to drop it by destination, you just set type of those routes to 'blackhole'. and I don't see any way to match fullbogon routing table for filtering by src-address
-- Подпись: (добавляется в конце всех исходящих писем) 2013/9/4 Tayeb Meftah <[email protected]> > HAHAHA;) > you didnt understand me;) > we do a EBGP session > you anounce me fullbogon routes, i receive it > but up on receiving it, i want to mark it a fullbogon > after receiving... and marking it, i'lle drop it on my fw action drop or > reject > > Tayeb Meftah > Voice of the blind T Broadcast Freedom > http://www.vobradio.org > Phone:447559762242 > ----- Original Message ----- From: "Chupaka" <[email protected]> > To: "Mikrotik discussions" <[email protected]> > Sent: Wednesday, September 04, 2013 2:31 PM > > Subject: Re: [Mikrotik] BGP Community > > > what do you mean saying 'firewall BGP community'?.. you can firewall >> traffic, not abstract communities %-) >> >> -- >> Подпись: >> (добавляется в конце всех исходящих писем) >> >> >> 2013/9/4 Tayeb Meftah <[email protected]> >> >> hey :) >>> no, i dont want to anounce marked route, but i want to mark a specific >>> bgp >>> community and firewall it >>> >>> Tayeb Meftah >>> Voice of the blind T Broadcast Freedom >>> http://www.vobradio.org >>> Phone:447559762242 >>> ----- Original Message ----- From: "Chupaka" <[email protected]> >>> To: "Mikrotik discussions" <[email protected]> >>> Sent: Wednesday, September 04, 2013 2:19 PM >>> >>> Subject: Re: [Mikrotik] BGP Community >>> >>> >>> oh, by the way, marked routes will not be announced without VRF or >>> >>>> something, IIRC >>>> >>>> -- >>>> Подпись: >>>> (добавляется в конце всех исходящих писем) >>>> >>>> >>>> 2013/9/4 Tayeb Meftah <[email protected]> >>>> >>>> ok, now i have added static route to my edge, and marked it as >>>> fullbogon >>>> >>>>> 217.0.0.0/8 >>>>> and assigned it to bgp community 65000:888 >>>>> but i dont see the bgp chain in the routing filter? >>>>> :) >>>>> >>>>> Tayeb Meftah >>>>> Voice of the blind T Broadcast Freedom >>>>> http://www.vobradio.org >>>>> Phone:447559762242 >>>>> ----- Original Message ----- From: "Chupaka" <[email protected]> >>>>> To: "Mikrotik discussions" <[email protected]> >>>>> Sent: Wednesday, September 04, 2013 2:07 PM >>>>> >>>>> Subject: Re: [Mikrotik] BGP Community >>>>> >>>>> >>>>> /routing filter add chain=announce-out >>>>> >>>>> >>>>> prefix=224.0.0.0/24set-bgp-******communities=65332:888<http://224.0.0.0/24set-bgp-****communities=65332:888> >>>>>> <http://**224.0.0.0/24set-bgp-****communities=65332:888<http://224.0.0.0/24set-bgp-**communities=65332:888> >>>>>> > >>>>>> <http://**224.0.0.0/24set-bgp-****communities=65332:888<http://224.0.0.0/24set-bgp-**communities=65332:888> >>>>>> <http:/**/224.0.0.0/24set-bgp-**communities=65332:888<http://224.0.0.0/24set-bgp-communities=65332:888> >>>>>> > >>>>>> >>>>>> > >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Подпись: >>>>>> (добавляется в конце всех исходящих писем) >>>>>> >>>>>> >>>>>> 2013/9/4 Tayeb Meftah <[email protected]> >>>>>> >>>>>> thank but how to add the bgp community? >>>>>> >>>>>> >>>>>>> thank >>>>>>> Tayeb Meftah >>>>>>> Voice of the blind T Broadcast Freedom >>>>>>> http://www.vobradio.org >>>>>>> Phone:447559762242 >>>>>>> ----- Original Message ----- From: "Chupaka" <[email protected]> >>>>>>> To: "Mikrotik discussions" <[email protected]> >>>>>>> Sent: Wednesday, September 04, 2013 2:01 PM >>>>>>> Subject: Re: [Mikrotik] BGP Community >>>>>>> >>>>>>> >>>>>>> Then you add some community to that announce, and on other routers >>>>>>> you >>>>>>> >>>>>>> create routing filter that will change that route to >>>>>>> >>>>>>>> blackhole/unreachable, >>>>>>>> like "/routing filters add chain=announce-in >>>>>>>> bgp-communities=65332:888 >>>>>>>> action=accept set-type=unreachable", or >>>>>>>> "set-routing-mark=fullbogon", >>>>>>>> or >>>>>>>> whatever you want. >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Подпись: >>>>>>>> (добавляется в конце всех исходящих писем) >>>>>>>> >>>>>>>> >>>>>>>> 2013/9/4 Tayeb Meftah <[email protected]> >>>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> what's the use of a BGP community? >>>>>>>> >>>>>>>>> i for example, want to anounce a specific network from one of my >>>>>>>>> edge's >>>>>>>>> and all other edges receive it, but put it in a special routing >>>>>>>>> mark >>>>>>>>> let's say, 202.0.0.0/8 want to mark it "DROP" >>>>>>>>> but all the traffic that's received but not marked as drop dont >>>>>>>>> want >>>>>>>>> to >>>>>>>>> mark it >>>>>>>>> is that pocible? >>>>>>>>> thank >>>>>>>>> Tayeb Meftah >>>>>>>>> Voice of the blind T Broadcast Freedom >>>>>>>>> http://www.vobradio.org >>>>>>>>> Phone:447559762242 >>>>>>>>> -------------- next part -------------- >>>>>>>>> An HTML attachment was scrubbed... >>>>>>>>> URL: < >>>>>>>>> http://mail.butchevans.com/********pipermail/mikrotik/**<http://mail.butchevans.com/******pipermail/mikrotik/**> >>>>>>>>> <http:**//mail.butchevans.com/******pipermail/mikrotik/**<http://mail.butchevans.com/****pipermail/mikrotik/**> >>>>>>>>> > >>>>>>>>> <http://**mail.butchevans.com/******pipermail/mikrotik/**<http://mail.butchevans.com/****pipermail/mikrotik/**> >>>>>>>>> <http**://mail.butchevans.com/****pipermail/mikrotik/**<http://mail.butchevans.com/**pipermail/mikrotik/**> >>>>>>>>> > >>>>>>>>> > >>>>>>>>> attachments/20130904/70ebe2f4/********attachment.html<http://*** >>>>>>>>> *mail.<http://mail.> >>>>>>>>> ** >>>>>>>>> butchevans.com/pipermail/******mikrotik/attachments/20130904/** >>>>>>>>> ****<http://butchevans.com/pipermail/****mikrotik/attachments/20130904/****> >>>>>>>>> <http://butchevans.com/**pipermail/**mikrotik/** >>>>>>>>> attachments/20130904/**<http://butchevans.com/pipermail/**mikrotik/attachments/20130904/**> >>>>>>>>> > >>>>>>>>> 70ebe2f4/attachment.html<http:****//mail.butchevans.com/** >>>>>>>>> pipermail/mikrotik/****attachments/20130904/70ebe2f4/** >>>>>>>>> **attachment.html<http://mail.**butchevans.com/pipermail/** >>>>>>>>> mikrotik/attachments/20130904/**70ebe2f4/attachment.html<http://mail.butchevans.com/pipermail/mikrotik/attachments/20130904/70ebe2f4/attachment.html> >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> ______________________________********_________________ >>>>>>>>> Mikrotik mailing list >>>>>>>>> [email protected] >>>>>>>>> http://mail.butchevans.com/********mailman/listinfo/mikrotik<http://mail.butchevans.com/******mailman/listinfo/mikrotik> >>>>>>>>> <h**ttp://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>>>> > >>>>>>>>> <htt**p://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>>>> <**http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>>>> > >>>>>>>>> > >>>>>>>>> <http**://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>>>> <**http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>>>> > >>>>>>>>> <ht**tp://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>>>> <ht**tp://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>>>>>>>> > >>>>>>>>> >>>>>>>>> > >>>>>>>>> >>>>>>>>> > >>>>>>>>> >>>>>>>>> >>>>>>>>> Visit http://blog.butchevans.com/ for tutorials related to >>>>>>>>> Mikrotik >>>>>>>>> RouterOS >>>>>>>>> >>>>>>>>> -------------- next part -------------- >>>>>>>>> >>>>>>>>> An HTML attachment was scrubbed... >>>>>>>>> >>>>>>>> URL: >>>>>>>> <http://mail.butchevans.com/********pipermail/mikrotik/**<http://mail.butchevans.com/******pipermail/mikrotik/**> >>>>>>>> <http**://mail.butchevans.com/******pipermail/mikrotik/**<http://mail.butchevans.com/****pipermail/mikrotik/**> >>>>>>>> > >>>>>>>> <http:/**/mail.butchevans.com/******pipermail/mikrotik/**<http://mail.butchevans.com/****pipermail/mikrotik/**> >>>>>>>> <http**://mail.butchevans.com/****pipermail/mikrotik/**<http://mail.butchevans.com/**pipermail/mikrotik/**> >>>>>>>> > >>>>>>>> > >>>>>>>> attachments/20130904/c6a2258c/********attachment.html<http://*** >>>>>>>> *mail.<http://mail.> >>>>>>>> ** >>>>>>>> butchevans.com/pipermail/******mikrotik/attachments/20130904/******<http://butchevans.com/pipermail/****mikrotik/attachments/20130904/****> >>>>>>>> <http://butchevans.com/**pipermail/**mikrotik/** >>>>>>>> attachments/20130904/**<http://butchevans.com/pipermail/**mikrotik/attachments/20130904/**> >>>>>>>> > >>>>>>>> c6a2258c/attachment.html<http:****//mail.butchevans.com/** >>>>>>>> pipermail/mikrotik/****attachments/20130904/c6a2258c/** >>>>>>>> **attachment.html<http://mail.**butchevans.com/pipermail/** >>>>>>>> mikrotik/attachments/20130904/**c6a2258c/attachment.html<http://mail.butchevans.com/pipermail/mikrotik/attachments/20130904/c6a2258c/attachment.html> >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> >>>>>>>> ______________________________********_________________ >>>>>>>> Mikrotik mailing list >>>>>>>> [email protected] >>>>>>>> http://mail.butchevans.com/********mailman/listinfo/mikrotik<http://mail.butchevans.com/******mailman/listinfo/mikrotik> >>>>>>>> <h**ttp://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>>> > >>>>>>>> <htt**p://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>>> <**http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>>> > >>>>>>>> > >>>>>>>> <http**://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>>> <**http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>>> > >>>>>>>> <ht**tp://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>>> <ht**tp://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>>>>>>> > >>>>>>>> >>>>>>>> > >>>>>>>> >>>>>>>> > >>>>>>>> >>>>>>>> >>>>>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>>>>>> RouterOS >>>>>>>> >>>>>>>> >>>>>>>> ______________________________********_________________ >>>>>>>> >>>>>>> Mikrotik mailing list >>>>>>> [email protected] >>>>>>> http://mail.butchevans.com/********mailman/listinfo/mikrotik<http://mail.butchevans.com/******mailman/listinfo/mikrotik> >>>>>>> <h**ttp://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>> > >>>>>>> <htt**p://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>> <**http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>> > >>>>>>> > >>>>>>> <http**://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>>> <**http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>> > >>>>>>> <ht**tp://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>>> <ht**tp://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>>>>>> > >>>>>>> >>>>>>> > >>>>>>> >>>>>>> > >>>>>>> >>>>>>> >>>>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>>>>> RouterOS >>>>>>> >>>>>>> -------------- next part -------------- >>>>>>> >>>>>>> An HTML attachment was scrubbed... >>>>>> URL: >>>>>> <http://mail.butchevans.com/******pipermail/mikrotik/**<http://mail.butchevans.com/****pipermail/mikrotik/**> >>>>>> <http:/**/mail.butchevans.com/****pipermail/mikrotik/**<http://mail.butchevans.com/**pipermail/mikrotik/**> >>>>>> > >>>>>> >>>>>> attachments/20130904/55ccacc8/******attachment.html<http://**mail.<http://mail.> >>>>>> ** >>>>>> butchevans.com/pipermail/****mikrotik/attachments/20130904/****<http://butchevans.com/pipermail/**mikrotik/attachments/20130904/**> >>>>>> 55ccacc8/attachment.html<http:**//mail.butchevans.com/** >>>>>> pipermail/mikrotik/**attachments/20130904/55ccacc8/**attachment.html<http://mail.butchevans.com/pipermail/mikrotik/attachments/20130904/55ccacc8/attachment.html> >>>>>> > >>>>>> >>>>>> > >>>>>> >>>>>> > >>>>>> >>>>>> ______________________________******_________________ >>>>>> Mikrotik mailing list >>>>>> [email protected] >>>>>> http://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>>> <htt**p://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>> > >>>>>> <http**://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>>> <ht**tp://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>>>>> > >>>>>> > >>>>>> >>>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>>>> RouterOS >>>>>> >>>>>> >>>>>> ______________________________******_________________ >>>>> Mikrotik mailing list >>>>> [email protected] >>>>> http://mail.butchevans.com/******mailman/listinfo/mikrotik<http://mail.butchevans.com/****mailman/listinfo/mikrotik> >>>>> <htt**p://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>> > >>>>> <http**://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>>> <ht**tp://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>>>> > >>>>> > >>>>> >>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>>> RouterOS >>>>> >>>>> -------------- next part -------------- >>>>> >>>> An HTML attachment was scrubbed... >>>> URL: >>>> <http://mail.butchevans.com/****pipermail/mikrotik/**<http://mail.butchevans.com/**pipermail/mikrotik/**> >>>> attachments/20130904/507e1eda/****attachment.html<http://mail.** >>>> butchevans.com/pipermail/**mikrotik/attachments/20130904/** >>>> 507e1eda/attachment.html<http://mail.butchevans.com/pipermail/mikrotik/attachments/20130904/507e1eda/attachment.html> >>>> > >>>> >>>> > >>>> >>>> ______________________________****_________________ >>>> Mikrotik mailing list >>>> [email protected] >>>> http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>>> <http**://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>>> > >>>> >>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>> RouterOS >>>> >>>> >>> ______________________________****_________________ >>> Mikrotik mailing list >>> [email protected] >>> http://mail.butchevans.com/****mailman/listinfo/mikrotik<http://mail.butchevans.com/**mailman/listinfo/mikrotik> >>> <http**://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >>> > >>> >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>> RouterOS >>> >>> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: <http://mail.butchevans.com/**pipermail/mikrotik/** >> attachments/20130904/4bfada74/**attachment.html<http://mail.butchevans.com/pipermail/mikrotik/attachments/20130904/4bfada74/attachment.html> >> > >> >> ______________________________**_________________ >> Mikrotik mailing list >> [email protected] >> http://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> >> >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >> RouterOS >> > > ______________________________**_________________ > Mikrotik mailing list > [email protected] > http://mail.butchevans.com/**mailman/listinfo/mikrotik<http://mail.butchevans.com/mailman/listinfo/mikrotik> > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20130904/5a7ace7b/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
