Can you not just blackhole it? `ip route *****/* blackhole` As to why its allowed into the config... i'm not sure, it seems that was intentionally allowed according to the patch. On Thu, Oct 1, 2020 at 11:41 AM mike tancsa <mike@sentex.net> wrote:
What is the preferred syntax going forward ? I just want to tie down larger prefixes to the discard interface so any packets sent to dead space just get discarded. I dont want icmp messages sent back.
ip route 10.0.0.0/8 disc0 ?
Also, if the old syntax is not going to work, perhaps not allow it in the config ?
---Mike
On 10/1/2020 11:31 AM, Stephen Worley wrote:
this was disallowed starting with https://github.com/FRRouting/frr/pull/4302
If you have a valid use case might be worth discussing with the author over slack.
On Thu, Oct 1, 2020 at 9:33 AM mike tancsa <mike@sentex.net <mailto:mike@sentex.net>> wrote:
Hi Donald, the 10.128.128.144 is the disc0 interface on my production router running frr6 and it works as expected. I setup another test box with frr6 and used the same disc0 ip config
e.g. on frr6
# ifconfig disc0 disc0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 65532 inet 10.128.128.1 netmask 0xfffffffc groups: disc nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
frr6# sh ip route connected Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, > - selected route, * - FIB route
C>* 10.128.128.0/30 <http://10.128.128.0/30> is directly connected, disc0, 00:00:19
frr6# sh ip route 10.128.128.1 Routing entry for 10.128.128.0/30 <http://10.128.128.0/30> Known via "connected", distance 0, metric 1, best Last update 00:00:42 ago * directly connected, disc0
frr6# conf t frr6(config)# ip route 10.0.0.0/8 <http://10.0.0.0/8> 10.128.128.1 frr6(config)# ^Z frr6# sh ip route 10.0.0.0/8 <http://10.0.0.0/8> Routing entry for 10.0.0.0/8 <http://10.0.0.0/8> Known via "static", distance 1, metric 0, best Last update 00:00:06 ago * 10.128.128.1, via disc0
frr6#
on frr7
frr7# sh ip route connected Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, f - OpenFabric, > - selected route, * - FIB route, q - queued route, r - rejected route
C>* 10.128.128.0/30 <http://10.128.128.0/30> [0/1] is directly connected, disc0, 00:24:49
frr7# sh ip route 10.128.128.1 Routing entry for 10.128.128.0/30 <http://10.128.128.0/30> Known via "connected", distance 0, metric 1, best Last update 00:25:07 ago * directly connected, disc0
frr7# conf t frr7(config)# ip route 10.0.0.0/8 <http://10.0.0.0/8> 10.128.128.1 % Warning!! Local connected address is configured as Gateway IP(10.128.128.1)
frr7# sh ip route 10.0.0.0/8 <http://10.0.0.0/8> % Network not in table frr7#
---Mike
On 10/1/2020 8:00 AM, Donald Sharp wrote: > Can we see the output of `show ip route 10.128.128.144` and `show ip > route connected`? > > donald > > On Wed, Sep 30, 2020 at 3:03 PM mike tancsa <mike@sentex.net <mailto:mike@sentex.net>> wrote: >> Up to version 6.x of frr, I have been able to tie down larger prefixes >> with a static routing pointing to the discard interface on FreeBSD. >> >> eg. the static route entry >> >> ip route 10.0.0.0/8 <http://10.0.0.0/8> 10.128.128.144 >> >> # sh ip route 10.0.0.0/8 <http://10.0.0.0/8> >> Routing entry for 10.0.0.0/8 <http://10.0.0.0/8> >> Known via "static", distance 1, metric 0, best >> Last update 09w0d01h ago >> * 10.128.128.144, via disc0 >> >> where disc0 is >> >> # ifconfig disc0 >> disc0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 65532 >> inet 10.128.128.144 netmask 0xfffffffc >> inet6 fe80::1%disc0 prefixlen 64 scopeid 0x8 >> inet6 2001:db8::1 prefixlen 64 >> groups: disc >> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> >> >> >> however, on frr7.4 this no longer works, >> >> On my test box >> >> % ifconfig disc0 >> disc0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 65532 >> inet 10.128.128.1 netmask 0xfffffffc >> inet6 fe80::1%disc0 prefixlen 64 scopeid 0x6 >> groups: disc >> nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> >> >> >> >> i3# conf t >> i3(config)# ip route 10.0.0.0/8 <http://10.0.0.0/8> 10.128.128.1 >> % Warning!! Local connected address is configured as Gateway >> IP(10.128.128.1) >> i3(config)# >> >> i3# sh ip route 10.0.0.0/8 <http://10.0.0.0/8> >> % Network not in table >> i3# >> >> If I user disc0, it seems to work, but I get warnings on start up >> >> i3(config)# ip route 10.0.0.0/8 <http://10.0.0.0/8> disc0 >> >> i3# wr >> Note: this version of vtysh never writes vtysh.conf >> Building Configuration... >> Configuration saved to /usr/local/etc/frr/zebra.conf >> Configuration saved to /usr/local/etc/frr/bgpd.conf >> Configuration saved to /usr/local/etc/frr/staticd.conf >> i3# sh ip route 10.0.0.0/8 <http://10.0.0.0/8> >> Routing entry for 10.0.0.0/8 <http://10.0.0.0/8> >> Known via "static", distance 1, metric 0, best >> Last update 00:00:07 ago >> * directly connected, disc0, weight 1 >> >> i3# >> >> 2020/09/30 14:57:53 STATIC: Static Route using disc0 interface not >> installed because the interface does not exist in specified vrf >> 2020/09/30 14:57:53 STATIC: Static Route using disc0 interface not >> installed because the interface does not exist in specified vrf >> >> the kernel routing table does seem to have it installed >> >> >> # netstat -nra | grep 10.0.0 >> 10.0.0.0/8 <http://10.0.0.0/8> disc0 U1 0 65532 disc0 >> # >> >> What is the "proper" way to do this on frr7x ? >> >> Thanks >> >> ---Mike >> >> >> >> >> _______________________________________________ >> frog mailing list >> frog@lists.frrouting.org <mailto:frog@lists.frrouting.org> >> https://lists.frrouting.org/listinfo/frog
_______________________________________________ frog mailing list frog@lists.frrouting.org <mailto:frog@lists.frrouting.org> https://lists.frrouting.org/listinfo/frog