As a side note, this is how I’ve always seen it done. I believe even the RFC refers to this method.
> On Jan 14, 2016, at 8:07 PM, chip <chip.g...@gmail.com> wrote: > > A strategy that I've seen used is to pick some ip address and add a static > route for it pointing to discard on every router. Then when you receive > the route to black-hole, set the next-hop to the discard route. This way > all routers will drop traffic for the prefix as soon as it enters the > router instead of running through your network first. > > > > On Thu, Jan 14, 2016 at 4:10 PM, Johan Borch <johan.bo...@gmail.com> wrote: > >> Hi! >> >> I have implemented RTBH in my small network of 8 routers. DFZ is running in >> a L3VPN and each router has an multihop ibgp-session with my RTBH-router >> and it works, but I have one thing that annoys me. >> >> If I announce an offending IP to be black holed, only one of the routers >> will point to the discard route. The other 7 will see the announced route >> via BGP från the one that got it first I guess and send the traffic to that >> one where is is discarded. If I do show extensive on the route it is prefer >> because of IGP. I can't figure out how to get each router to prefer the >> discard localy. If I do local pref on one router the other 7 will send the >> traffic there instead. >> >> Every router has >> >> route a.b.c.d/32 { >> discard; >> install; >> } >> >> And from sending RTBH router, they are announced with next-hop a.b.c.d. >> >> Idéas? :) >> >> Regards >> Johan >> _______________________________________________ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > > -- > Just my $.02, your mileage may vary, batteries not included, etc.... > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp