Having experimented a bit now with v7.1.1, I note that it's seemingly no longer possible to create an "unreachable" route. On my old v6 configuration I had
a set of unreachable RFC1918 routes for 10/8, 172.16/12 and 192.168/16 to act as a last line of defence against certain flavours of stupidity, but the conversion to a v7 config
seems to have made these all into blackhole routes.
Was this feature explicitly dropped for some very good reason I don't as yet understand or is it something yet to be ported into v7?
I guess that I could rejig things so that the RFC1918 routes route to a special loopback interface, and then add a forwarding firewall rule to ICMP unreachable anything hitting that interface.
Is that feasible, should I so desire to retain the last-ditch "unreachable" functionality?