Re: BGP TTL check in 12.3(7)T

North American Network Operators Group

Re: BGP TTL check in 12.3(7)T

From: vijay gill
Date: Thu Apr 08 10:43:52 2004

On Thu, Apr 08, 2004 at 11:30:38AM +0200, Hank Nussbacher wrote:
> 
> <http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/prod_bulletin09186a00801abfda.html#wp55584>
> 
> From Dave Meyer's NANOG 27 presentation:
> http://www.nanog.org/mtg-0302/hack.html
> 
> Not bad - Feb 2003 till April 2004 to code, test and implement a change 
> driven by NANOG :-)
> 
> Interesting that it is listed under the Routing enhancements and not under 
> the Security enhancements of 12.3(7)T.

The TTL mechanism is just a way to distinguish at low cost between
good for_us traffic and junk. So more of a classifer than a security
layer, though it can be argued both ways.  And even though it
does have security in the title, it is _not_ a panacea for "securing"
bgp or any routing information.

http://www.faqs.org/rfcs/rfc3682.html

/vijay

/vijay

Follow-Ups:
- Re: BGP TTL check in 12.3(7)T David Meyer
- RE: BGP TTL check in 12.3(7)T Blaine Christian

References:
- BGP TTL check in 12.3(7)T Hank Nussbacher

Prev by Date: Re: BGP TTL check in 12.3(7)T
Next by Date: RE: BGP TTL check in 12.3(7)T
Date Index
Thread Index
Author Index
Historical