[c-nsp] Blackholing in MPLS VPNs

Ran Liebermann ranmails at gmail.com
Sat Sep 20 06:40:42 EDT 2008


Hi All,

Common blackholing mechanisms (such as RFC 3882) rely on the next-hop
attribute of BGP, such that the next-hop of the announced prefix will
remain the same as the static route even through the BGP prefix is
locally originated via the redistribute command. This of course works
well when the mechanism is operating in the global routing table of
the routers.

However when trying to operate the mechanism in an MPLS VPN (for
example a VPN for internet traffic instead of the global routing
table), then the mechanism breaks down becuase the prefixes are
announced with the next-hop as the local router. (output examples at
the end of the email).

Does anyone have a nice and elegant solution to this?

Thanks,
--
Ran.



For example here is the view of the prefix in the announcing router:

ANNOUNCING_ROUTER#show ip bgp vpnv4 vrf INTERNET 2.2.2.2
BGP routing table entry for 64512:100:2.2.2.2/32, version 153
Paths: (1 available, best #1, table INTERNET)
Flag: 0x820
  Advertised to update-groups:
     1
  Local
    192.168.255.255 from 0.0.0.0 (172.17.17.1)
      Origin IGP, metric 0, localpref 50, weight 32768, valid, sourced, best
      Community: 64512:65535
      Extended Community: RT:64512:100
      mpls labels in/out 33/nolabel

And here is the view of the prefix in the receiving router:

RECEIVING_ROUTER#show ip bgp vpnv4 vrf INTERNET 2.2.2.2
BGP routing table entry for 64512:100:2.2.2.2/32, version 24
Paths: (1 available, best #1, table INTERNET)
Flag: 0x820
  Not advertised to any peer
  Local
    172.17.17.1 (metric 20) from 172.17.17.1 (172.17.17.1)
      Origin IGP, metric 0, localpref 50, valid, internal, best
      Community: 64512:65535
      Extended Community: RT:64512:100
      mpls labels in/out nolabel/33


--
Ran Liebermann,
VP Engineering, PurePeak
ranl at purepeak.com
http://purepeak.com


More information about the cisco-nsp mailing list