[c-nsp] BGP blackhole community config
Nick Cutting
ncutting at edgetg.com
Mon Jun 20 16:58:09 EDT 2016
Not sure why you would want to null route a connected route?
If it's in the routing table already, can be candidate for BGP table
-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Satish Patel
Sent: Monday, June 20, 2016 4:52 PM
To: Jason Lixfeld
Cc: Cisco Network Service Providers
Subject: Re: [c-nsp] BGP blackhole community config
I am also in impression that it should work but it didn't. as soon as i use 192.168.100.2 (Host IP) it works!! look like router won't let you do null route own IP address.
On Mon, Jun 20, 2016 at 3:13 PM, Jason Lixfeld <jason at lixfeld.ca> wrote:
> Unless I’m dumb, I don’t quite see how trying to RTBH 192.168.100.1 should matter. The /32 should work because it’s a more specific prefix than the /24 attached to the interface.
>
>> On Jun 20, 2016, at 2:57 PM, Satish Patel <satish.txt at gmail.com> wrote:
>>
>> Its working now!! you know what is the problem? You guys going to
>> beat me :(
>>
>> Let me example what i was doing. on my Router i have two interface.
>>
>> 1. 10.10.10.1/30 - Peer IP
>> 2. 192.168.100.1/24 - Host Subnet
>>
>> I was sending null route for 192.168.100.1/32 IP address which was
>> configured on router interface which BGP won't let you do null route..
>> :(
>>
>> when i did 192.168.100.2 host IP address it works!! this is crazy..
>> :(
>>
>> Sorry guys for trouble but its not documented anywhere you can't do
>> blackhole router interface IP. Just wonder what if attack send DDoS
>> on router IP address????
>>
>>
>>
>> On Mon, Jun 20, 2016 at 2:12 PM, Jason Lixfeld <jason at lixfeld.ca> wrote:
>>>> On Jun 20, 2016, at 1:55 PM, Satish Patel <satish.txt at gmail.com> wrote:
>>>>
>>>> Do you know how to troubleshoot or debug to see its sending /32
>>>> route to peer or not ?
>>>
>>> show bgp neighbors y.y.y.y advertised-routes
>>>
>>>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list