beautypg.com

Configuring bgp4 null0 routing, Configuration steps, Configuration examples – Brocade Virtual ADX Switch and Router Guide (Supporting ADX v03.1.00) User Manual

Page 289

background image

Brocade Virtual ADX Switch and Router Guide

275

53-1003246-01

Filtering

8

Syntax: clear ip bgp neighbor all | ip-addr | as-num

last-packet-with-error | notification-errors

The all | ip-addr | as-num parameters specify the neighbor. The ip-addr parameter specifies a
neighbor by its IP interface with the device. The as-num parameter specifies all neighbors within
the specified AS. The all parameter specifies all neighbors.

Configuring BGP4 null0 routing

BGP4 null0 routing is described in

“BGP4 null0 routing”

on page 205. The following example

configures a null0 routing application to stop denial of service attacks from remote hosts on the
Internet.

Configuration steps

1. Select a device, for example, device 6, to distribute null0 routes throughout the BGP4 network.

2. Configure a route-map to match a particular tag (50) and set the next-hop address to an

unused network address (192.168.0.1).

3. Set the local-preference to a value higher than any possible internal or external

local-preference (50).

4. Complete the route map by setting origin to IGP.

5. On device 6, redistribute the static routes into BGP4, using route-map route-map-name

(redistribute static route-map block user).

6. On device 1, (the device facing the Internet), configure a null0 route matching the next-hop

address in the route-map (ip route 192.168.0.1/32 null0).

7. Repeat step 3 for all devices interfacing with the Internet (edge corporate devices). In this

case, device 2 has the same null0 route as device 1.

8. On device 6, configure the network prefixes associated with the traffic you want to drop. The

static route IP address references a destination address. You must point the static route to the
egress port, (for example, Ethernet 3/7), and specify the tag 50, matching the route-map
configuration.

Configuration examples

Device 6

The following configuration defines specific prefixes to filter:

Virtual ADX(config)# ip route 10.0.0.40/29 ethernet 3/7 tag 50

Virtual ADX(config)# ip route 10.0.0.192/27 ethernet 3/7 tag 50

Virtual ADX(config)# ip route 10.0.14.0/23 ethernet 3/7 tag 50

The following configuration redistributes routes into BGP4.

Virtual ADX(config)# router bgp

Virtual ADX(config-bgp-router)# local-as 100

Virtual ADX(config-bgp-router)# neighbor remote-as 100

Virtual ADX(config-bgp-router)# neighbor remote-as 100

Virtual ADX(config-bgp-router)# neighbor remote-as 100

Virtual ADX(config-bgp-router)# neighbor remote-as 100

See also other documents in the category Brocade Computer Accessories: