Filter specific route from being advertised to OSPF
Resolution
This article explains how to filter specific static routes from being advertised into OSPF while still advertising all other static routes.
The method highlighted in this article is useful when firewall has a large number of static routes configured and only some of the routes needs to be filtered.
Details:
PA-1 (12.12.12.1) ------ (12.12.12.2) PA-2
1- Static routes configured on PA-1:
2- Redistribution profile configured on PA-1:
3- This redistribution profile causes all static routes configured on PA-1 firewall to be redistributed into OSPF:
4- Now, suppose we want that all static routes should be advertised to PA-2 except the static route 4.4.4.0/24. This could be achieved by using Priority value in Redistribution Profile:
Profile "Redist-Static" has a priority of 5 and action set to "Redist". New profile, "Filter-Static" has a priority of 1 and action set to "No Redist".
When both profiles are referred in OSPF Export rules, profiles would be evaluated according to the priority assigned.
Lower value means higher priority. This would cause Filter-Static profile to be evaluated first and preferred over "Redist-Static" profile hence route 4.4.4.0/24 would not be redistributed while other static routes would still be redistributed.
Note: Same configuration can be done for routes learned from other source type also e.g. for filtering specific connected routes to be exported into OSPF etc.