I will give an example of setting up blackhole routes in Netplan.
For example, I often specify a subnet of white IP addresses for NAT in bird, quagga, cisco, etc. as one blackhole route (null), so as not to assign hundreds of IP addresses to the device.
If you need to temporarily add/remove a blackhole route in Linux, you can run the command:
ip route add blackhole 10.20.30.128/25 ip route del blackhole 10.20.30.128/25
Let’s assume the following standard settings in the Netplan configuration:
network: ethernets: enp0s3: dhcp4: true version: 2
Now let’s add the lo interface settings and blackhole route:
network: ethernets: enp0s3: dhcp4: true lo: match: name: lo addresses: [ 127.0.0.2/32 ] routes: # ixnfo.com - to: 10.20.30.128/25 via: 0.0.0.0 metric: 240 type: blackhole version: 2
Let’s apply the changes:
netplan try netplan apply
Let’s look at the current routes:
ip route netstat -rn ip route | grep 'blackhole'
blackhole 10.20.30.128/25 proto static metric 240
You can add an unreachable route in a similar way:
routes: - to: 10.10.10.0/24 via: 0.0.0.0 metric: 240 type: unreachable