Hi Guys,
I am starting to play with BGP and have set up some communities to separate
customer, peer and transit routes. I am trying to figure out how to allow
customers to send me a blackhole community number and then blackhole this.
Does anyone have any examples? I have set up most of my
On Wed, Oct 20, 2010 at 7:46 AM, Nick Ryce nick.r...@lumison.net wrote:
Hi Guys,
I am starting to play with BGP and have set up some communities to separate
customer, peer and transit routes. I am trying to figure out how to allow
customers to send me a blackhole community number and then
There use to be a great page up at www.secsup.org that provided examples
of exactly this, but I can't seem to load the page anymore.
Anyhow, for your customer, they could add a static route on their router
for the block they want to null route, and 'tag' it with, say, 666 (using
the 'tag'
Thanks for all the replies and help :)
Nick
-Original Message-
From: Jonas Frey (Probe Networks) [mailto:j...@probe-networks.de]
Sent: 20 October 2010 16:03
To: Nick Ryce
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] BGP Blackhole communities
Hi,
its easy:
- you need multihop
Hi,
its easy:
- you need multihop on internal bgp sessions
- configure dsc:
unit 0 {
family inet {
address 10.10.20.1/32 {
destination 10.10.20.2;
}
}
}
Add policy for blackhole filter:
# show policy-options policy-statement blackholefilter
term black {
On 10/20/10 10:45, David Ball wrote:
There use to be a great page up at www.secsup.org that provided examples
of exactly this, but I can't seem to load the page anymore.
former co-worker shutdown the server i think :( boo.
I have a rough copy:
On Wed, Oct 20, 2010 at 05:03:19PM +0200, Jonas Frey (Probe Networks) wrote:
Hi,
its easy:
- you need multihop on internal bgp sessions
On external BGP sessions you mean. The issue is that by default JUNOS
doesn't let you arbitrarily rewrite next-hops on regular EBGP learned
routes,
On 10/20/10 15:24, Richard A Steenbergen wrote:
On Wed, Oct 20, 2010 at 05:03:19PM +0200, Jonas Frey (Probe Networks) wrote:
Hi,
its easy:
- you need multihop on internal bgp sessions
On external BGP sessions you mean. The issue is that by default JUNOS
doesn't let you arbitrarily
On Wed, Oct 20, 2010 at 04:23:23PM -0400, Chris Morrow wrote:
4) reset next-hop as you ship the route internally to IBGP neighbors
(see ... the Wayne Gustavus's (verizon) talk from NANOG32 in Reston:
http://www.nanog.org/meetings/nanog32/presentations/soricelli.pdf)
there are, as RAS is
On 10/20/10 17:03, Richard A Steenbergen wrote:
On Wed, Oct 20, 2010 at 04:23:23PM -0400, Chris Morrow wrote:
4) reset next-hop as you ship the route internally to IBGP neighbors
(see ... the Wayne Gustavus's (verizon) talk from NANOG32 in Reston:
10 matches
Mail list logo
