Blackhole routes using a filter?
Henrique de Moraes Holschuh
hmh at hmh.eng.br
Sat May 5 15:53:33 CEST 2012
On Fri, 04 May 2012, Ondrej Zajicek wrote:
> It is not directly possible in current version, but patch is already in
> GIT (see attachment). With that, you could use 'dest = RTD_UNREACHABLE;'
> (or RTD_PROHIBIT or RTD_BLACKHOLE) to change route destination type.
> Changing gw currently works only within one iface.
Yay! This will be quite useful.
> BTW, what is 2001:db8::1? Some well known blackhole address or just
> any address unreachable on the router?
It is the documentation prefix for IPv6, same as 192.0.2.0/24 for IPv4
(which is a common prefix to abuse for discard gateways).
> Another idea is that if you use 'gateway recursive' BGP option (default
> for iBGP), you could use 'bgp_next_hop = some_unreachable_ip;' in BGP
> import filter to make the route unreachable.
That can cause problems if someone finds a way to make that route
reachable...
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
More information about the Bird-users
mailing list