EDGEs OSPF redundancy and filtering troubles
OSPF v2 ( IPv4) is supported for LAN and WAN interfaces. I recently defined a redundant OSPF LAN connection between an VMware 6X0 edge and a Sophos UTM 9 Firewall The Edge forwards Overlay Routes to LAN as OSPF E1 routes, thus playing an ASBR (Autonomous System Boundary Router) within the OSPF area and domain. On the UTM Firewall static routes and connected routes are advertised via OSPF E2, again playing the role of an ASBR. During testing various features for Internet Backhaul we also played with advertising a default route into the Velocoud Overlay. In order to prevent the default route from being advertised via OSPF to the UTM FW we entered a filter on "Outbound Route Advertisement" on both SFP interfaces. But on one of the connecting interfaces we forgot to check the "Exact Match" field which resulted in a Outbound filter of DENY ANY instead of the planned DENY DEFAULT ROUTE. The result was not what we expected: When testing we found out that routes adveri