You can integrate FastNetMon Advanced with VyOS using their official API (available starting version 1.2.x). This integration allows FastNetMon to create or remove routes (blackholes) without using BGP.
To enable this capability, please upgrade FastNetMon to version 2.0.359 or more recent.
To start, you need to create an API Key on VyOS:
set service https api keys id key-01 key 'VyOS-super-secret-key'
After this, you need to configure the following options on FastNetMon:
sudo fcli set main vyos_announce_host true sudo fcli set main vyos_announce_host_blackhole true sudo fcli set main vyos_api_urls https://:VyOS-super-secret-key@192.168.1.132 sudo fcli commit
Please note that we support only blackhole mode, and vyos_announce_host_blackhole must be set at all times. In future, we will add the capability to add regular routes. You can specify multiple VyOS servers in the configuration.
To test that integration works correctly, we recommend manually blocking and then unblocking some test host:
sudo fcli set blackhole 1.2.3.4
Then check the list of blocked hosts and get UUID of it:
sudo fcli show blackhole
To unblock host, you need to use UUID from the previous command and issue the following command:
sudo fcli delete blackhole d9b1885f-6d9b-4167-9e3e-0a3198bacee9