Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
0
Helpful
1
Replies

How can I use BGP to block abusive IPs using home made blocklist?

ajamua
Level 1
Level 1

‎10-30-2014 01:10 PM - edited ‎03-05-2019 12:04 AM

I would like to know how to use a custom blacklist on a server to block abusive traffic on my border router. I was told that this can be done using iBGP and community attribute but I was wondering specifically how this can be done?  I assume the server with the blacklist of IP to block will need to be configured with iBGP and my border router will need to see the server as a BGP neighbor, but what else is necessary? 

Labels:
0 Helpful
1 Reply 1

ghostinthenet
Level 7
Level 7

‎10-30-2014 05:26 PM

If you want to feed your own list of prefixes (your blacklist) into your network via BGP, you can use any number of open-source products (OpenBGPd, XORP, Quagga, Bird, &c) on a Unix or Linux machine to do so. Essentially, you set up your route server, import your blacklist and then have your network peer with it via BGP. Your router can either send those prefixes to your route server to be dropped or you can null-route them locally. The actual implementation is going to vary greatly depending on which BGP platform you select.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card