I have fastnetmon setup and upon detection of ddos it sends /32 with 65001:666 via bgp to my CHR, I have FNM setup as a peer with it's own instance but for some reason the route doesn't seem to show when I run /routing bgp advertisements print peer=MYPEER so I'm assuming I have something in the config wrong?
/routing bgp instance print
0 * name="default" as=myasn router-id=MyIP redistribute-connected=no
redistribute-static=no redistribute-rip=no redistribute-ospf=no
redistribute-other-bgp=no out-filter=HE-OUT client-to-client-reflection=no
ignore-as-path-len=no routing-table=""
1 name="FNM" as=65001 router-id=0.0.0.0 redistribute-connected=no
redistribute-static=no redistribute-rip=no redistribute-ospf=no
redistribute-other-bgp=yes out-filter="" client-to-client-reflection=no
ignore-as-path-len=no routing-table=""
/routing bgp peer print
0 E default xx.yy.zz.aa 6939
1 E default xx.yy.zz.aa 7018
2 E FNM xx.yy.zz.aa 65001
Here are the relevant filters;
91 chain=FNM-OUT invert-match=no action=discard set-bgp-prepend-path=""
90 chain=FNM-IN invert-match=no action=accept set-type=blackhole set-bgp-prepend-path=""
71 chain=ATT-OUT prefix-length=32 bgp-communities=65001:666 invert-match=no action=accept set-bgp-prepend-path="" set-bgp-communities=7018:86
49 chain=HE-OUT prefix-length=32 bgp-communities=65001:666 invert-match=no action=accept set-bgp-prepend-path="" set-bgp-communities=6939:666
Thoughts are greatly appreciated!
-TJ