This message was posted by a user wishing to remain anonymous
Hi,
I am looking at 2 scenarios of RTBH in an MPLS Network.
First scenario - i understand OK - so we (Service Provider) receive a route from our customer with a RTBH Community, we then advertise this route via iBGP to other routers in the network through a Route Reflector and on the other PE Routers we configure an iBGP import policy that matches the RTBH Community and set the next-hop to discard.
Now its the second scenario that i have a question for - one of our PE Routers is a RTBH trigger router and we have the following config on the trigger router:
#V6DestinationPrefix
set routing-options rib inet6.0 static route 2A01:5678:1/128 reject
set routing-options rib inet6.0 static route 2A01:5678:1/128 tag 666
#V4DestinationPrefix
set routing-options static route 172.16.42.42/32 reject
set routing-options static route 172.16.42.42/32 tag 666
#DiscardRoutes
set routing-options rib inet6.0 static route 0100::1/128 reject
set routing-options static route 192.2.0.1/32 reject
show policy-options policy-statement RTBH
term 1 {
from {
family inet;
protocol static;
tag 666;
}
then {
local-preference 500;
community add NO-EXPORT;
community add RTBH_COMM;
next-hop 192.2.0.1;
accept;
}
}
term 2 {
from {
family inet6;
protocol static;
tag 666;
}
then {
local-preference 500;
community add RTBH_COMM;
community add NO-EXPORT;
next-hop 0100::1;
accept;
}
}
#iBGPcONFIG
group ibgp {
type internal;
local-address 172.20.20.20;
family inet {
unicast;
}
family inet6
}
}
export [ nhs RTBH ];
My questions are:
1. Since this is only an IPv4 Core with no native v6 peering in the Core - to get term 2 in the export policy to be exported do i need to enable "family inet6" on the iBGP session towards the RR?
2. Since we are changing the next-hop to discard routes when these prefixes are send to the RR for route resolution on the RR - do ia lso need to add the following 2 static routes:
set routing-options rib inet6.0 static route 0100::1/128 reject
set routing-options static route 192.2.0.1/32 reject
3. Lastly to allow the other PE Routers to do Local Route Resolution - i need to add the 2 static routes above.
Am i missing anything here - any help will be appreciated,
Cheers