Having a route to discard address on the trigger router is necessary -
otherwise this router will not advertise routes to its peers. But it can be
*any* route (not necessarily pointing to Null0), including default route :-)

As an example (considering scenario from Lab 16):

if I want to redistribute the following four routes from R2 (which is my
trigger router):

R2# show run | incl route
[...]
ip route 199.100.222.0 255.255.255.0 Null0 tag 199
ip route 199.100.224.0 255.255.255.0 Null0 tag 199
ip route 199.100.226.0 255.255.255.0 Null0 tag 199
ip route 199.100.228.0 255.255.255.0 Null0 tag 199

with the next-hop of 192.0.2.1:

R2# sh run | sec route-map
route-map r-RTBH permit 10
 match tag 199
 set local-preference 100
 set origin igp
 set community no-export
 set ip next-hop 192.0.2.1

I have to have a static route for 192.0.2.1 on R2 (pointing to Null0) to be
able to redistribute those four networks to my BGP peers:

R2(config)# ip route 192.0.2.1 255.255.255.255 Null0

Now, if I remove the route above from R2, those four redistributed networks
will be gone from routing/BGP table of my BGP peers (R5 and R6):

R2#sh ip cef 192.0.2.1
0.0.0.0/0
  no route

R5# sh logg
[...]
*Sep 27 14:33:35.351: BGP(0): 2.2.2.2 rcv UPDATE about 199.100.228.0/24 --
withdrawn
*Sep 27 14:33:35.351: BGP(0): no valid path for 199.100.228.0/24
*Sep 27 14:33:35.351: BGP(0): 2.2.2.2 rcv UPDATE about 199.100.226.0/24 --
withdrawn
*Sep 27 14:33:35.351: BGP(0): no valid path for 199.100.226.0/24
*Sep 27 14:33:35.351: BGP(0): 2.2.2.2 rcv UPDATE about 199.100.224.0/24 --
withdrawn
*Sep 27 14:33:35.351: BGP(0): no valid path for 199.100.224.0/24
*Sep 27 14:33:35.351: BGP(0): 2.2.2.2 rcv UPDATE about 199.100.222.0/24 --
withdrawn
*Sep 27 14:33:35.351: BGP(0): no valid path for 199.100.222.0/24

and it is because R2 stopped redistributing them:

R2#sh ip bgp 199.100.222.0
BGP routing table entry for 199.100.222.0/24, version 18
Paths: (1 available, no best path)
Flag: 0x820
  Not advertised to any peer
  Local
    *192.0.2.1 (inaccessible) from 0.0.0.0 (2.2.2.2)*
      Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced
      Community: no-export

But having default route on R2 is enough to start advertising those four
routes to R5 and R6 again:

R2(config)#ip route 0.0.0.0 0.0.0.0 200.13.25.5

R2#sh ip cef 192.0.2.1
0.0.0.0/0
  nexthop 200.13.25.5 FastEthernet0/1.5

R2#sh ip bgp 199.100.222.0
BGP routing table entry for 199.100.222.0/24, version 38
Paths: (1 available, best #1, table Default-IP-Routing-Table, not
advertised to EBGP peer)
Flag: 0x820
  Advertised to update-groups:
        2
  Local
    192.0.2.1 from 0.0.0.0 (2.2.2.2)
      Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced,
best
      Community: no-export

But of course it would be safer to have specific route to 192.0.2.1
(discard network) than relying on default route.


Marta Sokolowska.

2012/9/26 GuardGrid <[email protected]>

Hi,
> Is there any info on RTBH on the DOC CD?
>
> I could only find this
> http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/prod_white_paper0900aecd80313fac.pdf
>
> http://packetlife.net/blog/2009/jul/6/remotely-triggered-black-hole-rtbh-routing/
>
> and obviously this will not be available during the exam.
>
> I thought I understood the basic concept here but I am unable to get this
> to work without adding a route for the discard address on the trigger
> router.
> Both the links above only suggest that we add the route to null0 on the
> edge routers and only the route for the destination (victim) to be added on
> the trigger router.
>
> Destination RTBH
> =================
> 1. Add route to null0 for the discard address on the edge routers
> 2. On the Trigger router Create a route map and match for a specific tag
> and set the next hop to that discard address.
> 3. As a best practice also set the origin to IGP (make it more preferred)
> and community to no-export (don't advertise outside the AS)
> 4. Add this route map for static redistribution under the BGP process on
> the trigger router.
>
> 5. Now when the victim in question is under attack then add a static route
> pointing to null0 with that tag on the trigger router so that this will be
> redistributed
> via BGP to the edge routers .
>
>
> Can you tell me what I am missing here?
>
> I am having to add a route for the discard addr on the trigger router as
> well which I do not see mentioned in any doc.
>
>
> -Srikant
>
>
> _______________________________________________
> For more information regarding industry leading CCIE Lab training, please
> visit www.ipexpert.com
>
> Are you a CCNP or CCIE and looking for a job? Check out
> www.PlatinumPlacement.com
>



-- 
--

Marta SokoĊ‚owska.
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com

Reply via email to