Community discussions

MikroTik App
 
Antoine
just joined
Topic Author
Posts: 6
Joined: Thu Aug 05, 2010 12:02 am

Blackhole route and route selection process

Sat Mar 09, 2013 12:05 am

Hello,

I'm looking for a way to blackhole traffic to particular IPs announced by a BGP daemon.

I have four interconnected routers and I use OSPF for internal routing. BGP is used here only to allow a server to announce IPs to blackhole to the network (the server is a log collector and base its decision to blackhole a particular IP based on logs received from each router/server of the network). My idea is to create a blackhole route on each router, for example:
/ip route add type=blackhole dst-address=10.255.255.255
Then, the bgp daemon on my log collector just have to announce each IP to blackhole with a next-hop of 10.255.255.255.

The problem is that it does't work, because the bgp announced route never use my blackhole route as nexthop, but my default route, eg:
[...]
19 A SB dst-address=10.255.255.255/32 type=blackhole distance=1
[...]
21 ADb  dst-address=1.2.3.4/32 gateway=10.255.255.255 gateway-status=10.255.255.255 recursive via <isp gw> <isp_if> distance=200 scope=40 target-scope=30 bgp-local-pref=100 bgp-origin=igp received-from=<bgp_peer> 
Why the blackhole route is never used by the route selection process? Is it a bug? What are the alternatives for my problem?

Thanks for any help,
Antoine.

Who is online

Users browsing this forum: No registered users and 16 guests