[OSL | CCIE_Security] RTBH-issue

Jimmy Larsson Wed, 05 May 2010 04:43:49 -0700

Hi

I am trying to setup RTBH for testing. Not in a WB-lab but in a home-brew
environment. Topology:


R1 (AS65001)   - R2 (AS65002)   -   R3 (AS65003)

My idea is to create a null0-route for the 192.0.0.1-address on all routers,
and from my trigger-router R3 create a static-route for attacker-address
1.2.3.4/32 to the 192-address so that the edge-router R1 routes 1.2.3.4 to
null0. But guess what: It doesn´t work!

R3 (trigger router):

R3#srs ip route
ip route 1.2.3.4 255.255.255.255 192.0.0.1 tag 66
ip route 192.0.0.1 255.255.255.255 Null0

R3#srs router bgp
router bgp 65003
 no synchronization
 bgp log-neighbor-changes
 redistribute static route-map RGBH
 redistribute eigrp 3
 neighbor 192.168.23.2 remote-as 65002
 neighbor 192.168.34.4 remote-as 65004
 no auto-summary

R3#srs route-map
route-map RTBH permit 10
 match tag 66
 continue
 set local-preference 200
 set origin igp
 set ip next-hop 192.0.0.1

R3#sh ip bgp
BGP table version is 16, local router ID is 192.168.33.33
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.4.4.4/32      192.168.34.4             0             0 65004 ?
*> 192.168.2.0      192.168.23.2        128256             0 65002 ?
*> 192.168.2.2/32   192.168.23.2             0             0 65002 ?
*> 192.168.3.0      0.0.0.0             128256         32768 ?
*> 192.168.3.3/32   0.0.0.0                  0         32768 ?
*> 192.168.11.1/32  192.168.23.2                           0 65002 65001 ?
*> 192.168.11.11/32 192.168.23.2                           0 65002 65001 ?
*> 192.168.22.0     192.168.23.2        128256             0 65002 ?
*> 192.168.22.22/32 192.168.23.2             0             0 65002 ?
*> 192.168.33.0     0.0.0.0             128256         32768 ?
*> 192.168.33.33/32 0.0.0.0                  0         32768 ?
R3#

Shouldn´t the 1.2.3.4-route show up in the bgp-table?

R1 (Edge router:)
R1#srs ip route
ip route 192.0.0.1 255.255.255.255 Null0

R1#srs router bgp
router bgp 65001
 no synchronization
 bgp log-neighbor-changes
 network 192.168.0.0 mask 255.255.0.0
 redistribute eigrp 1
 neighbor 192.168.12.2 remote-as 65002
 no auto-summary

R1#sh ip bgp
BGP table version is 17, local router ID is 192.168.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.4.4.4/32      192.168.12.2                           0 65002 65003
65004 ?
*> 192.168.2.0      192.168.12.2        128256             0 65002 ?
*> 192.168.2.2/32   192.168.12.2             0             0 65002 ?
*> 192.168.3.0      192.168.12.2                           0 65002 65003 ?
*> 192.168.3.3/32   192.168.12.2                           0 65002 65003 ?
*> 192.168.11.1/32  0.0.0.0                  0         32768 ?
*> 192.168.11.11/32 0.0.0.0                  0         32768 ?
*> 192.168.22.0     192.168.12.2        128256             0 65002 ?
*> 192.168.22.22/32 192.168.12.2             0             0 65002 ?
*> 192.168.33.0     192.168.12.2                           0 65002 65003 ?
*> 192.168.33.33/32 192.168.12.2                           0 65002 65003 ?

Any idea? What am I missing here?

Br Jimmy
-- 
-------
Jimmy Larsson
Ryavagen 173
s-26030 Vallakra
Sweden
http://blogg.kvistofta.nu
-------

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

[OSL | CCIE_Security] RTBH-issue

Reply via email to