Thanks to everyone that participated in Contest #3. Here are the solutions to both questions:
Question 1: eBGP peering with Loopback interfaces
There are actually three possible solutions to this:
- Use the neighbor x.x.x.x ebgp-multihop 2 command
- Use the neighbor x.x.x.x disable-connected-check command
- Use the neighbor x.x.x.x ttl-security hops 2 command
Many people think that it takes two hops to get from the loopback interface of one router to the loopback interface of a directly connected router but this is not true: it actually takes just one hop. You can refer to this article that attempts to clear up this misunderstanding.
Question 2: Remotely Triggered Black Hole (RTBH)
Like the question says, there are three configuration errors here:
- The edge router (R1) needs to have a route for 192.0.2.1 pointing to null0.
- There is a problem with the community that the trigger router (R2) is sending. It should be sending “99:1” and not “999:1” since “99:1” is what is configured on R1.
- There needs to be the “neighbor 192.168.99.1 send-community” on R2; else, it will not send the community to R1 and R1 will not blackhole the traffic.
You can read this Cisco white paper to learn more about Remotely Triggered Black Hole Filtering.
Unfortunately, there was no one who answered both questions correctly. ‘Folorunso’ was the first person to answer the 1st question correctly. ‘crUnk’ was the only person to attempt both questions and almost got the 2nd question – he/she didn’t add the “neighbor 192.168.99.1 send-community” to his solution. The prize will be split between both of them and they will be contacted about their preferred option to receive the prize.
We are toying with the idea of making some of the contests community-generated; so drop a comment if you are interested in sending in contests that will be posted on this site.