North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP TTL check in 12.3(7)T
On Thu, Apr 08, 2004 at 11:30:38AM +0200, Hank Nussbacher wrote: > > <http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/prod_bulletin09186a00801abfda.html#wp55584> > > From Dave Meyer's NANOG 27 presentation: > http://www.nanog.org/mtg-0302/hack.html > > Not bad - Feb 2003 till April 2004 to code, test and implement a change > driven by NANOG :-) > > Interesting that it is listed under the Routing enhancements and not under > the Security enhancements of 12.3(7)T. The TTL mechanism is just a way to distinguish at low cost between good for_us traffic and junk. So more of a classifer than a security layer, though it can be argued both ways. And even though it does have security in the title, it is _not_ a panacea for "securing" bgp or any routing information. http://www.faqs.org/rfcs/rfc3682.html /vijay /vijay
|