Please add feature to set route-map type blackhole, currently we've manualy static route blackhole from our customer peering bgp.
When many customer wants to blackhole their spesific ip, i need repeat so many command to static blackhole their prefix.
Thanks
The usual procedure is to create a route-map that sets the nexthop to a blackholed address if the advertisment has a specific community string set.
So when a customer advertises an address (rather a /32 network) to you with that string set, it automatically ends up blackholed.
Do you just want a shortcut for that, or you are having issues with community string-based approach?
@rizkidtn Update, please your request. Is the community works for you for blackholing?
Hi @dmbaturin,
Mikrotik have feature set next-hop to blackhole without create blackhole route.
It will better if vyos have shortcut like that.
And for @Viacheslav yes, communty tag will always work. You only need tell your customer to tag their blackhole route with your blackhole community and set match rule to next-hop blackhole address.
Regards
Ari
Like this?
vyos@r4-roll# set policy route-map FJFFJJF rule 10 set ip-next-hop Possible completions: <x.x.x.x> IP address
where x.x.x.x route to blackhole?
@rizkidtn I don't understand exactly what wrong with the community?
Customers sent you routes, with blackhole community, on the router you mark match this community and set next hop "blackhole" IP address.
You don't need to add any static routes from customers.
There are not such options in FRR
r14(config-route-map)# set ip next-hop A.B.C.D IP address of next hop peer-address Use peer address (for BGP only) unchanged Don't modify existing Next hop address r14(config-route-map)#
It must be next-hop
Can be resolved by route-map acting on community (for example <ASN>:888) and setting nexthop to 192.0.2.1 (optional tag 666) or for IPv6 set nexthop 0100:: along with a static route where 192.0.2.1/32 and 0100::/64 have null0 as nexthop.
See the quagga examples over at: