Created by Andrea Campanella, last modified on May 10, 2018

Overview

Since ONOS 1.12 RC6 Trellis is capable of installing a "balckhole" for given routes. 

The blackhole consists of a rule on table 30 on every edge device on the fabric. The Table 30 rule matches on a given IP address and mask and has nothing but a clearDeferred action, practically dropping the packet. Every IP we want to blackhole will have it's own rule in every edge switch. 

Flow Rule Example

An example of such rule is:

Balckhole flow example
  ADDED, bytes=0, packets=0, table=30, priority=48010, selector=[ETH_TYPE:ipv4, IPV4_DST:50.0.0.0/24], treatment=[transition=TABLE:60]

Configuration

The IPs to blackhole are taken from the segmentrouting app configuration.

This is an example of such configuration:

Blackhole Json example
{
<other net-cfg elements>,
"apps" : {
    "org.onosproject.segmentrouting" : {
        "segmentrouting": {
            "blackholeIps": [
                      "50.0.0.0/24"
            ]
        }
    }
}