[c-nsp] question on s/rtbh 6500 with sup720-3cxl

Rod James Bio rjubio at gmail.com
Mon Feb 9 02:54:57 EST 2015 

Yes thank you! I didn't read the whole message thoroughly. If that's the 
case then his static route wont do anything. In my case I would do 
policy-based routing:

!
ip access-list extended to-blackhole
  permit ip 10.0.0.0 255.0.0.0 any
!
route-map to-blackhole permit 10
  match ip address to-blackhole
  set interface Null0
  set default interface Null0
!
interface Te1/4
ip policy route-map to-blackhole
!

You may want to test this. But this what I usually do. Hope it helps.

Regards,

On 2/9/15 14:56, Sascha Pollok wrote:
> Didnt the OP write that he receives packets originating from RFC1918 and
> not destined for?
>
> Cheers
> Sascha
>
>
> Am 9. Februar 2015 06:54:06 schrieb Rod James Bio <rjubio at gmail.com>:
>
>> Hi,
>>
>> In case I fail to get the whole scenario. Why is a provider sending
>> packets destined to 10/8 to you? Are you announcing that prefix? That
>> should not happen.
>>
>> Regarding your question. I think that the interface is still receiving
>> those packets but are being drop before it exits your router.
>>
>> thanks.
>>
>> On 2/9/15 12:39, John Brown wrote:
>> > Quick dumb question on S/RTBH.
>> > I get all the foo around the dynamic nature of using BGP to inject the
>> > bad prefix (source or dest) we want to drop.
>> >
>> > At present we do this with destination dropping / blackholing.   I
>> > want to drop RFC 1918 sourced packets coming to me at my edge towards
>> > providers / peers.  I've got one provider sending me nearly 80Mb/s
>> > worth traffic with the source IP being in Net-10.  Their answer is for
>> > me to ACL it. ICK
>> >
>> > My thought was to enable loose uRPF on the interface  and create a
>> > static route for net-10 pointing to null0
>> >
>> > interface te4/1
>> >     ip verify unicast source reachable-via any
>> >
>> > ip route 10.0.0.0 255.0.0.0 null0
>> >
>> > shouldn't that cause net-10 into the FIB with a ptr to null0 and thus
>> > uRPF will discard ??
>> >
>> > Netflow still shows traffic on that interface with source's in Net-10.
>> >
>> > I'm either brain dead, my sup720-3cxl is, or ???
>> >
>> > thanks
>> > _______________________________________________
>> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> > https://puck.nether.net/mailman/listinfo/cisco-nsp
>> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>> >
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>

More information about the cisco-nsp mailing list