[c-nsp] Assistance configuring a router to trigger remote blackhole
chip
chip.gwyn at gmail.com
Thu Sep 17 21:19:27 EDT 2009
On Thu, Sep 17, 2009 at 8:23 PM, Naveen Nathan <naveen at lastninja.net> wrote:
> Hi,
>
> I am new to the list, so please go easy on me.
>
> I'm in need of assistance configuring remote trigger blackhole in
> IOS. This feature is supported by our transit provider. I'm unsure
> if it's working or not, but since the nulled routes don't appear to
> be advertised to the transit peer, I'm assuming not.
>
> I've attached a portion of the cisco-config (substituting sensitive info,
> but it should be easy enough to follow).
>
> Would someone mind suggesting if I'm missing anything of particular
> importance. It would be much appreciated.
>
> Thanks.
>
> --
> Naveen Nathan
>
> To understand the human mind, understand self-deception. - Anon
>
Try putting the community onto the routes in your OUTBOUND route-map, ie.
route-map OUTBOUND permit 100
description Deny Null Routes
match tag 666
set community [UPSTREAM_AS]:666
Otherwise the community is only being set within your AS
--chip
--
Just my $.02, your mileage may vary, batteries not included, etc....
More information about the cisco-nsp
mailing list