[j-nsp] RIB -> FIB filtering.
Peter Krupl
paak at siminn.dk
Sat Nov 9 08:03:31 EST 2013
Dear group,
I need to advertise host specific routes for black-holing to our upstream carriers. But it don't
necessarily want to black-hole the same destinations within our own network.
So in order to get our router to advertise, it must think that the route is active. So i inject a
valid route into our network from our central black-holing BGP router. But prevent it from entering the FIB
like this:
set policy-options policy-statement export_rib_to_fib term filter-blackhole-routes from community 9167-blackhole
set policy-options policy-statement export_rib_to_fib term filter-blackhole-routes then reject
set policy-options policy-statement export_rib_to_fib term load-balance then load-balance per-packet
set routing-options forwarding-table export export_rib_to_fib
I have tried to search via Google but i have not found any mention of the above method.
It seems to work.. is this too hackish for production use ?
I could off course also just install a static host route at the edge router facing the black-holed
destination, but then it's not a centralized solution. Also having to install access routes for
connected destinations is ugly.
Is this a sane approach ? Your opinion is appreciated. Alternative approaches ?
Kind regards,
Peter Krüpl
More information about the juniper-nsp
mailing list