Figure 123, Configuration steps – Brocade BigIron RX Series Configuration Guide User Manual

BigIron RX Series Configuration Guide

831

53-1002484-04

BGP Null0 routing

27

FIGURE 123

Sample Null0 routing application

The following steps configure a null0 routing application for stopping denial of service attacks from
remote hosts on the internet.

Configuration steps

1. Select one router, Router 6, to distribute null0 routes throughout the BGP network.

2. Configure a route-map to match a particular tag (50) and set the next-hop address to an

unused network address (199.199.1.1).

3. Set the local-preference to a value higher than any possible internal or external

local-preference (50).

4. Complete the route map by setting origin to IGP.

5. On Router 6, redistribute the static routes into BGP, using route-map <route-map-name>

(redistribute static route-map block user).

6. On Router 1, the router facing the internet, configure a null0 route matching the next-hop

address in the route-map (ip route 199.199.1.1/32 null0).

7. Repeat step 3 for all routers interfacing with the internet (edge corporate routers). In this case,

Router 2 has the same null0 route as Router 1.

8. On Router 6, configure the network prefixes associated with the traffic you want to drop. The

static route IP address references a destination address. You are required to point the static
route to the egress port, for example, Ethernet 3/7, and specify the tag 50, matching the
route-map configuration.

R1

AS 100

R2

R3

R6

R7

R5

R4

Internet