Before starting with this guide you need to establish BGP peering session between FastNetMon and your network equipment using this guide.
For this manual you need to know community number used for Blackhole (RFC 7999) at router side
Enable announces about attacked host:
sudo fcli set main gobgp_announce_host enable
Then specify blackhole communities used in your network (I personally encourage you to use recommended by RFC 7999 number, 666). Please use only 16 bit ASN numbers (< 65535) for communities here:
sudo fcli set main gobgp_communities_host_ipv4 65001:666 sudo fcli set main gobgp_communities_host_ipv4 65001:667
You can specify custom next hop for announce this way:
sudo fcli set main gobgp_next_hop 10.10.10.1 sudo fcli commit
After this it’s nice to check that we could announce IP’s correctly. We could ban some test IP for it
sudo fcli set blackhole 18.104.22.168
You can check all active outgoing announces this way:
gobgp global rib -a ipv4
You could check status for all neighbors this way
You can check peering session status this way:
gobgp neigh 22.214.171.124
In addition to per host announces FastNetMon can announce network which includes host under attack.