Junos Automation (Scripting)
Highlighted
Junos Automation (Scripting)

How to trigger command to null route ip

‎06-09-2020 01:00 PM

Hello,

I am using third party network monitoring system. I want to trigger some rules like null route ip if syn or any dos attack happen. Can anyone guide me how to do it?

Thanks

 

2 REPLIES 2
Highlighted
Junos Automation (Scripting)

Re: How to trigger command to null route ip

‎06-09-2020 07:07 PM

Hi fiber9, 

 

Greetings, 

 

To my understanding, I see that you want to perform discard routing to prevent any DoS attacks (which can include a SYN attack as well).  If too many requests are received in a short period of time, the router simply discards the requests without forwarding them. The requests are sent to a router that does not forward the packets. The problematic routes are sometimes referred to as discard routes or black-holed routes

 

One way to do the same is to create a discard static route for each next hop used for discard routes.

A discard static route uses the discard option. 

user@host# show routing-options
static {
route 192.0.2.101/32 discard;
}

I would recommend you to read through https://www.juniper.net/documentation/en_US/junos/topics/example/policy-discard-interface.html for more details.

 

Hope this helps. Smiley Happy

 

Please mark "Accept as solution" if this answers your query. 

Kudos are appreciated too! 

 

Regards, 

Sharat Ainapur

Highlighted
Junos Automation (Scripting)

Re: How to trigger command to null route ip

‎06-09-2020 07:12 PM

Hello Fiber9,

 

You can configure policy-options with a match criteria to discard the routes in the event of DoS attack. In discard routing, routers are configured with rules that disallow millions of requests in a short period of time from being sent to the same address. If too many requests are received in a short period of time, the router simply discards the requests without forwarding them. The requests are sent to a router that does not forward the packets. The problematic routes are sometimes referred to as discard routes or black-holed routes. 

 

Please refer to the below document for more information and sample configuration.

https://www.juniper.net/documentation/en_US/junos/topics/example/policy-discard-interface.html

 


Regards,
Vishaal


Accept as Solution = cool ! (Help fellow community members with similar query be redirected here instead of them reposting again)
Accept as Solution+Kudo = You are a Star !
Feedback