These inbound policies modify the next-hop of specifically marked BGP network layer reach-ability information (NLRIs) to point to the chosen black hole next-hop. We use BGP community or extended-community attributes to identify NLRIs that need to be black holed (ones whose next-hops have to be modified). The community values that are chosen should be reserved for this purpose within the provider network.
In the following example, a community of 666:0 is chosen for identifying blackhole routes. The next-hop of BGP NLRIs with that community attribute is modified to use the blackhole next-hop.
R3.1 # edit policy BH_policy_NH entry bh-nhset { if match any { community 666:0; nlri any/32 ; } then { next-hop 192.168.2.66 ; permit ; } } entry bh-default { if match any { } then { permit ; } }