It's still weird behavior. It's not a nice solution if you advertise
the blackhole next-hop througout the network. It should work inbound,
though it might be a bug that setting the next-hop doesn't work while
also setting the vrf.
I'll try to lab this tomorrowmorning.
--
Rick Mur
CCIE2 #21946 (R&S, Service provider)
Sr. Support Engineer -- IPexpert, Inc.
Sent from my iPhone
On 29 aug 2009, at 00:28, Bryan Bartik <[email protected]> wrote:
Ok, here's what I do now to make it work. Instead of applying the
next hop inbound, I just set a community. Then going towards the RR,
I match the community and set the next-hop, local pref, no-export,
etc. The BGP route then gets propagated and along with the null
route, and it recursively points to null so RPF fails.
On Fri, Aug 28, 2009 at 6:29 AM, Bryan Bartik <[email protected]>
wrote:
Hey Rick,
I am trying it on some different models: 6500, 7600, and a 3640,
haven't tried a 7200. All of them behave the same way. When I remove
the VRF and just have a normal EBGP session, it works. I might have
to peer the Trigger router one hop away from the PE (multihop EBGP,
while sharing the peering address through the VRF), I have tested
this and it seems to work.
On Fri, Aug 28, 2009 at 12:47 AM, Rick Mur <[email protected]> wrote:
Hi Bryan,
Is the route-map applied inbound from the BGP neighbor session of
the trigger router? The trigger router is also in VRF internet or in
the global table?
I actually never tried this within a VRF. Have you tried to do the
same thing without the vrf INTERNET?
On what platform are you trying this? Have you tried doing it on a
7200?
--
Regards,
Rick Mur
CCIE2 #21946 (R&S / Service Provider)
Sr. Support Engineer – IPexpert, Inc.
URL: http://www.IPexpert.com
On 27 aug 2009, at 20:36, Bryan Bartik wrote:
Hello,
I am trying to set up a source based black hole an MPLS VPN but I
cannot get the discard route to properly be accepted as a next hop,
output says "inaccessible".
Trigger----->PE
Trigger is sending x.x.x.98/32 to the PE.
On the PE, I have a route-map that sets all next hops (VRF) from
trigger to 172.31.254.254.
On the PE, I have a null route in the VRF for 172.31.254.254.
lab#sho run | inc ip route
ip route vrf INTERNET 172.31.254.254 255.255.255.255 Null0
lab#sho route-map SBBH
route-map SBBH, permit, sequence 10
Match clauses:
Set clauses:
local-preference 252
ip vrf INTERNET next-hop 172.31.254.254
Policy routing matches: 0 packets, 0 bytes
BGP routing table entry for xxx:xxx:x.x.x.98/32, version 3747716
Paths: (2 available, best #2, table INTERNET)
Not advertised to any peer
65187
172.31.254.254 (inaccessible) from x.x.x.x (TRIGGER IP)
Origin incomplete, metric 0, localpref 252, valid, external
Extended Community: RT:xxx:xxx
Am I missing something?
Thanks,
--
Bryan Bartik
CCIE #23707 (R&S), CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
_______________________________________________
For more information regarding industry leading CCIE Lab training,
please visit www.ipexpert.com
--
Bryan Bartik
CCIE #23707 (R&S), CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
--
Bryan Bartik
CCIE #23707 (R&S), CCNP
Sr. Support Engineer - IPexpert, Inc.
URL: http://www.IPexpert.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
