I don't consider a hack, it is what the feature is there for. Of course it isn't something other vendors support.
Plus I can't think of another way to do it which isn't even more of a hack. Phil From: Peter Krupl Sent: 11/9/2013 8:06 To: [email protected] Subject: [j-nsp] RIB -> FIB filtering. Dear group, I need to advertise host specific routes for black-holing to our upstream carriers. But it don't necessarily want to black-hole the same destinations within our own network. So in order to get our router to advertise, it must think that the route is active. So i inject a valid route into our network from our central black-holing BGP router. But prevent it from entering the FIB like this: set policy-options policy-statement export_rib_to_fib term filter-blackhole-routes from community 9167-blackhole set policy-options policy-statement export_rib_to_fib term filter-blackhole-routes then reject set policy-options policy-statement export_rib_to_fib term load-balance then load-balance per-packet set routing-options forwarding-table export export_rib_to_fib I have tried to search via Google but i have not found any mention of the above method. It seems to work.. is this too hackish for production use ? I could off course also just install a static host route at the edge router facing the black-holed destination, but then it's not a centralized solution. Also having to install access routes for connected destinations is ugly. Is this a sane approach ? Your opinion is appreciated. Alternative approaches ? Kind regards, Peter Krüpl _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
