|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability)
> Couldn't we use 2 /30 subnets on PtP links? 1 /30 with real IPs for > ICMP, MTU, reachability etc. and one RFC1918 /30 as secondary for eBGP > sessions. I know when a router originates a packet (like with BGP) it > sets the source IP to the IP of the interface the packet leaves. Is > BGP smart enough when setting up BGP neighbors to use an IP in the same > subnet as the neighbor (the secondary interface IP)? in IOS bgp will bind source ip that is relevant to the subnet it is being peered with, even if it is a secondary ip. i am not sure if it binds the ip to primary ip for the first time, then fall back to secondary ip as primary fails though.. all i know is that when i've tried it by putting a bogus ip as primary, bgp session did turn up, but took a little longer than usual.. didn't investigate any further however. -J -- James Jun TowardEX Technologies, Inc. Technical Lead Network Design, Consulting, IT Outsourcing [email protected] Boston-based Colocation & Bandwidth Services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
|