresses, and IP prefixes used on loopback and passive interfaces.
The prefix-suppression command is useful if OSPF should hide all prefixes. For example, it is more convenient to apply the command to routers R1, R2, R3, R4, and R5, in Figure 1, rather than enabling OSPF prefix suppression on each OSPF-enabled interface.
The following example globally suppresses all IP prefixes except secondary IP addresses and prefixes attached to loopback and passive interfaces on routers R1, R2, R3, R4, R5, R6, and R7.
Router R1
R1(config)# router ospf 1
R1(config-router)# prefix-suppression
Router R2
R2(config)# router ospf 1
R2(config-router)# prefix-suppression
Router R3
R3(config)# router ospf 1
R3(config-router)# prefix-suppression
Router R4
R4(config)# router ospf 1
R4(config-router)# prefix-suppression
Router R5
R5(config)# router ospf 1
R5(config-router)# prefix-suppression
Router R6
R6(config)# router ospf 1
R6(config-router)# prefix-suppression
Router R7
R7(config)# router ospf 1
R7(config-router)# prefix-suppression
The following show ip route ospf command outputs states that all OSPF IP prefixes has been hidden except those assigned to R6 and R7’s loopback interfaces.
Router R1
R1# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks O 10.0.61.6/32 [110/3] via 10.0.14.4, 00:21:31, GigabitEthernet0/4 O 10.0.62.6/32 [110/3] via 10.0.14.4, 00:21:31, GigabitEthernet0/4 O 10.0.63.6/32 [110/3] via 10.0.14.4, 00:21:31, GigabitEthernet0/4 O 10.0.71.7/32 [110/2] via 10.0.17.7, 00:21:08, GigabitEthernet0/7 O 10.0.72.7/32 [110/2] via 10.0.17.7, 00:21:08, GigabitEthernet0/7 O 10.0.73.7/32 [110/2] via 10.0.17.7, 00:21:08, GigabitEthernet0/7
Router R2
R2# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks O 10.0.61.6/32 [110/3] via 10.0.23.3, 00:21:41, GigabitEthernet0/3 O 10.0.62.6/32 [110/3] via 10.0.23.3, 00:21:41, GigabitEthernet0/3 O 10.0.63.6/32 [110/3] via 10.0.23.3, 00:21:41, GigabitEthernet0/3 O 10.0.71.7/32 [110/2] via 10.0.27.7, 00:21:07, GigabitEthernet0/7 O 10.0.72.7/32 [110/2] via 10.0.27.7, 00:21:07, GigabitEthernet0/7 O 10.0.73.7/32 [110/2] via 10.0.27.7, 00:21:07, GigabitEthernet0/7
Router R3
R3# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks O 10.0.61.6/32 [110/2] via 10.0.36.6, 00:21:59, GigabitEthernet0/6 O 10.0.62.6/32 [110/2] via 10.0.36.6, 00:21:59, GigabitEthernet0/6 O 10.0.63.6/32 [110/2] via 10.0.36.6, 00:21:59, GigabitEthernet0/6 O 10.0.71.7/32 [110/3] via 10.0.23.2, 00:21:15, GigabitEthernet0/2 O 10.0.72.7/32 [110/3] via 10.0.23.2, 00:21:15, GigabitEthernet0/2 O 10.0.73.7/32 [110/3] via 10.0.23.2, 00:21:15, GigabitEthernet0/2
Router R4
R4# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 12 subnets, 2 masks O 10.0.61.6/32 [110/2] via 10.0.46.6, 00:21:55, GigabitEthernet0/6 O 10.0.62.6/32 [110/2] via 10.0.46.6, 00:21:55, GigabitEthernet0/6 O 10.0.63.6/32 [110/2] via 10.0.46.6, 00:21:55, GigabitEthernet0/6 O 10.0.71.7/32 [110/3] via 10.0.14.1, 00:21:31, GigabitEthernet0/1 O 10.0.72.7/32 [110/3] via 10.0.14.1, 00:21:31, GigabitEthernet0/1 O 10.0.73.7/32 [110/3] via 10.0.14.1, 00:21:31, GigabitEthernet0/1
Router R5
R5# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 14 subnets, 2 masks O 10.0.61.6/32 [110/3] via 10.0.45.4, 00:22:05, GigabitEthernet0/4 [110/3] via 10.0.35.3, 00:22:05, GigabitEthernet0/3 O 10.0.62.6/32 [110/3] via 10.0.45.4, 00:22:05, GigabitEthernet0/4 [110/3] via 10.0.35.3, 00:22:05, GigabitEthernet0/3 O 10.0.63.6/32 [110/3] via 10.0.45.4, 00:22:05, GigabitEthernet0/4 [110/3] via 10.0.35.3, 00:22:05, GigabitEthernet0/3 O 10.0.71.7/32 [110/3] via 10.0.25.2, 00:21:29, GigabitEthernet0/2 [110/3] via 10.0.15.1, 00:21:39, GigabitEthernet0/1 O 10.0.72.7/32 [110/3] via 10.0.25.2, 00:21:29, GigabitEthernet0/2 [110/3] via 10.0.15.1, 00:21:39, GigabitEthernet0/1 O 10.0.73.7/32 [110/3] via 10.0.25.2, 00:21:29, GigabitEthernet0/2 [110/3] via 10.0.15.1, 00:21:39, GigabitEthernet0/1
Router R6
R6# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks O 10.0.71.7/32 [110/4] via 10.0.46.4, 00:21:49, GigabitEthernet0/4 [110/4] via 10.0.36.3, 00:21:39, GigabitEthernet0/3 O 10.0.72.7/32 [110/4] via 10.0.46.4, 00:21:49, GigabitEthernet0/4 [110/4] via 10.0.36.3, 00:21:39, GigabitEthernet0/3 O 10.0.73.7/32 [110/4] via 10.0.46.4, 00:21:49, GigabitEthernet0/4 [110/4] via 10.0.36.3, 00:21:39, GigabitEthernet0/3
Router R7
R7# show ip route ospf omitted output 10.0.0.0/8 is variably subnetted, 13 subnets, 2 masks O 10.0.61.6/32 [110/4] via 10.0.27.2, 00:21:46, GigabitEthernet0/2 [110/4] via 10.0.17.1, 00:21:56, GigabitEthernet0/1 O 10.0.62.6/32 [110/4] via 10.0.27.2, 00:21:46, GigabitEthernet0/2 [110/4] via 10.0.17.1, 00:21:56, GigabitEthernet0/1 O 10.0.63.6/32 [110/4] via 10.0.27.2, 00:21:46, GigabitEthernet0/2 [110/4] via 10.0.17.1, 00:21:56, GigabitEthernet0/1
Cisco IOS ip ospf prefix-suppression Command
The ip ospf prefix-suppression command blocks OSPF from sharing the IP prefix of a particular interface, except for IP prefixes attached with secondary IP addresses.
Unlike the prefix-suppression command, the ip ospf prefix-suppression command hide IP prefixes on a-per-interface basis and has effect on loopback and passive interfaces.
This example hide the IP prefix of R6’s loopback 0 interface.
R6(config)# interface loopback 0
R6(config-if)# ip ospf prefix-suppression
The show ip route command states that router R1 no longer has a route to IP prefix 10.0.61.6/32, and it is the same for all routers.
R1# show ip route 10.0.61.6
% Subnet not in table
R1#
In this example, we configure R7’s loopback 0 as an OSPF passive interface, and then enable OSPF prefix suppression on it.
R7(config)# router ospf 1 R7(config-router)# passive-interface loopback 0 R7(config-router)# exit R7(config)# interface loopback 0 R7(config-if)# ip ospf prefix-suppression
The show ip route command states that router R2 no longer has a route to IP prefix 10.0.71.7/32, and it is the same for all routers.
R2# show ip route 10.0.71.7
% Subnet not in table
R2#
At this point, we add a secondary IP address on R6’s loopback 0 interface on which OSPF prefix suppression is already enabled, and advertise it into area 0.
R6(config)# interface loopback 0 R6(config-if)# ip address 10.0.161.6 255.255.255.0 secondary R6(config-if)# exit R6(config)# R6(config)# router ospf 1 R6(config-router)# network 10.0.161.6 0.0.0.0 area 0
The show ip route command indicates that R1 has a route to the secondary IP address’s prefix of R6’s loopback 0 even though the ip ospf prefix-suppression has been applied to the interface.
R1# show ip route ospf
omitted output
10.0.0.0/8 is variably subnetted, 11 subnets, 2 masks
O 10.0.62.6/32 [110/3] via 10.0.14.4, 01:03:11, GigabitEthernet0/4
O 10.0.63.6/32 [110/3] via 10.0.14.4, 01:03:11, GigabitEthernet0/4
O 10.0.72.7/32 [110/2] via 10.0.17.7, 01:02:48, GigabitEthernet0/7
O 10.0.73.7/32 [110/2] via 10.0.17.7, 01:02:48, GigabitEthernet0/7
O 10.0.161.0/24 [110/3] via 10.0.14.4, 00:06:12, GigabitEthernet0/4
Therefore, the ip ospf prefix-suppression command has no effect on IP prefixes associated with secondary IP addresses.
Finally, to deactivate the effect of the prefix-suppression router configuration command on a specific interface, use the ip ospf prefix-suppression disable command.
Related Lessons to OSPF Prefix Suppression
- OSPF
- OSPF Router ID
- OSPF Null Authentication
- OSPF Plain Text Authentication
- OSPF Default Route
- Basic OSPF Configuration Lab for CCNA
- OSPF Configuration
- OSPF Passive Interface
- OSPF Virtual Link
- OSPF Stub Area
- OSPF LSA Types
- OSPF Graceful Restart
- OSPF Totally Stubby Area
- OSPF Reference Bandwidth
- OSPF Cost
- OSPF DR/BDR Election
- OSPF Hello and Dead Interval
- OSPF Metric
- OSPF MD5 Authentication
- OSPF HMAC-SHA Cryptographic Authentication
- OSPF Multi-Area
- OSPF TTL Security Check
- OSPF Graceful Shutdown
- Route Redistribution between OSPF and RIP
- OSPF Network Types
- OSPF Totally NSSA Area
- OSPF NSSA Area
- OSPF Summarization
- OSPF Route Filtering
- OSPF Type 5 LSA Filtering
- OSPF ABR Type 3 LSA Filtering
- OSPF Prefix Suppression
- OSPF Path Selection
- OSPF LSA Throttling
- OSPF SPF Throttling
- OSPF Incremental SPF
- OSPF Non-Broadcast Network Type
- OSPF Point-to-Point Network Type
- OSPF Broadcast Network Type
- OSPF Point-to-Multipoint Network Type
- OSPF vs RIP
- OSPF LSA Group Pacing
- OSPF LSA Flood Pacing
- OSPF LSA Retransmission Pacing
- Troubleshooting OSPF Neighbor Adjacency
- Troubleshooting OSPF Route Installation
- Troubleshooting OSPF Route Advertisement
- OSPF Stub Router
Conclusion
I hope this blog post helps you learn something.
Now I’d like to turn it over to you:
What did you like about this tutorial?
Or maybe you have an excellent idea that you think I need to add.
Either way, let me know by leaving a comment below right now.