Try configuring ip route 1.2.3.4 255.255.255.255 null0 tag 66 on R3.
I don't think, you require "continue" With regards Kings On Wed, May 5, 2010 at 5:13 PM, Jimmy Larsson <[email protected]> wrote: > Hi > > I am trying to setup RTBH for testing. Not in a WB-lab but in a home-brew > environment. Topology: > > R1 (AS65001) - R2 (AS65002) - R3 (AS65003) > > My idea is to create a null0-route for the 192.0.0.1-address on all > routers, and from my trigger-router R3 create a static-route for > attacker-address 1.2.3.4/32 to the 192-address so that the edge-router R1 > routes 1.2.3.4 to null0. But guess what: It doesn´t work! > > R3 (trigger router): > > R3#srs ip route > ip route 1.2.3.4 255.255.255.255 192.0.0.1 tag 66 > ip route 192.0.0.1 255.255.255.255 Null0 > > R3#srs router bgp > router bgp 65003 > no synchronization > bgp log-neighbor-changes > redistribute static route-map RGBH > redistribute eigrp 3 > neighbor 192.168.23.2 remote-as 65002 > neighbor 192.168.34.4 remote-as 65004 > no auto-summary > > R3#srs route-map > route-map RTBH permit 10 > match tag 66 > continue > set local-preference 200 > set origin igp > set ip next-hop 192.0.0.1 > > R3#sh ip bgp > BGP table version is 16, local router ID is 192.168.33.33 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal, > r RIB-failure, S Stale > Origin codes: i - IGP, e - EGP, ? - incomplete > > Network Next Hop Metric LocPrf Weight Path > *> 10.4.4.4/32 192.168.34.4 0 0 65004 ? > *> 192.168.2.0 192.168.23.2 128256 0 65002 ? > *> 192.168.2.2/32 192.168.23.2 0 0 65002 ? > *> 192.168.3.0 0.0.0.0 128256 32768 ? > *> 192.168.3.3/32 0.0.0.0 0 32768 ? > *> 192.168.11.1/32 192.168.23.2 0 65002 65001 ? > *> 192.168.11.11/32 192.168.23.2 0 65002 65001 ? > *> 192.168.22.0 192.168.23.2 128256 0 65002 ? > *> 192.168.22.22/32 192.168.23.2 0 0 65002 ? > *> 192.168.33.0 0.0.0.0 128256 32768 ? > *> 192.168.33.33/32 0.0.0.0 0 32768 ? > R3# > > Shouldn´t the 1.2.3.4-route show up in the bgp-table? > > R1 (Edge router:) > R1#srs ip route > ip route 192.0.0.1 255.255.255.255 Null0 > > R1#srs router bgp > router bgp 65001 > no synchronization > bgp log-neighbor-changes > network 192.168.0.0 mask 255.255.0.0 > redistribute eigrp 1 > neighbor 192.168.12.2 remote-as 65002 > no auto-summary > > R1#sh ip bgp > BGP table version is 17, local router ID is 192.168.11.11 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal, > r RIB-failure, S Stale > Origin codes: i - IGP, e - EGP, ? - incomplete > > Network Next Hop Metric LocPrf Weight Path > *> 10.4.4.4/32 192.168.12.2 0 65002 65003 > 65004 ? > *> 192.168.2.0 192.168.12.2 128256 0 65002 ? > *> 192.168.2.2/32 192.168.12.2 0 0 65002 ? > *> 192.168.3.0 192.168.12.2 0 65002 65003 ? > *> 192.168.3.3/32 192.168.12.2 0 65002 65003 ? > *> 192.168.11.1/32 0.0.0.0 0 32768 ? > *> 192.168.11.11/32 0.0.0.0 0 32768 ? > *> 192.168.22.0 192.168.12.2 128256 0 65002 ? > *> 192.168.22.22/32 192.168.12.2 0 0 65002 ? > *> 192.168.33.0 192.168.12.2 0 65002 65003 ? > *> 192.168.33.33/32 192.168.12.2 0 65002 65003 ? > > Any idea? What am I missing here? > > Br Jimmy > -- > ------- > Jimmy Larsson > Ryavagen 173 > s-26030 Vallakra > Sweden > http://blogg.kvistofta.nu > ------- > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
