Hi Piotr/all Waiting for you inputs :-)
With regards KIngs On Tue, May 10, 2011 at 4:58 PM, Kingsley Charles < [email protected]> wrote: > Hi Piotr > > I labbed it out many times and observed the following: > > With the above given case which has one router in between, "neighbor > X.X.X.X ttl-security hops 2" is required or "neighbor X.X.X.X > ebgp-multihop 2" > > With the same setup, if I use loopback interfaces as source address, it > requires "neighbor X.X.X.X ttl-security hops 2" is required or "neighbor > X.X.X.X ebgp-multihop 2". Even when we use loopback interface, the hops is > same as the loopback is still on the same router. Hence hops 2 is also > required here. > > Earlier my understanding was that the TTL is decremented after routing > process when the packets lands the "Forwarding Interface". If the TTL is > "0", the ICMP time exceeded is sent back where the ingress interface's IP > address is used as the source address for the ICMP packet. > > Said with this, BGP seems to be specially handled by IOS where it > decrements TTL though it is going to control plane and not to any forwarding > Interface. > > > > > With regards > Kings > > > On Tue, May 10, 2011 at 4:40 PM, Piotr Matusiak <[email protected]> wrote: > >> Hi Kings, >> >> The TTL is decreased by 1 on every routed hop. If it is decreased on >> inside interface that would mean the R3 sees 253. I think the R3 will see >> 254 - assuming you're not using loopbacks. >> >> Regards, >> Piotr >> >> 2011/5/10 Kingsley Charles <[email protected]> >> >>> Hi all >>> >>> When a router receives a packet, will the TTL be decremented on the >>> ingress interface or egress interfaces while exiting? I am raising this >>> question due to the following case. >>> >>> >>> R1 ---------- R2 ------------- R3 >>> >>> >>> >>> R1 and R3 are EBGP peers and we should configure hops as "2" with BGP ttl >>> security as following: >>> >>> neighbor X.X.X.X ttl-security hops 2 >>> >>> Here R2 is the only router in between which reduces the TTL. If hops is >>> "2", the received TTL should be either 253 or above. Hence, it means the TTL >>> is decremented on the ingress interface right? >>> >>> With regards >>> Kings >>> >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please >>> visit www.ipexpert.com >>> >>> Are you a CCNP or CCIE and looking for a job? Check out >>> www.PlatinumPlacement.com >>> >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
