[ixpmanager] Blackhole service on IXP manager route servers (RTBH)

Shahab Vahabzadeh me at shahabv.com
Fri Oct 30 18:26:33 GMT 2020


Dear Leon,
Thanks for your help, in
$IXPROOT/resources/views/api/v4/router/server/bird2 inside which file we
need to change next_hop for blackhole community or even specific community?
And how?
Thanks

On Wed, Oct 28, 2020 at 7:00 PM Leon Meßner <l.messner at physik.tu-berlin.de>
wrote:

> Dear Behnam,
>
> On Mon, 26 Oct 2020 11:27:31 +0330
> Behnam Yazdani <behnamyazdani at gmail.com> wrote:
> > We want to implement RTBH service in our IX environment, currently we
> have activated IRRDB filtering. for this purpose we have deployed two
> Servers used as blackhole next-hop, they inject an ARP response to members
> that populate IX switches with BH-MAC, this BH-MAC is dropped on all IX
> switches. In our current deployment members will have to establish a new
> BGP session with a dedicated Blackhole Router. we want to integrate BH
> service with IXP manager route servers, however, there are two issue what
> we need to resolve for this purpose:
> > 1) We need to change BH next-hop to the IP address of BH servers that
> their MAC is later dropped in IX switches’ CAM table, and I need to know
> how can we implement this in IXPmanager
> > 2) we need to change IRRDB filter so that generated prefix filters
> accepts /32 prefixes advertised by members, for example there’s a route
> object for 192.0.2.0/24 with AS65535 as origin. By default generated
> prefix-list will have /24 mask for AS65535 member, but we need  IXP
> manager  to generate prefix filter that accepts 192.0.2.0/24 Le 32 from
> AS65535
>
> have you considered skinning your routeserver templates[1]? You can
> find the stock templates for bird v1(v2) at
> $IXPROOT/resources/views/api/v4/router/server/bird(2). In your skinned
> version you can then change bgp_next_hop in the sessions export filter.
> Newer IXP-Managers have a checkbox in the Webinterface to accept
> more-specifics. You can find the relevant line in the
> bird2/neighbors.foil.php template looking for prefixExactToLessSpecific.
> If you want the BH RS behaviour to be independent of that checkbox
> something like
>
> allnet = [ <?= implode( ', ', preg_filter('/$/', '+',
> $int['irrdbfilter_prefixes']) ) ?> ];
>
> should also work.
>
> Regards,
> Leon
>
> [1] https://docs.ixpmanager.org/features/skinning/
> >
> > How should we configure IXP manager to resolve these two issues
> > P.S. we’re using bird as our route server
> >
> > Thanks for your help
> > _______________________________________________
> > INEX IXP Manager mailing list
> > ixpmanager at inex.ie
> > Unsubscribe or change options here:
> https://www.inex.ie/mailman/listinfo/ixpmanager
>
> _______________________________________________
> INEX IXP Manager mailing list
> ixpmanager at inex.ie
> Unsubscribe or change options here:
> https://www.inex.ie/mailman/listinfo/ixpmanager
>


-- 

Cheers, Shahab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.inex.ie/pipermail/ixpmanager/attachments/20201030/9a3b8c90/attachment.htm>


More information about the ixpmanager mailing list