[c-nsp] question on s/rtbh 6500 with sup720-3cxl

[Sascha Pollok]

Didnt the OP write that he receives packets originating from RFC1918 and 
not destined for?

Cheers
Sascha


Am 9. Februar 2015 06:54:06 schrieb Rod James Bio <rjubio at gmail.com>:

> Hi,
>
> In case I fail to get the whole scenario. Why is a provider sending
> packets destined to 10/8 to you? Are you announcing that prefix? That
> should not happen.
>
> Regarding your question. I think that the interface is still receiving
> those packets but are being drop before it exits your router.
>
> thanks.
>
> On 2/9/15 12:39, John Brown wrote:
> > Quick dumb question on S/RTBH.
> > I get all the foo around the dynamic nature of using BGP to inject the
> > bad prefix (source or dest) we want to drop.
> >
> > At present we do this with destination dropping / blackholing.   I
> > want to drop RFC 1918 sourced packets coming to me at my edge towards
> > providers / peers.  I've got one provider sending me nearly 80Mb/s
> > worth traffic with the source IP being in Net-10.  Their answer is for
> > me to ACL it. ICK
> >
> > My thought was to enable loose uRPF on the interface  and create a
> > static route for net-10 pointing to null0
> >
> > interface te4/1
> >     ip verify unicast source reachable-via any
> >
> > ip route 10.0.0.0 255.0.0.0 null0
> >
> > shouldn't that cause net-10 into the FIB with a ptr to null0 and thus
> > uRPF will discard ??
> >
> > Netflow still shows traffic on that interface with source's in Net-10.
> >
> > I'm either brain dead, my sup720-3cxl is, or ???
> >
> > thanks
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/