Do to two routers involved support ttl-security? If so you can use that, true it isn't the exact same as setting the TTL but the end result is the same in that "the iBGP session to succeed only if there is direct adjacency between my routers" will be the case.
Daniel On Tue, Jul 7, 2015 at 3:11 AM, Timo Teras <[email protected]> wrote: > Hi, > > I'm wondering a way to set TTL for iBGP sessions, but this seems not > possible. Apparently it's not possible in Cisco either; but e.g. BIRD > and possibly other implementations allow it. > > Seems "ebgp-multiphop [ttl]" is clone from Cisco and works on eBGP > only. It seems to also change few other implementation details on how > the connection is handled. > > And we do have "ttl-security hops [ttl]", but it's not exactly the same > thing. It requires both sides to have the option set, as TTL=255 is > expected (and e.g. Linux defaults to different ttl by default). > > For my use case, ttl=1 would be preferred since I want the iBGP session > to succeed only if there is direct adjacency between my routers. So I'm > wondering how the configuration should look like. I'd also preferably > want to use the same config option regardless if it's ebgp or ibgp. > > So I'm wondering if it'd make sense to make 'ebgp-multihop' work also > for ibgp, or just add a third 'ttl' option. Not sure which makes more > sense having three similar options, or two options and having the > option do more than usual. One more alternative would be to introduce > 'ibgp-multihop'; but then it's different command depending if it's ibgp > or ebgp. > > And finally, is there any patches somewhere that would do any of the > above? > > Thanks, > Timo > > _______________________________________________ > Quagga-dev mailing list > [email protected] > https://lists.quagga.net/mailman/listinfo/quagga-dev >
_______________________________________________ Quagga-dev mailing list [email protected] https://lists.quagga.net/mailman/listinfo/quagga-dev
