No. On Wednesday, September 26, 2012, GuardGrid wrote:
> Hi, > Is there any info on RTBH on the DOC CD? > > I could only find this > http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_white_paper0900aecd80313fac.pdf > > http://packetlife.net/blog/2009/jul/6/remotely-triggered-black-hole-rtbh-routing/ > > and obviously this will not be available during the exam. > > I thought I understood the basic concept here but I am unable to get this > to work without adding a route for the discard address on the trigger > router. > Both the links above only suggest that we add the route to null0 on the > edge routers and only the route for the destination (victim) to be added on > the trigger router. > > Destination RTBH > ================= > 1. Add route to null0 for the discard address on the edge routers > 2. On the Trigger router Create a route map and match for a specific tag > and set the next hop to that discard address. > 3. As a best practice also set the origin to IGP (make it more preferred) > and community to no-export (don't advertise outside the AS) > 4. Add this route map for static redistribution under the BGP process on > the trigger router. > > 5. Now when the victim in question is under attack then add a static route > pointing to null0 with that tag on the trigger router so that this will be > redistributed > via BGP to the edge routers . > > > Can you tell me what I am missing here? > > I am having to add a route for the discard addr on the trigger router as > well which I do not see mentioned in any doc. > > > -Srikant > > -- FNK, CCIE Security#35578
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
