Laurent CARON(lca...@unix-scripts.info) on 2013.12.13 11:31:02 +0100:
> Hi,
>
> I'm using cymru[1] bogon feed onto a router receiving several full tables.
>
> On this router I have:
>
> neighbor $CYMRU_PEER_v4 {
> descr cymru-fullbogon-v4-001
> local-address $NERIM_MY_v4
> max-prefix 9550 restart 10
> }
>
> bgpctl show rib correctly shows the prefixes being added with nexthop
> $CYMRU_PEER_v4
>
> This nexthop however is invalid (because I can't reach it directly),
> which doesn't matter to me since this traffic should be blackholed
> anyway.
>
> To blackhole this traffic I use:
> match from group cymru_bogons set nexthop blackhole
>
> The traffic never gets blackholed....unless I use
> set nexthop $NERIM_PEER_v4
> in the neighbor stanza.
>
> Is it a normal behavior, a misunderstanding on my side, or a bug ?
This is normal behaivor (and perhaps a misunderstanding on your side):
bgpd will only put routes into the fib that are best and valid in the rib.
A route comming from an EBGP-peer is only valid if the nexthop is directly
connected. To make the route valid you can force the nexthop to a useable
nexthop, for exampe your $NERIM_PEER_v4. you could also use $NERIM_MY_v4.
/Benno
