Bird6 and static blackhole

Giuseppe Ravasio giuseppe_ravasio at modiano.com
Thu Feb 24 16:37:55 CET 2011


On 02/24/2011 12:22 PM, Ondrej Zajicek wrote:
> On Wed, Feb 23, 2011 at 11:35:20AM +0100, Giuseppe Ravasio wrote:
>> it seems that linux doesn't allow to set blackhole ipv6 routes without
>> specifing the device:
>> root@:~# ip -f inet6 route add blackhole 2a01:9c01::/32
>> RTNETLINK answers: No such device
>>
>> if I append dev lo the route inserts without problems.
>>
>> This error does not happen with reject and so
>>
>> protocol static {
>>          route 2a01:9c01::/32 reject;
>> }
>>
>> works like a charm.
>
> I checked that (but on older kernel, 2.6.23.16) and it seems that
> blackhole and prohibit targets are not implemented for IPv6. They
> requires a device, but when the loop device is specified, the same
> unreachable route is created.

On Ubuntu 10.04LTS:
root at pacman:~# uname -a
Linux pacman 2.6.32-25-generic #45-Ubuntu SMP Sat Oct 16 19:52:42 UTC 
2010 x86_64 GNU/Linux

1) Setup blackhole without device:
	root at pacman:~# ip -6 route add blackhole 2a01:9c11::/32
	RTNETLINK answers: No such device

2) Setup blackhole with loopback device:
	root at pacman:~# ip -6 route add blackhole 2a01:9c11::/32 dev lo
	root at pacman:~# ip -6 route
	unreachable 2a01:9c11::/32 dev lo  metric 1024  error -101 mtu
	16436 advmss 16376 hoplimit 4294967295

3) Setup unreachable works in both ways

The intresting thing is that in test 2 the route is set as unreachable 
even if i set it to blaskhole...

> If it is not really working, the easiest workaround would be to just
> use reject route.

It's exactly what I made and it seems to work well.

Bye
Beppe





More information about the Bird-users mailing list