[c-nsp] Blackholing looped traffic
Saku Ytti
saku+cisco-nsp at ytti.fi
Tue Aug 30 09:49:07 EDT 2005
On (2005-08-30 01:15 +0200), Oliver Boehmer (oboehmer) wrote:
> > It would be handy if IOS could give that
> > option to drop looped traffic instead of simply
> > forwarding it back.
>
> Not sure. Other opinions?
I have similiar broken-by-design setup (not my design and money was the
reason) implementation where this would be handy. I don't want to bore
with the details of it, but it leads to broadcast storms, we've
circumvented it with ACL.
My first go was input PBR in eg. interface ATM0.100 that would match
if egress interface of same packet is ATM0.100 and set next-hop to null0,
unfortunately it doesn't work like this, you don't seem to be able
to match on egress interface on PBR.
What I'm completely uncertain is, would allowing this type of hack
really be beneficial, or would it encourage more people to poor
design. Then again, it's not like it would be only feature, thats
there just due to poor (as in not good but also as in ultra low-budget)
design :)
--
++ytti
More information about the cisco-nsp
mailing list