RTD_BLACKHOLE overridden by matching route.
Thomas Johnson
tommyj27 at gmail.com
Sat Nov 29 01:44:31 CET 2014
I am having some difficulty blackholing a route. The route in question is
received from a multihop BGP session (emulating cymru), and I am setting
the dest attribute to RTD_BLACKHOLE. However, if the same route is received
via another BGP session, the blackhole is overriden, as shown here:
bird> show route 10.0.2.0/24 all
10.0.2.0/24 via 38.8.8.105 on em1 [bgp_cogent 17:38:53] * (100)
[AS174i]
Type: BGP unicast univ
BGP.origin: IGP
BGP.as_path: 174
BGP.next_hop: 38.8.8.105
BGP.local_pref: 100
blackhole [l3_bogons 18:00:03 from 10.0.1.255] (100)
[AS3356i]
Type: BGP unicast univ
BGP.origin: IGP
BGP.as_path: 3356
BGP.next_hop: 10.0.1.255
BGP.local_pref: 255
BGP.community: (65332,888)
The relevant parts of my test configuration are below. Is there some trick
to making the blackhole "absolute"?
filter bgp_in_cogent {
if ! rt_import_all(174) then reject;
accept;
}
template bgp cymru_bogons_full {
local as 68;
multihop 255;
export none;
import filter {
bgp_community.add((65332,888));
dest = RTD_BLACKHOLE;
bgp_local_pref = 255;
accept;
};
}
protocol bgp bgp_cogent from ebgp {
neighbor 38.8.8.105 as 174;
import filter bgp_in_cogent;
}
protocol bgp l3_bogons from cymru_bogons_full {
local 162.9.5.3 as 68;
neighbor 10.0.1.255 as 3356;
}
Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20141128/0908ffee/attachment.html>
More information about the Bird-users
mailing list