Jump to navigation Jump to search
Question: How does /ip route check-gateway work?
- check-gateway sends pings every 10 seconds. if two successive pings fail, the gateway is considered dead.
Question: How to blackhole a network?
- There are two ways to blackhole a network. First, you can do this manually by adding a blackhole route to the routing table, for example, to blackhole a 10.0.0.0/8 network, issue the following command:
/ip route add dst-address=10.0.0.0/8 type=blackhole
- Routing filters are the other mean to blackhole a network. To create a routing filter that automatically blackholes all prefixes in 10.0.0.0/8 in the BGP feed, issue the following command:
/routing filter add prefix=10.0.0.0/8 prefix-length=8-32 set-type=blackhole chain=myfilter
Question: How to filter out the default route from outgoing BGP advertisements?
- Assuming you have a static default route that is redistributed because redistribute-static parameter is set to yes, do the following:
/routing filter add chain=myfilter prefix=0.0.0.0/0 action=discard
- Then set myfilter as the out-filter for BGP instance
/routing bgp instance set default out-filter=myfilter