[e-nsp] Getting ExtremeWare to accept Null Routes via BGP
Jo Rhett
jrhett at svcolo.com
Wed Feb 13 15:01:52 EST 2008
So first you should know that any packet you blackhole is handled in
software at the CPU, not by ASIC. Yeah, ignore the docs. And yeah,
extreme support will claim otherwise until you show them the cpu
counters and they escalate and engineering with confirm. You can't
do an IP blackhole without all that traffic going to CPU. You must
use a mac-level blackhole.
Do this:
create vlan dropPackets
configure vlan "dropPackets" ipaddress 192.168.2.1 255.255.255.255
enable loopback-mode vlan "dropPackets"
create fdbentry 00:11:22:33:44:55 vlan "dropPackets" blackhole dest-mac
configure iparp add 192.168.2.1 00:11:22:33:44:55
You'll notice that I changed the IP address from 192.0.2.1 to
192.168.2.1. Yes, and you should too. 192.0 is a valid, routable IP
block in use on the Internet. 192.168.x.x is non-routable, and
that's what you should be using.
On Feb 8, 2008, at 7:05 PM, Drew Weaver wrote:
> Hi there, I am trying to add our one remaining black
> diamond to our RTBH configuration and I am finding it difficult to
> get ExtremeWare to accept routes into BGP which the "NextHop" is
> unreachable.
>
> Of course, I made the NextHop unreachable, because that is the
> point...
>
> i.e.
>
> 02/09/2008 02:00:34.94 <Summ:BGP.UpdateIn.RtRejNhUnreach> NLRI
> 10.1.2.184 /25
> 5.255.255.248 Type unicast Reject: NextHop 192.0.2.1 is unreachable
>
> configure iproute add blackhole 192.0.2.1 255.255.255.255
>
> we have that static route so that when we add a route to our route-
> server with the destination of 192.0.2.1 it will automatically
> Blackhole it on every switch on our network.
>
> Does anyone have any clues?
>
> Thanks,
> -Drew
> _______________________________________________
> extreme-nsp mailing list
> extreme-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/extreme-nsp
--
Jo Rhett
senior geek
Silicon Valley Colocation
Support Phone: 408-400-0550
More information about the extreme-nsp
mailing list