Can you establish a separate bgp neighbor and use a different routing instance or a dedicated black hole route server or something? That seems way too hackish to me.
On Saturday, November 9, 2013, Peter Krupl wrote: > Dear group, > > I need to advertise host specific routes for black-holing to our upstream > carriers. But it don't > necessarily want to black-hole the same destinations within our own > network. > > So in order to get our router to advertise, it must think that the route > is active. So i inject a > valid route into our network from our central black-holing BGP router. But > prevent it from entering the FIB > like this: > > set policy-options policy-statement export_rib_to_fib term > filter-blackhole-routes from community 9167-blackhole > set policy-options policy-statement export_rib_to_fib term > filter-blackhole-routes then reject > set policy-options policy-statement export_rib_to_fib term load-balance > then load-balance per-packet > set routing-options forwarding-table export export_rib_to_fib > > > I have tried to search via Google but i have not found any mention of the > above method. > It seems to work.. is this too hackish for production use ? > > I could off course also just install a static host route at the edge > router facing the black-holed > destination, but then it's not a centralized solution. Also having to > install access routes for > connected destinations is ugly. > > > > Is this a sane approach ? Your opinion is appreciated. Alternative > approaches ? > > Kind regards, > Peter Krüpl > > > > _______________________________________________ > juniper-nsp mailing list [email protected] <javascript:;> > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Thanks, Morgan _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
