[c-nsp] Blackholing looped traffic

Saku Ytti saku+cisco-nsp at ytti.fi
Tue Aug 30 09:49:07 EDT 2005


On (2005-08-30 01:15 +0200), Oliver Boehmer (oboehmer) wrote:

> > It would be handy if IOS could give that
> > option to drop looped traffic instead of simply
> > forwarding it back.
> 
> Not sure. Other opinions?

 I have similiar broken-by-design setup (not my design and money was the
reason) implementation where this would be handy. I don't want to bore
with the details of it, but it leads to broadcast storms, we've
circumvented it with ACL. 
 My first go was input PBR in eg. interface ATM0.100 that would match
if egress interface of same packet is ATM0.100 and set next-hop to null0,
unfortunately it doesn't work like this, you don't seem to be able
to match on egress interface on PBR.

 What I'm completely uncertain is, would allowing this type of hack
really be beneficial, or would it encourage more people to poor
design. Then again, it's not like it would be only feature, thats
there just due to poor (as in not good but also as in ultra low-budget)
design :)


-- 
  ++ytti


More information about the cisco-nsp mailing list