[c-nsp] Assistance configuring a router to trigger remote blackhole

chip chip.gwyn at gmail.com
Thu Sep 17 21:19:27 EDT 2009


On Thu, Sep 17, 2009 at 8:23 PM, Naveen Nathan <naveen at lastninja.net> wrote:

> Hi,
>
> I am new to the list, so please go easy on me.
>
> I'm in need of assistance configuring remote trigger blackhole in
> IOS. This feature is supported by our transit provider. I'm unsure
> if it's working or not, but since the nulled routes don't appear to
> be advertised to the transit peer, I'm assuming not.
>
> I've attached a portion of the cisco-config (substituting sensitive info,
> but it should be easy enough to follow).
>
> Would someone mind suggesting if I'm missing anything of particular
> importance. It would be much appreciated.
>
> Thanks.
>
> --
> Naveen Nathan
>
> To understand the human mind, understand self-deception. - Anon
>

Try putting the community onto the routes in your OUTBOUND route-map, ie.

route-map OUTBOUND permit 100
 description Deny Null Routes
 match tag 666
 set community [UPSTREAM_AS]:666

Otherwise the community is only being set within your AS


--chip

-- 
Just my $.02, your mileage may vary,  batteries not included, etc....


More information about the cisco-nsp mailing list