North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: BGP TTL Security
On Feb 14, 2008, at 11:28 AM, Ben Butler wrote:
Not for sure, but I'd have to speculate that if this is only working for you with 'ttl-security hops >= 192' perhaps your peer is setting the TTL in it's packet to 64? I believe that's the default TTL for Linux, Foundry and a couple others. Juniper's default TTL is 1 eBGP (though configurable), and 64 for iBGP, multihop, etc. IIRC.
In order to implement this effectively the peer would need to be setting the transmitted TTL to 255.
And my apologies if my previous message seemed a bit negative, that was certainly not my intention.