[137911] in North American Network Operators' Group
Re: Howto for BGP black holing/null routing
daemon@ATHENA.MIT.EDU (Jared Mauch)
Tue Feb 22 17:01:29 2011
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <4D64307C.9040106@bromirski.net>
Date: Tue, 22 Feb 2011 16:57:21 -0500
To: =?utf-8?Q?=C5=81ukasz_Bromirski?= <lukasz@bromirski.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Also:
http://docs.as701.net/tmp/CustomerBlackhole.txt
Remember to set eBGP multihop on sessions for the next-hop rewrite =
capability :)
- Jared
On Feb 22, 2011, at 4:54 PM, =A3ukasz Bromirski wrote:
> On 2011-02-22 22:42, David Hubbard wrote:
>> I was wondering if anyone has a howto floating around on the
>> step by step setup of having an internal bgp peer for sending
>> quick updates to border routers to null route sources of
>> undesirable traffic? I've seen it discussed on nanog from
>> time to time, typically suggesting using Zebra, but could
>> not search up a link on a step by step.
>=20
> Take a look here for starters:
> http://www.cisco.com/web/about/security/intelligence/blackhole.pdf
>=20
> Searching through NANOG archives will return a couple of sessions
> that went through the other vendor configs for such functionality.
>=20
> --=20
> "There's no sense in being precise when | =A3ukasz =
Bromirski
> you don't know what you're talking | =
jid:lbromirski@jabber.org
> about." John von Neumann | =
http://lukasz.bromirski.net
