From 2cec4c5204ce8c65fb247b0ebf5a4863f6262175 Mon Sep 17 00:00:00 2001 From: uvok cheetah Date: Mon, 8 Jul 2024 20:20:28 +0200 Subject: Learning, updated again --- _posts/2024-03-17-further-learnings-from-running-my-as.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to '_posts/2024-03-17-further-learnings-from-running-my-as.md') diff --git a/_posts/2024-03-17-further-learnings-from-running-my-as.md b/_posts/2024-03-17-further-learnings-from-running-my-as.md index 172168e..494262b 100644 --- a/_posts/2024-03-17-further-learnings-from-running-my-as.md +++ b/_posts/2024-03-17-further-learnings-from-running-my-as.md @@ -2,7 +2,7 @@ layout: post title: Further learnings from running my AS date: 2024-03-17 14:42 +0100 -last_modified_at: 2024-06-26 19:08 +02:00 +last_modified_at: 2024-07-08 20:17 +02:00 lang: en categories: ["tech"] --- @@ -114,3 +114,12 @@ Futher info: Instead, I need to add a default blackhole. (The filtered routes will not be in my routing table, and if I don't want to route to them, I need to prevent the kernel from using the default upstream route). + +**Update 2024-07-08** + +- Another oops! I just realized I also have to export *my prefix* as unreachable + into the kernel! Otherwise, due to the way I configured the routing in Linux + (`ip rule add ... from table xxx`), when a package arrives from + `eth0` which addresses a host that is not present in my AS, the default route + will be taken. And the gateway will throw the packet back at me. And I will + throw it back an the gateway. And so on. -- cgit v1.2.3