Configuration Steps - Dell PowerConnect B-RX Configuration Manual

Bigiron rx series supporting multi-service ironware v02.7.03

Hide thumbs Also See for PowerConnect B-RX:

Configuration manual (1458 pages)

Getting started manual (32 pages)

Installation manual (240 pages)

Table of Contents

BGP Null0 routing

The following steps configure a null0 routing application for stopping denial of service attacks from

remote hosts on the internet.

Configuration steps

1. Select one router, Router 6, to distribute null0 routes throughout the BGP network.

2. Configure a route-map to match a particular tag (50) and set the next-hop address to an

3. Set the local-preference to a value higher than any possible internal or external

4. Complete the route map by setting origin to IGP.

5. On Router 6, redistribute the static routes into BGP, using route-map <route-map-name>

6. On Router 1, the router facing the internet, configure a null0 route matching the next-hop

8. On Router 6, configure the network prefixes associated with the traffic you want to drop. The

Configuration examples

The following configuration defines specific prefixes to filter.

BigIron RX(config)#ip route 110.0.0.40/29 ethernet 3/7 tag 50

BigIron RX(config)#ip route 115.0.0.192/27 ethernet 3/7 tag 50

BigIron RX(config)#ip route 120.014.0/23 ethernet 3/7 tag 50

The following configuration redistributes routes into BGP.

BigIron RX(config)#router bgp

BigIron RX(config-bgp-router)#local-as 100

BigIron RX(config-bgp-router)#neighbor <router1_int_ip address> remote-as 100

BigIron RX(config-bgp-router)#neighbor <router2_int_ip address> remote-as 100

BigIron RX(config-bgp-router)#neighbor <router3_int_ip address> remote-as 100

BigIron RX(config-bgp-router)#neighbor <router4_int_ip address> remote-as 100

BigIron RX(config-bgp-router)#neighbor <router5_int_ip address> remote-as 100

BigIron RX(config-bgp-router)#neighbor <router7_int_ip address> remote-as 100

BigIron RX(config-bgp-router)#redistribute static route-map blockuser

BigIron RX(config-bgp-router)#exit

The following configuration defines the specific next hop address and sets the local preference to

BigIron RX(config)#route-map blockuser permit 10

BigIron RX(config-routemap blockuser)#match tag 50

BigIron RX(config-routemap blockuser)#set ip next-hop 199.199.1.1

BigIron RX(config-routemap blockuser)#set local-preference 1000000

BigIron RX(config-routemap blockuser)#set origin igp

BigIron RX(config-routemap blockuser)#exit

unused network address (199.199.1.1).

local-preference (50).

(redistribute static route-map block user).

address in the route-map (ip route 199.199.1.1/32 null0).

Repeat step 3 for all routers interfacing with the internet (edge corporate routers). In this case,

Router 2 has the same null0 route as Router 1.

static route IP address references a destination address. You are required to point the static

route to the egress port, for example, Ethernet 3/7, and specify the tag 50, matching the

route-map configuration.

BigIron RX Series Configuration Guide

53-1001986-01

Chapters

Table of Contents

Bigiron rx series

Configuration Steps - Dell PowerConnect B-RX Configuration Manual

Configuration steps

Chapters

Related Manuals for Dell PowerConnect B-RX

Related Content for Dell PowerConnect B-RX

This manual is also suitable for:

Table of Contents