Hi Piotr I labbed it out many times and observed the following:
With the above given case which has one router in between, "neighbor X.X.X.X ttl-security hops 2" is required or "neighbor X.X.X.X ebgp-multihop 2" With the same setup, if I use loopback interfaces as source address, it requires "neighbor X.X.X.X ttl-security hops 2" is required or "neighbor X.X.X.X ebgp-multihop 2". Even when we use loopback interface, the hops is same as the loopback is still on the same router. Hence hops 2 is also required here. Earlier my understanding was that the TTL is decremented after routing process when the packets lands the "Forwarding Interface". If the TTL is "0", the ICMP time exceeded is sent back where the ingress interface's IP address is used as the source address for the ICMP packet. Said with this, BGP seems to be specially handled by IOS where it decrements TTL though it is going to control plane and not to any forwarding Interface. With regards Kings On Tue, May 10, 2011 at 4:40 PM, Piotr Matusiak <[email protected]> wrote: > Hi Kings, > > The TTL is decreased by 1 on every routed hop. If it is decreased on inside > interface that would mean the R3 sees 253. I think the R3 will see 254 - > assuming you're not using loopbacks. > > Regards, > Piotr > > 2011/5/10 Kingsley Charles <[email protected]> > >> Hi all >> >> When a router receives a packet, will the TTL be decremented on the >> ingress interface or egress interfaces while exiting? I am raising this >> question due to the following case. >> >> >> R1 ---------- R2 ------------- R3 >> >> >> >> R1 and R3 are EBGP peers and we should configure hops as "2" with BGP ttl >> security as following: >> >> neighbor X.X.X.X ttl-security hops 2 >> >> Here R2 is the only router in between which reduces the TTL. If hops is >> "2", the received TTL should be either 253 or above. Hence, it means the TTL >> is decremented on the ingress interface right? >> >> With regards >> Kings >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
