Community discussions

MUM Europe 2020
 
blackmetal
Member Candidate
Member Candidate
Topic Author
Posts: 199
Joined: Mon Aug 16, 2010 9:01 am

Cymru-TEAM (UTRS) Blackholing problem

Tue Jan 14, 2020 9:34 am

Hello,
I just setup my bgp session with UTRS and this is my configurations

route filter:
add action=accept bgp-communities=64496:0 chain=UTRS-IN comment="UTRS Filtering" disabled=yes prefix-length=32 set-type=blackhole
add action=discard bgp-communities="" chain=UTRS-IN
add action=accept bgp-communities="" chain=UTRS-OUT disabled=yes prefix-length=32 set-bgp-communities=no-export,MYOWNAS:0 set-out-nexthop=192.0.2.1
add action=discard bgp-communities="" chain=UTRS-OUT

this is my session config:
add in-filter=UTRS-IN instance=MYISPNAME max-prefix-limit=500 max-prefix-restart-time=10m multihop=yes name=UTRS out-filter=UTRS-OUT passive=yes remote-address=154.35.x.x \
remote-as=64496 tcp-md5-key=PASSWORD ttl=default

in this case when i announce /32 to UTRS i wcan see attacks towards my network and also i tried remove no-export tag from my as number and tried tag it with 64496:0 only but it did not work,
also they informed me they can see my routes ,
any idea ?
Thank you.
 
savage
Forum Guru
Forum Guru
Posts: 1214
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Re: Cymru-TEAM (UTRS) Blackholing problem

Tue Jan 14, 2020 12:03 pm

CYMRU provides examples for Mikrotik - use them, they work.
Regards,
Chris
 
blackmetal
Member Candidate
Member Candidate
Topic Author
Posts: 199
Joined: Mon Aug 16, 2010 9:01 am

Re: Cymru-TEAM (UTRS) Blackholing problem

Tue Jan 14, 2020 12:09 pm

i have used https://www.team-cymru.com/utrs/getting-started.html example as well but it did not work too!
 
User avatar
leoservices
Trainer
Trainer
Posts: 140
Joined: Fri Jan 13, 2012 2:20 am
Location: Belo Horizonte - MG - Brazil
Contact:

Re: Cymru-TEAM (UTRS) Blackholing problem

Thu Jan 16, 2020 3:47 am

Remove this filter. You should not make advertisements for Cymru

add action=accept bgp-communities="" chain=UTRS-OUT disabled=yes prefix-length=32 set-bgp-communities=no-export,MYOWNAS:0 set-out-nexthop=192.0.2.1
I try to help !

Leonardo Vieira
https://youtube.com/contractti
Like Facebook.com/contractti

Who is online

Users browsing this forum: mixig and 9 guests