Is it possible to change the next-hop of some updates received through eBGP? Let's say the customer receives a flood and wants to advertise to the ISP a /32 prefix so the filtering occurs at the network edge. I was thinking something like:
no ip unreachables
router bgp 100
bgp router-id 192.168.255.14
no bgp default ipv4-unicast
no bgp default route-target filter
neighbor 192.168.2.2 remote-as 102
neighbor 192.168.2.2 update-source Ethernet0
neighbor 192.168.2.2 activate
neighbor 192.168.2.2 route-map InboundM in
ip prefix-list prfx seq 5 permit 0.0.0.0/0 ge 32
route-map InboundM permit 10
match ip address prefix-list prfx
set ip next-hop 22.214.171.124
set origin igp
set community no-export
route-map InboundM permit 20
ip route 126.96.36.199 255.255.255.255 null 0
PE_XXX#sh ip bgp 188.8.131.52
BGP routing table entry for 184.108.40.206/32, version 3286
Paths: (1 available, no best path)
Not advertised to any peer
220.127.116.11 (inaccessible) from 192.168.2.2 (192.168.2.2)
BGP routing table entry for 18.104.22.168/24, version 7
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to non peer-group peers:
192.168.2.2 from 192.168.2.2 (192.168.2.2)
Origin IGP, metric 0, localpref 100, valid, external, best
PE_XXX#sh ip route 22.214.171.124
Routing entry for 126.96.36.199/32
Known via "static", distance 1, metric 0 (connected)
Routing Descriptor Blocks:
* directly connected, via Null0
Route metric is 0, traffic share count is 1
I want to make a step further from the blackhole routing described in the Nanog docs, so I don't have to manually provision the static route(s) that gets redistributed by iBGP and trigger blackholing, and to also allow the customer to announce me long prefixes for me to filter out dynamically.
Still, it doesn't seem to work as expected, as you can see from the output the /32 prefix doesn't get advertised with the 188.8.131.52 next-hop to be filtered out at the edge.
Cisco DNA Center version 2.2.2.x includes the features and improvements that
New intelligence provides an easy, gradual, and complete adoption of SD-Access. Faster Cisco DNA Center set-up saves time and effort.
When using Cisco cellular modules with a SIM card an APN must be provided. The APN cannot be stored in the SIM card and is supplied by your SIM card provider. Cisco cellular software contains a database of well-known APNs based on the country and ...
Cisco 3850: IOS-XE/Firmware Upgrade
This procedure is aimed at Cisco 3850 switch ONLY.
IOS-XE Bundle Mode is not covered.
9300, 9500 (vanilla & high-performance), ISR 1k, ISR 4k and ASR is not covered.
Listen: https://smarturl.it/CCRS8E46Follow us: twitter.com/ciscochampionsIt’s been several years since the release of Cisco DNA Center, and it’s matured into a complete network management system, an automation and orchestration engine, an AI/ML analy...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...