You can also directly set the communities on the static route, making the BGP policy unnecessary:
set routing-options static route A.B.C.D/32 discard community [ 7922:666 1239:66 ] On Thu, Sep 15, 2016 at 05:12:34PM +0000, Matthew Crocker wrote: > > > > Static /32 is in and Sprint (AS1239) uses 1239:66 as the blackhole > community. Some use 666, some have 911 > > I think it is working, just need to dig into some looking glasses to see what > the world sees. > > Thanks again. > > From: Dave Bell <m...@geordish.org> > Date: Thursday, September 15, 2016 at 1:02 PM > To: Matthew Crocker <matt...@corp.crocker.com> > Cc: "juniper-nsp@puck.nether.net" <juniper-nsp@puck.nether.net> > Subject: Re: [j-nsp] need HELP black holing a /32 via BGP community. > > Looks good. You may just want to add a /32 route so you have one to send. > > set routing-options static route A.B.C.D/32 discard > > Looks like you may be missing a 6 from a community too? > > Regards, > Dave > > On 15 September 2016 at 17:53, Matthew Crocker > <matt...@corp.crocker.com<mailto:matt...@corp.crocker.com>> wrote: > > > Hello, > > I have a /32 that I need to add a community to so get my upstreams to > blackhole the traffic. > > Can anyone send me any points on how to do that? > > I have: > > policy-statement pl-blackhole { > term match-route { > from { > prefix-list blackhole-prefixes; > } > } > then { > community add blackhole; > accept; > } > } > > > prefix-list blackhole-prefixes { > A.B.C.D/32; > } > > community blackhole members [ 7922:666 1239:66 ]; > > > > I’ve added pl-blockhole to my upstream BGP group export statement. > > Am I on the right track? What am I missing? _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
