Community discussions

MikroTik App
 
blackmetal
Member Candidate
Member Candidate
Topic Author
Posts: 227
Joined: Mon Aug 16, 2010 9:01 am

Cymru-TEAM (UTRS) Blackholing problem

Tue Jan 14, 2020 9:34 am

Hello,
I just setup my bgp session with UTRS and this is my configurations

route filter:
add action=accept bgp-communities=64496:0 chain=UTRS-IN comment="UTRS Filtering" disabled=yes prefix-length=32 set-type=blackhole
add action=discard bgp-communities="" chain=UTRS-IN
add action=accept bgp-communities="" chain=UTRS-OUT disabled=yes prefix-length=32 set-bgp-communities=no-export,MYOWNAS:0 set-out-nexthop=192.0.2.1
add action=discard bgp-communities="" chain=UTRS-OUT

this is my session config:
add in-filter=UTRS-IN instance=MYISPNAME max-prefix-limit=500 max-prefix-restart-time=10m multihop=yes name=UTRS out-filter=UTRS-OUT passive=yes remote-address=154.35.x.x \
remote-as=64496 tcp-md5-key=PASSWORD ttl=default

in this case when i announce /32 to UTRS i wcan see attacks towards my network and also i tried remove no-export tag from my as number and tried tag it with 64496:0 only but it did not work,
also they informed me they can see my routes ,
any idea ?
Thank you.
 
savage
Forum Guru
Forum Guru
Posts: 1263
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Re: Cymru-TEAM (UTRS) Blackholing problem

Tue Jan 14, 2020 12:03 pm

CYMRU provides examples for Mikrotik - use them, they work.
 
blackmetal
Member Candidate
Member Candidate
Topic Author
Posts: 227
Joined: Mon Aug 16, 2010 9:01 am

Re: Cymru-TEAM (UTRS) Blackholing problem

Tue Jan 14, 2020 12:09 pm

i have used https://www.team-cymru.com/utrs/getting-started.html example as well but it did not work too!
 
User avatar
leoservices
Trainer
Trainer
Posts: 169
Joined: Fri Jan 13, 2012 2:20 am
Location: Belo Horizonte - MG - Brazil
Contact:

Re: Cymru-TEAM (UTRS) Blackholing problem

Thu Jan 16, 2020 3:47 am

Remove this filter. You should not make advertisements for Cymru

add action=accept bgp-communities="" chain=UTRS-OUT disabled=yes prefix-length=32 set-bgp-communities=no-export,MYOWNAS:0 set-out-nexthop=192.0.2.1
 
expo
Frequent Visitor
Frequent Visitor
Posts: 52
Joined: Tue Jan 27, 2009 7:57 am

Re: Cymru-TEAM (UTRS) Blackholing problem

Sat May 21, 2022 2:51 am

Remove this filter. You should not make advertisements for Cymru

add action=accept bgp-communities="" chain=UTRS-OUT disabled=yes prefix-length=32 set-bgp-communities=no-export,MYOWNAS:0 set-out-nexthop=192.0.2.1
Don't remove, advertising 25-32 prefixes to URTS is the whole point of the service...

Likely the OP and other posters issue is they are expecting URTS to stop their ddos attack where it will only help if the attack is originating from the network of a URTS member, you also need to be advertising a black hole via bgp community to your upstream providers!

Who is online

Users browsing this forum: No registered users and 14 guests