Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

How can I use BGP to block abusive IPs using home made blocklist?

I would like to know how to use a custom blacklist on a server to block abusive traffic on my border router. I was told that this can be done using iBGP and community attribute but I was wondering specifically how this can be done?  I assume the server with the blacklist of IP to block will need to be configured with iBGP and my border router will need to see the server as a BGP neighbor, but what else is necessary? 


If you want to feed your own

If you want to feed your own list of prefixes (your blacklist) into your network via BGP, you can use any number of open-source products (OpenBGPd, XORP, Quagga, Bird, &c) on a Unix or Linux machine to do so. Essentially, you set up your route server, import your blacklist and then have your network peer with it via BGP. Your router can either send those prefixes to your route server to be dropped or you can null-route them locally. The actual implementation is going to vary greatly depending on which BGP platform you select.

CreatePlease to create content