LOL. I know how you feel. I just cannot seem to recreate the issue... On Fri, Jul 10, 2009 at 4:13 PM, jmangawang <[email protected]> wrote:
> I just can't seem to let go of things. I got the same pod, 109, this > evening and retried the scenario, and sure enough it didn't work. All > I can say is that the version on R1 of the pod is an earlier 12.4(3a) > release. > > Ok, I'm dropping it for real now... > > On Fri, Jul 10, 2009 at 12:23 PM, jmangawang<[email protected]> wrote: > > Aargh! Ok, so I just set this up on Dynagen, using two 2691s running > > 12.4(23) and, of course, it works. Then I copy/pasted the configs for > > R1 and BB1 from the actual lab (with modifications for the > > interfaces), and it worked, too. > > > > I also learned something about how ebgp-multihop and ttl-security > > work, and they are inversely related to each other. ebgp-multihop > > sets outgoing packet's TTL to the value specified, ie. ebgp-multihop > > 2, sets the TTL to 2. On the flip side, ttl-security receives packets > > whose TTL is 255 minus the set value, ie. ttl-security hops 2 expects > > the TTL on the incoming packet to be 253 (255 - 2). So, if you have > > eBGP configured and you initially started out both sides with > > ebgp-multihop 2, then later changed one of them to TTL-security, your > > BGP session would never come up. The solution would be to set > > ebgp-mulithop to 255, or just use ttl-security on both sides. > > > > I better get one of these on the real lab... :) > > > -- Bryan Bartik CCIE #23707 (R&S), CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
