[c-nsp] BGP blackhole community config

Satish Patel satish.txt at gmail.com
Mon Jun 20 16:51:43 EDT 2016


I am also in impression that it should work but it didn't. as soon as
i use 192.168.100.2 (Host IP) it works!!  look like router won't let
you do null route own IP address.

On Mon, Jun 20, 2016 at 3:13 PM, Jason Lixfeld <jason at lixfeld.ca> wrote:
> Unless I’m dumb, I don’t quite see how trying to RTBH 192.168.100.1 should matter.  The /32 should work because it’s a more specific prefix than the /24 attached to the interface.
>
>> On Jun 20, 2016, at 2:57 PM, Satish Patel <satish.txt at gmail.com> wrote:
>>
>> Its working now!! you know what is the problem? You guys going to beat me :(
>>
>> Let me example what i was doing. on my Router i have two interface.
>>
>> 1. 10.10.10.1/30   - Peer IP
>> 2. 192.168.100.1/24  - Host Subnet
>>
>> I was sending null route for 192.168.100.1/32 IP address which was
>> configured on router interface which BGP won't let you do null route..
>> :(
>>
>> when i did 192.168.100.2 host IP address it works!! this is crazy.. :(
>>
>> Sorry guys for trouble but its not documented anywhere you can't do
>> blackhole router interface IP. Just wonder what if attack send DDoS on
>> router IP address????
>>
>>
>>
>> On Mon, Jun 20, 2016 at 2:12 PM, Jason Lixfeld <jason at lixfeld.ca> wrote:
>>>> On Jun 20, 2016, at 1:55 PM, Satish Patel <satish.txt at gmail.com> wrote:
>>>>
>>>> Do you know how to troubleshoot or debug to see its sending /32 route
>>>> to peer or not ?
>>>
>>> show bgp neighbors y.y.y.y advertised-routes
>>>
>>>
>


More information about the cisco-nsp mailing list