[j-nsp] RIB -> FIB filtering.
Adam Vitkovsky
adam.vitkovsky at swan.sk
Wed Nov 13 08:38:46 EST 2013
Oh I see, yes that's the ideal setup,
Though the OP mentioned he's hardware restricted and also that his upstream
is not willing to run a separate session for RTBH so very limited set of
options there.
adam
-----Original Message-----
From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of
Dobbins, Roland
Sent: Wednesday, November 13, 2013 2:24 PM
To: Juniper list
Subject: Re: [j-nsp] RIB -> FIB filtering.
On Nov 13, 2013, at 8:16 PM, Adam Vitkovsky <adam.vitkovsky at swan.sk> wrote:
> Though you'd still have to use table-map in order avoid installing these
valid prefixes into RIB.
I guess I'm thinking of a scenario with a dedicated blackhole
triggger-router, iBGP from the trigger routers to routers within my own
network where I want to drop traffic, and eBGP multi-hop from the trigger
route to each of the appropriate routers on the upstream transit networks.
No need to worry about the RIB on the trigger router, and community-based
tagging and filtering can ensure that these particular blackhole routes
never make it into my own routers in my own iBGP.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list