Bird6 and static blackhole
Giuseppe Ravasio
giuseppe_ravasio at modiano.com
Thu Feb 24 16:37:55 CET 2011
On 02/24/2011 12:22 PM, Ondrej Zajicek wrote:
> On Wed, Feb 23, 2011 at 11:35:20AM +0100, Giuseppe Ravasio wrote:
>> it seems that linux doesn't allow to set blackhole ipv6 routes without
>> specifing the device:
>> root@:~# ip -f inet6 route add blackhole 2a01:9c01::/32
>> RTNETLINK answers: No such device
>>
>> if I append dev lo the route inserts without problems.
>>
>> This error does not happen with reject and so
>>
>> protocol static {
>> route 2a01:9c01::/32 reject;
>> }
>>
>> works like a charm.
>
> I checked that (but on older kernel, 2.6.23.16) and it seems that
> blackhole and prohibit targets are not implemented for IPv6. They
> requires a device, but when the loop device is specified, the same
> unreachable route is created.
On Ubuntu 10.04LTS:
root at pacman:~# uname -a
Linux pacman 2.6.32-25-generic #45-Ubuntu SMP Sat Oct 16 19:52:42 UTC
2010 x86_64 GNU/Linux
1) Setup blackhole without device:
root at pacman:~# ip -6 route add blackhole 2a01:9c11::/32
RTNETLINK answers: No such device
2) Setup blackhole with loopback device:
root at pacman:~# ip -6 route add blackhole 2a01:9c11::/32 dev lo
root at pacman:~# ip -6 route
unreachable 2a01:9c11::/32 dev lo metric 1024 error -101 mtu
16436 advmss 16376 hoplimit 4294967295
3) Setup unreachable works in both ways
The intresting thing is that in test 2 the route is set as unreachable
even if i set it to blaskhole...
> If it is not really working, the easiest workaround would be to just
> use reject route.
It's exactly what I made and it seems to work well.
Bye
Beppe
More information about the Bird-users
mailing list