Re: OpenBGPd - how to blackhole traffic?

Stuart Henderson Sun, 19 Aug 2012 04:59:02 -0700

On 2012-08-16, Claudio Jeker <cje...@diehard.n-r-g.com> wrote:
> On Thu, Aug 16, 2012 at 02:47:25PM +0200, Bernd wrote:
>> Hi list,
>> 
>> I'd like to blackhole some traffic. For instance, my AS is
>> 12.34.56.0/20, so 12.34.58.0 might be announced, but is not
>> necessarily connected (internal routing via OSPFd).
>> 
>> On Cisco one uses:
>> 
>> ip route 0.0.0.0 0.0.0.0 Null0
>> 
>> This would throw any traffic headed to a network within my AS, which
>> is *not* connected (via OSPF), onto the floor.
>> 
>> Is there a way to achieve this on OpenBSD?
>> 
>
> route add default 127.0.0.1 -blackhole
>
> or for IPv6 (not tested)
>
> route add -inet6 default ::1 -blackhole
>


or s/blackhole/reject if you would like network unreachables
rather than just drops.

Re: OpenBGPd - how to blackhole traffic?

Reply via email to